Lucene search
Copyright (C) 2013 Greenbone AGOPENVAS:1361412562310702709HistoryJun 16, 2013 - 12:00 a.m.
Debian: Security Advisory (DSA-2709-1)
2013-06-1600:00:00
Copyright (C) 2013 Greenbone AG
plugins.openvas.org
5
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
6.8 Medium
AI Score
Confidence
Low
0.061 Low
EPSS
Percentile
93.6%
The remote host is missing an update for the Debian
# SPDX-FileCopyrightText: 2013 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.702709");
script_cve_id("CVE-2013-4074", "CVE-2013-4075", "CVE-2013-4076", "CVE-2013-4077", "CVE-2013-4078", "CVE-2013-4081", "CVE-2013-4082", "CVE-2013-4083");
script_tag(name:"creation_date", value:"2013-06-16 22:00:00 +0000 (Sun, 16 Jun 2013)");
script_version("2024-02-01T14:37:10+0000");
script_tag(name:"last_modification", value:"2024-02-01 14:37:10 +0000 (Thu, 01 Feb 2024)");
script_tag(name:"cvss_base", value:"5.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_name("Debian: Security Advisory (DSA-2709-1)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2013 Greenbone AG");
script_family("Debian Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages", re:"ssh/login/release=DEB7");
script_xref(name:"Advisory-ID", value:"DSA-2709-1");
script_xref(name:"URL", value:"https://www.debian.org/security/2013/DSA-2709-1");
script_xref(name:"URL", value:"https://security-tracker.debian.org/tracker/DSA-2709");
script_tag(name:"summary", value:"The remote host is missing an update for the Debian 'wireshark' package(s) announced via the DSA-2709-1 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"Multiple vulnerabilities were discovered in the dissectors for CAPWAP, GMR-1 BCCH, PPP, NBAP, RDP, HTTP, DCP ETSI and in the Ixia IxVeriWave file parser, which could result in denial of service or the execution of arbitrary code.
For the stable distribution (wheezy), these problems have been fixed in version 1.8.2-5wheezy4.
For the unstable distribution (sid), these problems will be fixed soon.
We recommend that you upgrade your wireshark packages.");
script_tag(name:"affected", value:"'wireshark' package(s) on Debian 7.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
release = dpkg_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "DEB7") {
if(!isnull(res = isdpkgvuln(pkg:"libwireshark-data", ver:"1.8.2-5wheezy4", rls:"DEB7"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libwireshark-dev", ver:"1.8.2-5wheezy4", rls:"DEB7"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libwireshark2", ver:"1.8.2-5wheezy4", rls:"DEB7"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libwiretap-dev", ver:"1.8.2-5wheezy4", rls:"DEB7"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libwiretap2", ver:"1.8.2-5wheezy4", rls:"DEB7"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libwsutil-dev", ver:"1.8.2-5wheezy4", rls:"DEB7"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libwsutil2", ver:"1.8.2-5wheezy4", rls:"DEB7"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"tshark", ver:"1.8.2-5wheezy4", rls:"DEB7"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"wireshark", ver:"1.8.2-5wheezy4", rls:"DEB7"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"wireshark-common", ver:"1.8.2-5wheezy4", rls:"DEB7"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"wireshark-dbg", ver:"1.8.2-5wheezy4", rls:"DEB7"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"wireshark-dev", ver:"1.8.2-5wheezy4", rls:"DEB7"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"wireshark-doc", ver:"1.8.2-5wheezy4", rls:"DEB7"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Related
nessus
nessus
Debian DSA-2709-1 : wireshark - several vulnerabilities
2013-06-18 00:00:00
Wireshark 1.8.x < 1.8.8 Multiple Vulnerabilities
2013-06-14 00:00:00
Wireshark 1.6.x < 1.6.16 Multiple Vulnerabilities (macOS)
2023-05-26 00:00:00
debian
debian
[SECURITY] [DSA 2709-1] wireshark security update
2013-06-17 16:52:21
openvas
openvas
Debian Security Advisory DSA 2709-1 (wireshark - several vulnerabilities)
2013-06-17 00:00:00
Mageia: Security Advisory (MGASA-2013-0181)
2022-01-28 00:00:00
Wireshark Multiple Vulnerabilities - June 13 (Mac OS X)
2013-05-28 00:00:00
mageia
mageia
Updated wireshark packages fix multiple security vulnerabilities
2013-06-26 22:08:11
Updated wireshark packages fix multiple security vulverabilities
2013-06-26 22:07:40
securityvulns
securityvulns
[ MDVSA-2013:172 ] wireshark
2013-06-17 00:00:00
Wireshark multiple security vulnerabilities
2013-06-17 00:00:00
f5
f5
K15868 : Multiple Wireshark vulnerabilities
2015-04-29 00:00:00
SOL15868 - Multiple Wireshark vulnerabilities
2014-11-27 00:00:00
cve
cve
debiancve
debiancve
cvelist
cvelist
prion
prion
Heap overflow
2013-06-09 21:55:00
Design/Logic Flaw
2013-06-09 21:55:00
Input validation
2013-06-09 21:55:00
ubuntucve
ubuntucve
nvd
nvd
zdt
zdt
Wireshark CAPWAP Dissector - Denial of Service (msf)
2014-06-01 00:00:00
packetstorm
packetstorm
Wireshark CAPWAP Dissector Denial Of Service
2014-05-30 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:16:36
Denial Of Service (DoS)
2019-05-02 05:02:01
Denial Of Service (DoS)
2019-05-02 05:02:02
kaspersky
kaspersky
KLA10587 Denial of service vulnerability in Wireshark
2013-06-07 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: wireshark-1.10.2-4.fc18
2013-12-19 07:14:40
[SECURITY] Fedora 19 Update: wireshark-1.10.2-6.fc19
2013-09-28 00:16:37
[SECURITY] Fedora 20 Update: wireshark-1.10.2-7.fc20
2013-10-03 01:07:39
amazon
amazon
Medium: wireshark
2017-04-04 12:00:00
Medium: wireshark
2013-12-02 20:29:00
centos
centos
wireshark security update
2017-03-24 15:46:57
wireshark security update
2014-03-31 17:51:37
wireshark security update
2013-11-26 13:33:12
redhat
redhat
(RHSA-2017:0631) Moderate: wireshark security and bug fix update
2017-03-21 06:17:44
(RHSA-2014:0341) Moderate: wireshark security update
2014-03-31 00:00:00
oraclelinux
oraclelinux
wireshark security and bug fix update
2017-03-27 00:00:00
wireshark security update
2014-03-31 00:00:00
wireshark security, bug fix, and enhancement update
2013-11-25 00:00:00
gentoo
gentoo
Wireshark: Multiple vulnerabilities
2013-08-28 00:00:00
ibm
ibm
kitploit
kitploit
Radamsa - A General-Purpose Fuzzer
2024-03-25 11:30:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
6.8 Medium
AI Score
Confidence
Low
0.061 Low
EPSS
Percentile
93.6%
Related for OPENVAS:1361412562310702709