Lucene search
This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.WIRESHARK_2_6_4.NASLHistoryOct 18, 2018 - 12:00 a.m.
Wireshark 2.6.x < 2.6.4 Multiple Vulnerabilities
2018-10-1800:00:00
This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
15
The version of Wireshark installed on the remote Windows host is 2.6.x prior to 2.6.4. It is, therefore, affected by multiple vulnerabilities.
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(118207);
script_version("1.4");
script_cvs_date("Date: 2019/11/01");
script_cve_id(
"CVE-2018-12086",
"CVE-2018-18225",
"CVE-2018-18226",
"CVE-2018-18227"
);
script_bugtraq_id(105538, 105583);
script_name(english:"Wireshark 2.6.x < 2.6.4 Multiple Vulnerabilities");
script_summary(english:"Checks the version of Wireshark.");
script_set_attribute(attribute:"synopsis", value:
"An application installed on the remote Windows host is affected by
multiple vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The version of Wireshark installed on the remote Windows host is
2.6.x prior to 2.6.4. It is, therefore, affected by multiple
vulnerabilities.");
script_set_attribute(attribute:"see_also", value:"https://www.wireshark.org/docs/relnotes/wireshark-2.6.4.html");
script_set_attribute(attribute:"see_also", value:"https://www.wireshark.org/security/wnpa-sec-2018-47.html");
script_set_attribute(attribute:"see_also", value:"https://www.wireshark.org/security/wnpa-sec-2018-48.html");
script_set_attribute(attribute:"see_also", value:"https://www.wireshark.org/security/wnpa-sec-2018-49.html");
script_set_attribute(attribute:"see_also", value:"https://www.wireshark.org/security/wnpa-sec-2018-50.html");
script_set_attribute(attribute:"solution", value:
"Upgrade to Wireshark version 2.6.4 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-18226");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"vuln_publication_date", value:"2018/10/11");
script_set_attribute(attribute:"patch_publication_date", value:"2018/10/11");
script_set_attribute(attribute:"plugin_publication_date", value:"2018/10/18");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:wireshark:wireshark");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows");
script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("wireshark_installed.nasl");
script_require_keys("installed_sw/Wireshark", "SMB/Registry/Enumerated");
exit(0);
}
include("vcf.inc");
get_kb_item_or_exit("SMB/Registry/Enumerated");
app_info = vcf::get_app_info(app:"Wireshark", win_local:TRUE);
constraints = [
{ "min_version" : "2.6.0", "fixed_version" : "2.6.4" }
];
vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12086
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18225
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18226
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18227
www.wireshark.org/docs/relnotes/wireshark-2.6.4.html
www.wireshark.org/security/wnpa-sec-2018-47.html
www.wireshark.org/security/wnpa-sec-2018-48.html
www.wireshark.org/security/wnpa-sec-2018-49.html
www.wireshark.org/security/wnpa-sec-2018-50.html
Related
kaspersky
kaspersky
KLA11337 Multiple DoS vulnerabilities in Wireshark
2018-10-10 00:00:00
archlinux
archlinux
[ASA-201810-9] wireshark-cli: multiple issues
2018-10-12 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package wireshark version 2.6.4-alt1
2018-10-13 00:00:00
nessus
nessus
Wireshark 2.4.x < 2.4.10 / 2.6.x < 2.6.4 Multiple Vulnerabilities (macOS)
2019-01-22 00:00:00
Fedora 28 : 1:wireshark (2018-89413a04e0)
2019-01-03 00:00:00
openSUSE Security Update : wireshark (openSUSE-2018-1238)
2018-10-24 00:00:00
openvas
openvas
Wireshark Steam IHS Discovery/CoAP Dissector DoS Vulnerabilities (Mac OS X)
2018-10-15 00:00:00
Wireshark Steam IHS Discovery/CoAP Dissector DoS Vulnerabilities (Windows)
2018-10-15 00:00:00
openSUSE: Security Advisory for wireshark (openSUSE-SU-2018:3368-1)
2018-10-26 00:00:00
suse
suse
Security update for wireshark (important)
2018-10-24 03:15:41
Security update for wireshark (moderate)
2020-03-19 00:00:00
debian
debian
[SECURITY] [DSA 4359-1] wireshark security update
2018-12-27 14:56:59
debiancve
debiancve
osv
osv
wireshark - security update
2018-12-27 00:00:00
CVE-2018-18225
2018-10-12 06:29:00
CVE-2018-18226
2018-10-12 06:29:01
cve
cve
prion
prion
Design/Logic Flaw
2018-10-12 06:29:00
Input validation
2018-10-12 06:29:00
Design/Logic Flaw
2018-10-12 06:29:00
redhatcve
redhatcve
alpinelinux
alpinelinux
ubuntucve
ubuntucve
github
github
High severity vulnerability that affects OPCFoundation.NetStandard.Opc.Ua
2018-10-16 19:51:31
fedora
fedora
[SECURITY] Fedora 28 Update: wireshark-2.6.4-1.fc28
2018-11-28 02:46:18
ibm
ibm
Security Bulletin: Vyatta 5600 vRouter Software Patches - Release 1801-v
2019-04-18 16:40:01
oracle
oracle
Oracle Critical Patch Update Advisory - April 2020
2020-04-14 00:00:00
Related for WIRESHARK_2_6_4.NASL