Debian LTS: Security Advisory for wireshark (DLA-1634-1)
2019-01-16T00:00:00
ID OPENVAS:1361412562310891634 Type openvas Reporter Copyright (C) 2019 Greenbone Networks GmbH http://greenbone.net Modified 2020-01-29T00:00:00
Description
Several issues in wireshark, a tool that captures and analyzes packets
off the wire, have been found by different people.
These are basically issues with length checks or invalid memory access in
different dissectors. This could result in infinite loops or crashes by
malicious packets.
# Copyright (C) 2019 Greenbone Networks GmbH
# Text descriptions are largely excerpted from the referenced
# advisory, and are Copyright (C) of the respective author(s)
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.891634");
script_version("2020-01-29T08:22:52+0000");
script_cve_id("CVE-2017-11406", "CVE-2017-11407", "CVE-2017-11409", "CVE-2017-13765", "CVE-2017-15191",
"CVE-2017-17935", "CVE-2017-17997", "CVE-2017-7700", "CVE-2017-7703", "CVE-2017-7746",
"CVE-2017-7747", "CVE-2017-9766", "CVE-2018-11356", "CVE-2018-11357", "CVE-2018-11359",
"CVE-2018-16057", "CVE-2018-16058", "CVE-2018-19622", "CVE-2018-19623", "CVE-2018-19624",
"CVE-2018-19625", "CVE-2018-19626", "CVE-2018-7322", "CVE-2018-7323", "CVE-2018-7324",
"CVE-2018-7325", "CVE-2018-7331", "CVE-2018-7336", "CVE-2018-7417", "CVE-2018-7418",
"CVE-2018-7420", "CVE-2018-9256", "CVE-2018-9259", "CVE-2018-9260", "CVE-2018-9262",
"CVE-2018-9263", "CVE-2018-9265", "CVE-2018-9267", "CVE-2018-9268", "CVE-2018-9269",
"CVE-2018-9270");
script_name("Debian LTS: Security Advisory for wireshark (DLA-1634-1)");
script_tag(name:"last_modification", value:"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)");
script_tag(name:"creation_date", value:"2019-01-16 00:00:00 +0100 (Wed, 16 Jan 2019)");
script_tag(name:"cvss_base", value:"7.8");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
script_xref(name:"URL", value:"https://lists.debian.org/debian-lts-announce/2019/01/msg00010.html");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2019 Greenbone Networks GmbH http://greenbone.net");
script_family("Debian Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages", re:"ssh/login/release=DEB8");
script_tag(name:"affected", value:"wireshark on Debian Linux");
script_tag(name:"solution", value:"For Debian 8 'Jessie', these problems have been fixed in version
1.12.1+g01b65bf-4+deb8u16.
We recommend that you upgrade your wireshark packages.");
script_tag(name:"summary", value:"Several issues in wireshark, a tool that captures and analyzes packets
off the wire, have been found by different people.
These are basically issues with length checks or invalid memory access in
different dissectors. This could result in infinite loops or crashes by
malicious packets.");
script_tag(name:"vuldetect", value:"This check tests the installed software version using the apt package manager.");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
res = "";
report = "";
if(!isnull(res = isdpkgvuln(pkg:"libwireshark-data", ver:"1.12.1+g01b65bf-4+deb8u16", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libwireshark-dev", ver:"1.12.1+g01b65bf-4+deb8u16", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libwireshark5", ver:"1.12.1+g01b65bf-4+deb8u16", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libwiretap-dev", ver:"1.12.1+g01b65bf-4+deb8u16", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libwiretap4", ver:"1.12.1+g01b65bf-4+deb8u16", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libwsutil-dev", ver:"1.12.1+g01b65bf-4+deb8u16", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libwsutil4", ver:"1.12.1+g01b65bf-4+deb8u16", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"tshark", ver:"1.12.1+g01b65bf-4+deb8u16", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"wireshark", ver:"1.12.1+g01b65bf-4+deb8u16", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"wireshark-common", ver:"1.12.1+g01b65bf-4+deb8u16", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"wireshark-dbg", ver:"1.12.1+g01b65bf-4+deb8u16", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"wireshark-dev", ver:"1.12.1+g01b65bf-4+deb8u16", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"wireshark-doc", ver:"1.12.1+g01b65bf-4+deb8u16", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"wireshark-qt", ver:"1.12.1+g01b65bf-4+deb8u16", rls:"DEB8"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if (__pkg_match) {
exit(99);
}
{"id": "OPENVAS:1361412562310891634", "bulletinFamily": "scanner", "title": "Debian LTS: Security Advisory for wireshark (DLA-1634-1)", "description": "Several issues in wireshark, a tool that captures and analyzes packets\noff the wire, have been found by different people.\nThese are basically issues with length checks or invalid memory access in\ndifferent dissectors. This could result in infinite loops or crashes by\nmalicious packets.", "published": "2019-01-16T00:00:00", "modified": "2020-01-29T00:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891634", "reporter": "Copyright (C) 2019 Greenbone Networks GmbH http://greenbone.net", "references": ["https://lists.debian.org/debian-lts-announce/2019/01/msg00010.html"], "cvelist": ["CVE-2017-11407", "CVE-2018-9268", "CVE-2018-7336", "CVE-2018-9259", "CVE-2018-19626", "CVE-2018-9265", "CVE-2018-11357", "CVE-2018-11359", "CVE-2018-7323", "CVE-2017-7747", "CVE-2018-19625", "CVE-2018-19622", "CVE-2018-7417", "CVE-2017-17935", "CVE-2018-9269", "CVE-2018-7418", "CVE-2018-9270", "CVE-2017-15191", "CVE-2017-7746", "CVE-2018-7420", "CVE-2018-16057", "CVE-2017-13765", "CVE-2018-9256", "CVE-2018-9260", "CVE-2018-9263", "CVE-2017-9766", "CVE-2018-7331", "CVE-2018-19623", "CVE-2018-19624", "CVE-2018-16058", "CVE-2017-11409", "CVE-2017-7703", "CVE-2018-11356", "CVE-2017-7700", "CVE-2018-9267", "CVE-2018-9262", "CVE-2017-11406", "CVE-2018-7322", "CVE-2018-7325", "CVE-2018-7324", "CVE-2017-17997"], "type": "openvas", "lastseen": "2020-01-29T19:29:04", "history": [{"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2017-11407", "CVE-2018-9268", "CVE-2018-7336", "CVE-2018-9259", "CVE-2018-19626", "CVE-2018-9265", "CVE-2018-11357", "CVE-2018-11359", "CVE-2018-7323", "CVE-2017-7747", "CVE-2018-19625", "CVE-2018-19622", "CVE-2018-7417", "CVE-2017-17935", "CVE-2018-9269", "CVE-2018-7418", "CVE-2018-9270", "CVE-2017-15191", "CVE-2017-7746", "CVE-2018-7420", "CVE-2018-16057", "CVE-2017-13765", "CVE-2018-9256", "CVE-2018-9260", "CVE-2018-9263", "CVE-2017-9766", "CVE-2018-7331", "CVE-2018-19623", "CVE-2018-19624", "CVE-2018-16058", "CVE-2017-11409", "CVE-2017-7703", "CVE-2018-11356", "CVE-2017-7700", "CVE-2018-9267", "CVE-2018-9262", "CVE-2017-11406", "CVE-2018-7322", "CVE-2018-7325", "CVE-2018-7324", "CVE-2017-17997"], "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "Several issues in wireshark, a tool that captures and analyzes packets\noff the wire, have been found by different people.\nThese are basically issues with length checks or invalid memory access in\ndifferent dissectors. This could result in infinite loops or crashes by\nmalicious packets.", "edition": 2, "enchantments": {"dependencies": {"modified": "2019-03-19T12:22:49", "references": [{"idList": ["DEBIAN:DLA-1353-1:A8A6D", "DEBIAN:DLA-1388-1:8C249", "DEBIAN:DLA-1634-1:9CB4F", "DEBIAN:DSA-4359-1:68CD3"], "type": "debian"}, {"idList": ["KLA11377"], "type": "kaspersky"}, {"idList": ["F5:K34035645", "F5:K02215905"], "type": "f5"}, {"idList": ["C5AB620F-4576-4AD5-B51F-93E4FEC9CD0E"], "type": "freebsd"}, {"idList": ["SUSE_SU-2018-0981-1.NASL", "OPENSUSE-2018-1620.NASL", "DEBIAN_DLA-1353.NASL", "MACOSX_WIRESHARK_2_4_11.NASL", "SUSE_SU-2018-4295-1.NASL", "WIRESHARK_2_4_11.NASL", "DEBIAN_DLA-1634.NASL", "OPENSUSE-2018-347.NASL", "SUSE_SU-2018-4298-1.NASL", "SUSE_SU-2018-0980-1.NASL"], "type": "nessus"}, {"idList": ["OPENSUSE-SU-2018:1428-1", "OPENSUSE-SU-2018:4307-1"], "type": "suse"}, {"idList": ["CVE-2017-11407", "CVE-2018-11357", "CVE-2018-11359", "CVE-2017-17935", "CVE-2017-7746", "CVE-2017-9766", "CVE-2018-19623", "CVE-2017-11409", "CVE-2018-11356", "CVE-2017-7700"], "type": "cve"}, {"idList": ["OPENVAS:1361412562310814514", "OPENVAS:1361412562310875672", "OPENVAS:1361412562310891388", "OPENVAS:1361412562310813067", "OPENVAS:1361412562310811002", "OPENVAS:1361412562310813066", "OPENVAS:1361412562310852219", "OPENVAS:1361412562310891353", "OPENVAS:1361412562310813374", "OPENVAS:1361412562310814515"], "type": "openvas"}]}, "score": {"modified": "2019-03-19T12:22:49", "value": 5.0, "vector": "NONE"}}, "hash": "57bb9c32ddf9ac55caf0bbc162739e130994144d05376f73d1780252def3ed59", "hashmap": [{"hash": "ed3111898fb94205e2b64cefef5a2081", "key": "cvss"}, {"hash": "4e75c888b72900cb069476c7555eaf5d", "key": "sourceData"}, {"hash": "a1b2296480f29f96c75d7625d2bcd207", "key": "published"}, {"hash": "b1f0ba737cc6920bb2b40ac4314e579d", "key": "href"}, {"hash": "d77fd71d4d5ac489e338eece95757829", "key": "reporter"}, {"hash": "f85209197e672e4c0b66fd0ebc463eee", "key": "description"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "ff1b2ce4fa539c93aaea30a825c0255c", "key": "modified"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "c5c4b06ec6a984b823f786057c921a07", "key": "cvelist"}, {"hash": "e5e13adff50f152745b54e88b413f135", "key": "pluginID"}, {"hash": "65dae1a8dfb559fc2dc0c352b009ac5d", "key": "title"}, {"hash": "20976282418f26a2e7bfda010bacd165", "key": "references"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891634", "id": "OPENVAS:1361412562310891634", "lastseen": "2019-03-19T12:22:49", "modified": "2019-03-18T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "1361412562310891634", "published": "2019-01-16T00:00:00", "references": ["https://lists.debian.org/debian-lts-announce/2019/01/msg00010.html"], "reporter": "Copyright (c) 2019 Greenbone Networks GmbH http://greenbone.net", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: deb_dla_1634.nasl 14282 2019-03-18 14:55:18Z cfischer $\n#\n# Auto-generated from advisory DLA 1634-1 using nvtgen 1.0\n# Script version: 1.1\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2019 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891634\");\n script_version(\"$Revision: 14282 $\");\n script_cve_id(\"CVE-2017-11406\", \"CVE-2017-11407\", \"CVE-2017-11409\", \"CVE-2017-13765\", \"CVE-2017-15191\",\n \"CVE-2017-17935\", \"CVE-2017-17997\", \"CVE-2017-7700\", \"CVE-2017-7703\", \"CVE-2017-7746\",\n \"CVE-2017-7747\", \"CVE-2017-9766\", \"CVE-2018-11356\", \"CVE-2018-11357\", \"CVE-2018-11359\",\n \"CVE-2018-16057\", \"CVE-2018-16058\", \"CVE-2018-19622\", \"CVE-2018-19623\", \"CVE-2018-19624\",\n \"CVE-2018-19625\", \"CVE-2018-19626\", \"CVE-2018-7322\", \"CVE-2018-7323\", \"CVE-2018-7324\",\n \"CVE-2018-7325\", \"CVE-2018-7331\", \"CVE-2018-7336\", \"CVE-2018-7417\", \"CVE-2018-7418\",\n \"CVE-2018-7420\", \"CVE-2018-9256\", \"CVE-2018-9259\", \"CVE-2018-9260\", \"CVE-2018-9262\",\n \"CVE-2018-9263\", \"CVE-2018-9265\", \"CVE-2018-9267\", \"CVE-2018-9268\", \"CVE-2018-9269\",\n \"CVE-2018-9270\");\n script_name(\"Debian LTS Advisory ([SECURITY] [DLA 1634-1] wireshark security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:55:18 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2019-01-16 00:00:00 +0100 (Wed, 16 Jan 2019)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2019/01/msg00010.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2019 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n script_tag(name:\"affected\", value:\"wireshark on Debian Linux\");\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n1.12.1+g01b65bf-4+deb8u16.\n\nWe recommend that you upgrade your wireshark packages.\");\n script_tag(name:\"summary\", value:\"Several issues in wireshark, a tool that captures and analyzes packets\noff the wire, have been found by different people.\nThese are basically issues with length checks or invalid memory access in\ndifferent dissectors. This could result in infinite loops or crashes by\nmalicious packets.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libwireshark-data\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libwireshark-dev\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libwireshark5\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libwiretap-dev\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libwiretap4\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libwsutil-dev\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libwsutil4\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tshark\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"wireshark\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"wireshark-common\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"wireshark-dbg\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"wireshark-dev\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"wireshark-doc\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"wireshark-qt\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "title": "Debian LTS Advisory ([SECURITY] [DLA 1634-1] wireshark security update)", "type": "openvas", "viewCount": 0}, "differentElements": ["cvss"], "edition": 2, "lastseen": "2019-03-19T12:22:49"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2017-11407", "CVE-2018-9268", "CVE-2018-7336", "CVE-2018-9259", "CVE-2018-19626", "CVE-2018-9265", "CVE-2018-11357", "CVE-2018-11359", "CVE-2018-7323", "CVE-2017-7747", "CVE-2018-19625", "CVE-2018-19622", "CVE-2018-7417", "CVE-2017-17935", "CVE-2018-9269", "CVE-2018-7418", "CVE-2018-9270", "CVE-2017-15191", "CVE-2017-7746", "CVE-2018-7420", "CVE-2018-16057", "CVE-2017-13765", "CVE-2018-9256", "CVE-2018-9260", "CVE-2018-9263", "CVE-2017-9766", "CVE-2018-7331", "CVE-2018-19623", "CVE-2018-19624", "CVE-2018-16058", "CVE-2017-11409", "CVE-2017-7703", "CVE-2018-11356", "CVE-2017-7700", "CVE-2018-9267", "CVE-2018-9262", "CVE-2017-11406", "CVE-2018-7322", "CVE-2018-7325", "CVE-2018-7324", "CVE-2017-17997"], "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "Several issues in wireshark, a tool that captures and analyzes packets \noff the wire, have been found by different people.\nThese are basically issues with length checks or invalid memory access in \ndifferent dissectors. This could result in infinite loops or crashes by \nmalicious packets.", "edition": 1, "enchantments": {"dependencies": {"modified": "2019-01-18T14:05:23", "references": [{"idList": ["CVE-2017-7747", "CVE-2018-19625", "CVE-2017-17935", "CVE-2017-7746", "CVE-2017-13765", "CVE-2018-11356", "CVE-2018-9267", "CVE-2017-11406", "CVE-2018-7325", "CVE-2017-17997"], "type": "cve"}, {"idList": ["DEBIAN:DLA-1353-1:A8A6D", "DEBIAN:DLA-1388-1:8C249", "DEBIAN:DLA-1634-1:9CB4F", "DEBIAN:DSA-4359-1:68CD3"], "type": "debian"}, {"idList": ["KLA11377"], "type": "kaspersky"}, {"idList": ["OPENVAS:1361412562310112242", "OPENVAS:1361412562310814514", "OPENVAS:1361412562310891388", "OPENVAS:1361412562310811001", "OPENVAS:1361412562310813067", "OPENVAS:1361412562310813066", "OPENVAS:1361412562310852219", "OPENVAS:1361412562310875367", "OPENVAS:1361412562310891353", "OPENVAS:1361412562310814515"], "type": "openvas"}, {"idList": ["F5:K34035645", "F5:K02215905"], "type": "f5"}, {"idList": ["C5AB620F-4576-4AD5-B51F-93E4FEC9CD0E"], "type": "freebsd"}, {"idList": ["OPENSUSE-2018-1620.NASL", "MACOS_WIRESHARK_2_4_6.NASL", "MACOSX_WIRESHARK_2_4_11.NASL", "SUSE_SU-2018-4295-1.NASL", "WIRESHARK_2_6_5.NASL", "WIRESHARK_2_4_11.NASL", "DEBIAN_DLA-1634.NASL", "OPENSUSE-2018-347.NASL", "SUSE_SU-2018-4298-1.NASL", "WIRESHARK_2_4_6.NASL"], "type": "nessus"}, {"idList": ["OPENSUSE-SU-2018:1428-1", "OPENSUSE-SU-2018:4307-1"], "type": "suse"}]}, "score": {"modified": "2019-01-18T14:05:23", "value": 6.3, "vector": "NONE"}}, "hash": "2393f7532cfa751e0a0545de7339e5be146edd7259748335e8f14afdcfe57809", "hashmap": [{"hash": "ed3111898fb94205e2b64cefef5a2081", "key": "cvss"}, {"hash": "0bbfa3f0c094ba8551c59ca19261e1b9", "key": "modified"}, {"hash": "a1b2296480f29f96c75d7625d2bcd207", "key": "published"}, {"hash": "b1f0ba737cc6920bb2b40ac4314e579d", "key": "href"}, {"hash": "d77fd71d4d5ac489e338eece95757829", "key": "reporter"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "c5c4b06ec6a984b823f786057c921a07", "key": "cvelist"}, {"hash": "e5e13adff50f152745b54e88b413f135", "key": "pluginID"}, {"hash": "e472edbeac41feb6304acac564871148", "key": "sourceData"}, {"hash": "eaf7c8887c6e9e3cc521afa61ed1f54a", "key": "description"}, {"hash": "65dae1a8dfb559fc2dc0c352b009ac5d", "key": "title"}, {"hash": "20976282418f26a2e7bfda010bacd165", "key": "references"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891634", "id": "OPENVAS:1361412562310891634", "lastseen": "2019-01-18T14:05:23", "modified": "2019-01-17T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "1361412562310891634", "published": "2019-01-16T00:00:00", "references": ["https://lists.debian.org/debian-lts-announce/2019/01/msg00010.html"], "reporter": "Copyright (c) 2019 Greenbone Networks GmbH http://greenbone.net", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: deb_dla_1634.nasl 13111 2019-01-17 07:49:10Z mmartin $\n#\n# Auto-generated from advisory DLA 1634-1 using nvtgen 1.0\n# Script version: 1.1\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2019 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891634\");\n script_version(\"$Revision: 13111 $\");\n script_cve_id(\"CVE-2017-11406\", \"CVE-2017-11407\", \"CVE-2017-11409\", \"CVE-2017-13765\", \"CVE-2017-15191\",\n \"CVE-2017-17935\", \"CVE-2017-17997\", \"CVE-2017-7700\", \"CVE-2017-7703\", \"CVE-2017-7746\",\n \"CVE-2017-7747\", \"CVE-2017-9766\", \"CVE-2018-11356\", \"CVE-2018-11357\", \"CVE-2018-11359\",\n \"CVE-2018-16057\", \"CVE-2018-16058\", \"CVE-2018-19622\", \"CVE-2018-19623\", \"CVE-2018-19624\",\n \"CVE-2018-19625\", \"CVE-2018-19626\", \"CVE-2018-7322\", \"CVE-2018-7323\", \"CVE-2018-7324\",\n \"CVE-2018-7325\", \"CVE-2018-7331\", \"CVE-2018-7336\", \"CVE-2018-7417\", \"CVE-2018-7418\",\n \"CVE-2018-7420\", \"CVE-2018-9256\", \"CVE-2018-9259\", \"CVE-2018-9260\", \"CVE-2018-9262\",\n \"CVE-2018-9263\", \"CVE-2018-9265\", \"CVE-2018-9267\", \"CVE-2018-9268\", \"CVE-2018-9269\",\n \"CVE-2018-9270\");\n script_name(\"Debian LTS Advisory ([SECURITY] [DLA 1634-1] wireshark security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-01-17 08:49:10 +0100 (Thu, 17 Jan 2019) $\");\n script_tag(name:\"creation_date\", value:\"2019-01-16 00:00:00 +0100 (Wed, 16 Jan 2019)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2019/01/msg00010.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2019 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\\.[0-9]+\");\n script_tag(name:\"affected\", value:\"wireshark on Debian Linux\");\n script_tag(name:\"insight\", value:\"Wireshark is a network 'sniffer' - a tool that captures and analyzes\npackets off the wire. Wireshark can decode too many protocols to list\nhere.\");\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n1.12.1+g01b65bf-4+deb8u16.\n\nWe recommend that you upgrade your wireshark packages.\");\n script_tag(name:\"summary\", value:\"Several issues in wireshark, a tool that captures and analyzes packets \noff the wire, have been found by different people.\nThese are basically issues with length checks or invalid memory access in \ndifferent dissectors. This could result in infinite loops or crashes by \nmalicious packets.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libwireshark-data\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls_regex:\"DEB8\\.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwireshark-dev\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls_regex:\"DEB8\\.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwireshark5\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls_regex:\"DEB8\\.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwiretap-dev\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls_regex:\"DEB8\\.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwiretap4\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls_regex:\"DEB8\\.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwsutil-dev\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls_regex:\"DEB8\\.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libwsutil4\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls_regex:\"DEB8\\.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tshark\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls_regex:\"DEB8\\.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls_regex:\"DEB8\\.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-common\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls_regex:\"DEB8\\.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-dbg\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls_regex:\"DEB8\\.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-dev\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls_regex:\"DEB8\\.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-doc\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls_regex:\"DEB8\\.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-qt\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls_regex:\"DEB8\\.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "title": "Debian LTS Advisory ([SECURITY] [DLA 1634-1] wireshark security update)", "type": "openvas", "viewCount": 0}, "differentElements": ["description", "modified", "sourceData"], "edition": 1, "lastseen": "2019-01-18T14:05:23"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2017-11407", "CVE-2018-9268", "CVE-2018-7336", "CVE-2018-9259", "CVE-2018-19626", "CVE-2018-9265", "CVE-2018-11357", "CVE-2018-11359", "CVE-2018-7323", "CVE-2017-7747", "CVE-2018-19625", "CVE-2018-19622", "CVE-2018-7417", "CVE-2017-17935", "CVE-2018-9269", "CVE-2018-7418", "CVE-2018-9270", "CVE-2017-15191", "CVE-2017-7746", "CVE-2018-7420", "CVE-2018-16057", "CVE-2017-13765", "CVE-2018-9256", "CVE-2018-9260", "CVE-2018-9263", "CVE-2017-9766", "CVE-2018-7331", "CVE-2018-19623", "CVE-2018-19624", "CVE-2018-16058", "CVE-2017-11409", "CVE-2017-7703", "CVE-2018-11356", "CVE-2017-7700", "CVE-2018-9267", "CVE-2018-9262", "CVE-2017-11406", "CVE-2018-7322", "CVE-2018-7325", "CVE-2018-7324", "CVE-2017-17997"], "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "description": "Several issues in wireshark, a tool that captures and analyzes packets\noff the wire, have been found by different people.\nThese are basically issues with length checks or invalid memory access in\ndifferent dissectors. This could result in infinite loops or crashes by\nmalicious packets.", "edition": 3, "enchantments": {"dependencies": {"modified": "2019-05-29T18:32:27", "references": [{"idList": ["CVE-2017-11407", "CVE-2018-9268", "CVE-2018-11357", "CVE-2018-19622", "CVE-2017-17935", "CVE-2017-7746", "CVE-2017-13765", "CVE-2018-19624", "CVE-2017-11409", "CVE-2017-17997"], "type": "cve"}, {"idList": ["DEBIAN:DLA-1353-1:A8A6D", "DEBIAN:DLA-1388-1:8C249", "DEBIAN:DLA-1634-1:9CB4F", "DEBIAN:DSA-4359-1:68CD3"], "type": "debian"}, {"idList": ["OPENVAS:1361412562310814514", "OPENVAS:1361412562310875672", "OPENVAS:1361412562310891388", "OPENVAS:1361412562310811001", "OPENVAS:1361412562310813067", "OPENVAS:1361412562310811002", "OPENVAS:1361412562310813066", "OPENVAS:1361412562310852219", "OPENVAS:1361412562310891353", "OPENVAS:1361412562310814515"], "type": "openvas"}, {"idList": ["KLA11377"], "type": "kaspersky"}, {"idList": ["SUSE_SU-2018-0981-1.NASL", "OPENSUSE-2018-1620.NASL", "OPENSUSE-2019-1045.NASL", "MACOSX_WIRESHARK_2_4_11.NASL", "SUSE_SU-2018-4295-1.NASL", "WIRESHARK_2_4_11.NASL", "DEBIAN_DLA-1634.NASL", "OPENSUSE-2018-347.NASL", "SUSE_SU-2018-4298-1.NASL", "SUSE_SU-2018-0980-1.NASL"], "type": "nessus"}, {"idList": ["F5:K34035645", "F5:K02215905"], "type": "f5"}, {"idList": ["C5AB620F-4576-4AD5-B51F-93E4FEC9CD0E"], "type": "freebsd"}, {"idList": ["OPENSUSE-SU-2018:1428-1", "OPENSUSE-SU-2018:4307-1"], "type": "suse"}]}, "score": {"modified": "2019-05-29T18:32:27", "value": 5.8, "vector": "NONE"}}, "hash": "4f3c2fcfebfe47e0d6b402ca1e9ceed2ee85fc04b00c58ca3fda25af7cb18c4d", "hashmap": [{"hash": "4e75c888b72900cb069476c7555eaf5d", "key": "sourceData"}, {"hash": "a1b2296480f29f96c75d7625d2bcd207", "key": "published"}, {"hash": "b1f0ba737cc6920bb2b40ac4314e579d", "key": "href"}, {"hash": "d77fd71d4d5ac489e338eece95757829", "key": "reporter"}, {"hash": "5a4bd22c495ccbe3aa9b54cab81d2473", "key": "cvss"}, {"hash": "f85209197e672e4c0b66fd0ebc463eee", "key": "description"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "ff1b2ce4fa539c93aaea30a825c0255c", "key": "modified"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "c5c4b06ec6a984b823f786057c921a07", "key": "cvelist"}, {"hash": "e5e13adff50f152745b54e88b413f135", "key": "pluginID"}, {"hash": "65dae1a8dfb559fc2dc0c352b009ac5d", "key": "title"}, {"hash": "20976282418f26a2e7bfda010bacd165", "key": "references"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891634", "id": "OPENVAS:1361412562310891634", "lastseen": "2019-05-29T18:32:27", "modified": "2019-03-18T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "1361412562310891634", "published": "2019-01-16T00:00:00", "references": ["https://lists.debian.org/debian-lts-announce/2019/01/msg00010.html"], "reporter": "Copyright (c) 2019 Greenbone Networks GmbH http://greenbone.net", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: deb_dla_1634.nasl 14282 2019-03-18 14:55:18Z cfischer $\n#\n# Auto-generated from advisory DLA 1634-1 using nvtgen 1.0\n# Script version: 1.1\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2019 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891634\");\n script_version(\"$Revision: 14282 $\");\n script_cve_id(\"CVE-2017-11406\", \"CVE-2017-11407\", \"CVE-2017-11409\", \"CVE-2017-13765\", \"CVE-2017-15191\",\n \"CVE-2017-17935\", \"CVE-2017-17997\", \"CVE-2017-7700\", \"CVE-2017-7703\", \"CVE-2017-7746\",\n \"CVE-2017-7747\", \"CVE-2017-9766\", \"CVE-2018-11356\", \"CVE-2018-11357\", \"CVE-2018-11359\",\n \"CVE-2018-16057\", \"CVE-2018-16058\", \"CVE-2018-19622\", \"CVE-2018-19623\", \"CVE-2018-19624\",\n \"CVE-2018-19625\", \"CVE-2018-19626\", \"CVE-2018-7322\", \"CVE-2018-7323\", \"CVE-2018-7324\",\n \"CVE-2018-7325\", \"CVE-2018-7331\", \"CVE-2018-7336\", \"CVE-2018-7417\", \"CVE-2018-7418\",\n \"CVE-2018-7420\", \"CVE-2018-9256\", \"CVE-2018-9259\", \"CVE-2018-9260\", \"CVE-2018-9262\",\n \"CVE-2018-9263\", \"CVE-2018-9265\", \"CVE-2018-9267\", \"CVE-2018-9268\", \"CVE-2018-9269\",\n \"CVE-2018-9270\");\n script_name(\"Debian LTS Advisory ([SECURITY] [DLA 1634-1] wireshark security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:55:18 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2019-01-16 00:00:00 +0100 (Wed, 16 Jan 2019)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2019/01/msg00010.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2019 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n script_tag(name:\"affected\", value:\"wireshark on Debian Linux\");\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n1.12.1+g01b65bf-4+deb8u16.\n\nWe recommend that you upgrade your wireshark packages.\");\n script_tag(name:\"summary\", value:\"Several issues in wireshark, a tool that captures and analyzes packets\noff the wire, have been found by different people.\nThese are basically issues with length checks or invalid memory access in\ndifferent dissectors. This could result in infinite loops or crashes by\nmalicious packets.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libwireshark-data\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libwireshark-dev\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libwireshark5\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libwiretap-dev\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libwiretap4\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libwsutil-dev\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libwsutil4\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tshark\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"wireshark\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"wireshark-common\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"wireshark-dbg\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"wireshark-dev\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"wireshark-doc\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"wireshark-qt\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "title": "Debian LTS Advisory ([SECURITY] [DLA 1634-1] wireshark security update)", "type": "openvas", "viewCount": 0}, "differentElements": ["reporter", "modified", "sourceData", "title"], "edition": 3, "lastseen": "2019-05-29T18:32:27"}], "edition": 4, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cvelist", "hash": "c5c4b06ec6a984b823f786057c921a07"}, {"key": "cvss", "hash": "5a4bd22c495ccbe3aa9b54cab81d2473"}, {"key": "description", "hash": "f85209197e672e4c0b66fd0ebc463eee"}, {"key": "href", "hash": "b1f0ba737cc6920bb2b40ac4314e579d"}, {"key": "modified", "hash": "fa4a2db8f47a1496572cea88af7ed8cf"}, {"key": "naslFamily", "hash": "74562d71b087df9eabd0c21f99b132cc"}, {"key": "pluginID", "hash": "e5e13adff50f152745b54e88b413f135"}, {"key": "published", "hash": "a1b2296480f29f96c75d7625d2bcd207"}, {"key": "references", "hash": "20976282418f26a2e7bfda010bacd165"}, {"key": "reporter", "hash": "1ead8af942ca48504612069011fcd28c"}, {"key": "sourceData", "hash": "961f7eec7ffa2aa515d548a5dd25f0af"}, {"key": "title", "hash": "1d48dec1528cd78a75ad9db737304162"}, {"key": "type", "hash": "47c1f692ea47a21f716dad07043ade01"}], "hash": "9888018f027081e42d4d180c6b8723caa629edfd187ad366f6692edfd63771fe", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "nessus", "idList": ["WIRESHARK_2_4_11.NASL", "SUSE_SU-2018-4295-1.NASL", "OPENSUSE-2019-1045.NASL", "DEBIAN_DLA-1634.NASL", "MACOSX_WIRESHARK_2_4_11.NASL", "OPENSUSE-2018-347.NASL", "WIRESHARK_2_4_6.NASL", "MACOS_WIRESHARK_2_4_6.NASL", "SUSE_SU-2018-4298-1.NASL", "OPENSUSE-2018-1620.NASL"]}, {"type": "debian", "idList": ["DEBIAN:DSA-4359-1:68CD3", "DEBIAN:DLA-1353-1:A8A6D", "DEBIAN:DLA-1634-1:9CB4F", "DEBIAN:DLA-1388-1:8C249"]}, {"type": "f5", "idList": ["F5:K02215905", "F5:K34035645"]}, {"type": "cve", "idList": ["CVE-2017-11409", "CVE-2018-19626", "CVE-2017-9766", "CVE-2018-9267", "CVE-2017-7700", "CVE-2017-7746", "CVE-2017-13765", "CVE-2017-11407", "CVE-2018-11357", "CVE-2017-15191"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2018:2587-1", "OPENSUSE-SU-2018:4307-1", "OPENSUSE-SU-2018:1428-1"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310814515", "OPENVAS:1361412562310852219", "OPENVAS:1361412562310891353", "OPENVAS:1361412562310813067", "OPENVAS:1361412562310814514", "OPENVAS:1361412562310891388", "OPENVAS:1361412562310811001", "OPENVAS:1361412562310875672", "OPENVAS:1361412562310813066", "OPENVAS:1361412562310112242"]}, {"type": "kaspersky", "idList": ["KLA11377"]}, {"type": "freebsd", "idList": ["C5AB620F-4576-4AD5-B51F-93E4FEC9CD0E"]}], "modified": "2020-01-29T19:29:04", "rev": 2}, "score": {"value": 5.7, "vector": "NONE", "modified": "2020-01-29T19:29:04", "rev": 2}, "vulnersScore": 5.7}, "objectVersion": "1.3", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891634\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2017-11406\", \"CVE-2017-11407\", \"CVE-2017-11409\", \"CVE-2017-13765\", \"CVE-2017-15191\",\n \"CVE-2017-17935\", \"CVE-2017-17997\", \"CVE-2017-7700\", \"CVE-2017-7703\", \"CVE-2017-7746\",\n \"CVE-2017-7747\", \"CVE-2017-9766\", \"CVE-2018-11356\", \"CVE-2018-11357\", \"CVE-2018-11359\",\n \"CVE-2018-16057\", \"CVE-2018-16058\", \"CVE-2018-19622\", \"CVE-2018-19623\", \"CVE-2018-19624\",\n \"CVE-2018-19625\", \"CVE-2018-19626\", \"CVE-2018-7322\", \"CVE-2018-7323\", \"CVE-2018-7324\",\n \"CVE-2018-7325\", \"CVE-2018-7331\", \"CVE-2018-7336\", \"CVE-2018-7417\", \"CVE-2018-7418\",\n \"CVE-2018-7420\", \"CVE-2018-9256\", \"CVE-2018-9259\", \"CVE-2018-9260\", \"CVE-2018-9262\",\n \"CVE-2018-9263\", \"CVE-2018-9265\", \"CVE-2018-9267\", \"CVE-2018-9268\", \"CVE-2018-9269\",\n \"CVE-2018-9270\");\n script_name(\"Debian LTS: Security Advisory for wireshark (DLA-1634-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-01-16 00:00:00 +0100 (Wed, 16 Jan 2019)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2019/01/msg00010.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_tag(name:\"affected\", value:\"wireshark on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n1.12.1+g01b65bf-4+deb8u16.\n\nWe recommend that you upgrade your wireshark packages.\");\n\n script_tag(name:\"summary\", value:\"Several issues in wireshark, a tool that captures and analyzes packets\noff the wire, have been found by different people.\nThese are basically issues with length checks or invalid memory access in\ndifferent dissectors. This could result in infinite loops or crashes by\nmalicious packets.\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libwireshark-data\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwireshark-dev\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwireshark5\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwiretap-dev\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwiretap4\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwsutil-dev\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwsutil4\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"tshark\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-common\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-dbg\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-dev\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-doc\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-qt\", ver:\"1.12.1+g01b65bf-4+deb8u16\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "naslFamily": "Debian Local Security Checks", "pluginID": "1361412562310891634", "scheme": null}
{"nessus": [{"lastseen": "2020-03-17T22:56:17", "bulletinFamily": "scanner", "description": "Several issues in wireshark, a tool that captures and analyzes packets\noff the wire, have been found by different people. These are basically\nissues with length checks or invalid memory access in different\ndissectors. This could result in infinite loops or crashes by\nmalicious packets.\n\nFor Debian 8 ", "modified": "2019-01-16T00:00:00", "id": "DEBIAN_DLA-1634.NASL", "href": "https://www.tenable.com/plugins/nessus/121193", "published": "2019-01-16T00:00:00", "title": "Debian DLA-1634-1 : wireshark security update", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1634-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121193);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/24\");\n\n script_cve_id(\"CVE-2017-11406\", \"CVE-2017-11407\", \"CVE-2017-11409\", \"CVE-2017-13765\", \"CVE-2017-15191\", \"CVE-2017-17935\", \"CVE-2017-17997\", \"CVE-2017-7700\", \"CVE-2017-7703\", \"CVE-2017-7746\", \"CVE-2017-7747\", \"CVE-2017-9766\", \"CVE-2018-11356\", \"CVE-2018-11357\", \"CVE-2018-11359\", \"CVE-2018-16057\", \"CVE-2018-16058\", \"CVE-2018-19622\", \"CVE-2018-19623\", \"CVE-2018-19624\", \"CVE-2018-19625\", \"CVE-2018-19626\", \"CVE-2018-7322\", \"CVE-2018-7323\", \"CVE-2018-7324\", \"CVE-2018-7325\", \"CVE-2018-7331\", \"CVE-2018-7336\", \"CVE-2018-7417\", \"CVE-2018-7418\", \"CVE-2018-7420\", \"CVE-2018-9256\", \"CVE-2018-9259\", \"CVE-2018-9260\", \"CVE-2018-9262\", \"CVE-2018-9263\", \"CVE-2018-9265\", \"CVE-2018-9267\", \"CVE-2018-9268\", \"CVE-2018-9269\", \"CVE-2018-9270\");\n\n script_name(english:\"Debian DLA-1634-1 : wireshark security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several issues in wireshark, a tool that captures and analyzes packets\noff the wire, have been found by different people. These are basically\nissues with length checks or invalid memory access in different\ndissectors. This could result in infinite loops or crashes by\nmalicious packets.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n1.12.1+g01b65bf-4+deb8u16.\n\nWe recommend that you upgrade your wireshark packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2019/01/msg00010.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/wireshark\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwireshark-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwireshark-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwireshark5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwiretap-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwiretap4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwsutil-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwsutil4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libwireshark-data\", reference:\"1.12.1+g01b65bf-4+deb8u16\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libwireshark-dev\", reference:\"1.12.1+g01b65bf-4+deb8u16\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libwireshark5\", reference:\"1.12.1+g01b65bf-4+deb8u16\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libwiretap-dev\", reference:\"1.12.1+g01b65bf-4+deb8u16\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libwiretap4\", reference:\"1.12.1+g01b65bf-4+deb8u16\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libwsutil-dev\", reference:\"1.12.1+g01b65bf-4+deb8u16\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libwsutil4\", reference:\"1.12.1+g01b65bf-4+deb8u16\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tshark\", reference:\"1.12.1+g01b65bf-4+deb8u16\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"wireshark\", reference:\"1.12.1+g01b65bf-4+deb8u16\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"wireshark-common\", reference:\"1.12.1+g01b65bf-4+deb8u16\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"wireshark-dbg\", reference:\"1.12.1+g01b65bf-4+deb8u16\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"wireshark-dev\", reference:\"1.12.1+g01b65bf-4+deb8u16\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"wireshark-doc\", reference:\"1.12.1+g01b65bf-4+deb8u16\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"wireshark-qt\", reference:\"1.12.1+g01b65bf-4+deb8u16\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-08-01T05:10:43", "bulletinFamily": "scanner", "description": "This update for wireshark fixes the following issues :\n\nUpdate to Wireshark 2.4.11 (bsc#1117740).\n\nSecurity issues fixed :\n\nCVE-2018-19625: The Wireshark dissection engine could crash\n(wnpa-sec-2018-51)\n\nCVE-2018-19626: The DCOM dissector could crash (wnpa-sec-2018-52)\n\nCVE-2018-19623: The LBMPDM dissector could crash (wnpa-sec-2018-53)\n\nCVE-2018-19622: The MMSE dissector could go into an infinite loop\n(wnpa-sec-2018-54)\n\nCVE-2018-19627: The IxVeriWave file parser could crash\n(wnpa-sec-2018-55)\n\nCVE-2018-19624: The PVFS dissector could crash (wnpa-sec-2018-56)\n\nFurther bug fixes and updated protocol support as listed in:\nhttps://www.wireshark.org/docs/relnotes/wireshark-2.4.11.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2020-08-02T00:00:00", "id": "SUSE_SU-2018-4295-1.NASL", "href": "https://www.tenable.com/plugins/nessus/120194", "published": "2019-01-02T00:00:00", "title": "SUSE SLED15 / SLES15 Security Update : wireshark (SUSE-SU-2018:4295-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:4295-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(120194);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/09/10 13:51:50\");\n\n script_cve_id(\"CVE-2018-19622\", \"CVE-2018-19623\", \"CVE-2018-19624\", \"CVE-2018-19625\", \"CVE-2018-19626\", \"CVE-2018-19627\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : wireshark (SUSE-SU-2018:4295-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for wireshark fixes the following issues :\n\nUpdate to Wireshark 2.4.11 (bsc#1117740).\n\nSecurity issues fixed :\n\nCVE-2018-19625: The Wireshark dissection engine could crash\n(wnpa-sec-2018-51)\n\nCVE-2018-19626: The DCOM dissector could crash (wnpa-sec-2018-52)\n\nCVE-2018-19623: The LBMPDM dissector could crash (wnpa-sec-2018-53)\n\nCVE-2018-19622: The MMSE dissector could go into an infinite loop\n(wnpa-sec-2018-54)\n\nCVE-2018-19627: The IxVeriWave file parser could crash\n(wnpa-sec-2018-55)\n\nCVE-2018-19624: The PVFS dissector could crash (wnpa-sec-2018-56)\n\nFurther bug fixes and updated protocol support as listed in:\nhttps://www.wireshark.org/docs/relnotes/wireshark-2.4.11.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117740\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19622/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19623/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19624/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19625/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19626/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19627/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20184295-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6c16e3d0\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-2.4.11.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Desktop Applications 15:zypper in -t\npatch SUSE-SLE-Module-Desktop-Applications-15-2018-3066=1\n\nSUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-2018-3066=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwireshark9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwireshark9-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwiretap7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwiretap7-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwscodecs1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwscodecs1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwsutil8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwsutil8-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-ui-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-ui-qt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"wireshark-debuginfo-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"wireshark-debugsource-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"wireshark-devel-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"wireshark-ui-qt-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"wireshark-ui-qt-debuginfo-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libwireshark9-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libwireshark9-debuginfo-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libwiretap7-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libwiretap7-debuginfo-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libwscodecs1-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libwscodecs1-debuginfo-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libwsutil8-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libwsutil8-debuginfo-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"wireshark-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"wireshark-debuginfo-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"wireshark-debugsource-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"wireshark-debuginfo-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"wireshark-debugsource-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"wireshark-devel-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"wireshark-ui-qt-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"wireshark-ui-qt-debuginfo-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libwireshark9-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libwireshark9-debuginfo-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libwiretap7-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libwiretap7-debuginfo-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libwscodecs1-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libwscodecs1-debuginfo-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libwsutil8-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libwsutil8-debuginfo-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"wireshark-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"wireshark-debuginfo-2.4.11-3.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"wireshark-debugsource-2.4.11-3.15.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-08-01T05:10:44", "bulletinFamily": "scanner", "description": "This update for wireshark fixes the following issues :\n\nUpdate to Wireshark 2.4.11 (bsc#1117740).\n\nSecurity issues fixed :\n\nCVE-2018-19625: The Wireshark dissection engine could crash\n(wnpa-sec-2018-51)\n\nCVE-2018-19626: The DCOM dissector could crash (wnpa-sec-2018-52)\n\nCVE-2018-19623: The LBMPDM dissector could crash (wnpa-sec-2018-53)\n\nCVE-2018-19622: The MMSE dissector could go into an infinite loop\n(wnpa-sec-2018-54)\n\nCVE-2018-19627: The IxVeriWave file parser could crash\n(wnpa-sec-2018-55)\n\nCVE-2018-19624: The PVFS dissector could crash (wnpa-sec-2018-56)\n\nFurther bug fixes and updated protocol support as listed in:\nhttps://www.wireshark.org/docs/relnotes/wireshark-2.4.11.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2020-08-02T00:00:00", "id": "SUSE_SU-2018-4298-1.NASL", "href": "https://www.tenable.com/plugins/nessus/119956", "published": "2018-12-31T00:00:00", "title": "SUSE SLED12 / SLES12 Security Update : wireshark (SUSE-SU-2018:4298-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:4298-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119956);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/09/10 13:51:50\");\n\n script_cve_id(\"CVE-2018-19622\", \"CVE-2018-19623\", \"CVE-2018-19624\", \"CVE-2018-19625\", \"CVE-2018-19626\", \"CVE-2018-19627\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : wireshark (SUSE-SU-2018:4298-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for wireshark fixes the following issues :\n\nUpdate to Wireshark 2.4.11 (bsc#1117740).\n\nSecurity issues fixed :\n\nCVE-2018-19625: The Wireshark dissection engine could crash\n(wnpa-sec-2018-51)\n\nCVE-2018-19626: The DCOM dissector could crash (wnpa-sec-2018-52)\n\nCVE-2018-19623: The LBMPDM dissector could crash (wnpa-sec-2018-53)\n\nCVE-2018-19622: The MMSE dissector could go into an infinite loop\n(wnpa-sec-2018-54)\n\nCVE-2018-19627: The IxVeriWave file parser could crash\n(wnpa-sec-2018-55)\n\nCVE-2018-19624: The PVFS dissector could crash (wnpa-sec-2018-56)\n\nFurther bug fixes and updated protocol support as listed in:\nhttps://www.wireshark.org/docs/relnotes/wireshark-2.4.11.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117740\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19622/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19623/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19624/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19625/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19626/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19627/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20184298-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8ee98540\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-2.4.11.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t\npatch SUSE-SLE-SDK-12-SP4-2018-3067=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t\npatch SUSE-SLE-SDK-12-SP3-2018-3067=1\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2018-3067=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2018-3067=1\n\nSUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP4-2018-3067=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2018-3067=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwireshark9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwireshark9-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwiretap7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwiretap7-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwscodecs1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwscodecs1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwsutil8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwsutil8-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-gtk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP3/4\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP3/4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libwireshark9-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libwireshark9-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libwiretap7-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libwiretap7-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libwscodecs1-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libwscodecs1-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libwsutil8-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libwsutil8-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"wireshark-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"wireshark-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"wireshark-debugsource-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"wireshark-gtk-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"wireshark-gtk-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwireshark9-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwireshark9-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwiretap7-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwiretap7-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwscodecs1-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwscodecs1-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwsutil8-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwsutil8-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"wireshark-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"wireshark-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"wireshark-debugsource-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"wireshark-gtk-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"wireshark-gtk-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libwireshark9-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libwireshark9-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libwiretap7-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libwiretap7-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libwscodecs1-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libwscodecs1-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libwsutil8-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libwsutil8-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"wireshark-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"wireshark-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"wireshark-debugsource-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"wireshark-gtk-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"wireshark-gtk-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwireshark9-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwireshark9-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwiretap7-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwiretap7-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwscodecs1-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwscodecs1-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwsutil8-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwsutil8-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"wireshark-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"wireshark-debuginfo-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"wireshark-debugsource-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"wireshark-gtk-2.4.11-48.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"wireshark-gtk-debuginfo-2.4.11-48.35.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-08-01T03:47:35", "bulletinFamily": "scanner", "description": "This update for wireshark fixes the following issues :\n\nUpdate to Wireshark 2.4.11 (bsc#1117740).\n\nSecurity issues fixed :\n\n - CVE-2018-19625: The Wireshark dissection engine could\n crash (wnpa-sec-2018-51)\n\n - CVE-2018-19626: The DCOM dissector could crash\n (wnpa-sec-2018-52)\n\n - CVE-2018-19623: The LBMPDM dissector could crash\n (wnpa-sec-2018-53) \n\n - CVE-2018-19622: The MMSE dissector could go into an\n infinite loop (wnpa-sec-2018-54)\n\n - CVE-2018-19627: The IxVeriWave file parser could crash\n (wnpa-sec-2018-55) \n\n - CVE-2018-19624: The PVFS dissector could crash\n (wnpa-sec-2018-56)\n\nFurther bug fixes and updated protocol support as listed in :\n\n- https://www.wireshark.org/docs/relnotes/wireshark-2.4.11.html\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "modified": "2020-08-02T00:00:00", "id": "OPENSUSE-2019-1045.NASL", "href": "https://www.tenable.com/plugins/nessus/123166", "published": "2019-03-27T00:00:00", "title": "openSUSE Security Update : wireshark (openSUSE-2019-1045)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-1045.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(123166);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/04/02 21:54:17\");\n\n script_cve_id(\"CVE-2018-19622\", \"CVE-2018-19623\", \"CVE-2018-19624\", \"CVE-2018-19625\", \"CVE-2018-19626\", \"CVE-2018-19627\");\n\n script_name(english:\"openSUSE Security Update : wireshark (openSUSE-2019-1045)\");\n script_summary(english:\"Check for the openSUSE-2019-1045 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for wireshark fixes the following issues :\n\nUpdate to Wireshark 2.4.11 (bsc#1117740).\n\nSecurity issues fixed :\n\n - CVE-2018-19625: The Wireshark dissection engine could\n crash (wnpa-sec-2018-51)\n\n - CVE-2018-19626: The DCOM dissector could crash\n (wnpa-sec-2018-52)\n\n - CVE-2018-19623: The LBMPDM dissector could crash\n (wnpa-sec-2018-53) \n\n - CVE-2018-19622: The MMSE dissector could go into an\n infinite loop (wnpa-sec-2018-54)\n\n - CVE-2018-19627: The IxVeriWave file parser could crash\n (wnpa-sec-2018-55) \n\n - CVE-2018-19624: The PVFS dissector could crash\n (wnpa-sec-2018-56)\n\nFurther bug fixes and updated protocol support as listed in :\n\n- https://www.wireshark.org/docs/relnotes/wireshark-2.4.11.html\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1117740\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-2.4.11.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwireshark9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwireshark9-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwiretap7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwiretap7-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwscodecs1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwscodecs1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwsutil8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwsutil8-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-ui-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-ui-qt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwireshark9-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwireshark9-debuginfo-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwiretap7-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwiretap7-debuginfo-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwscodecs1-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwscodecs1-debuginfo-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwsutil8-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwsutil8-debuginfo-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"wireshark-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"wireshark-debuginfo-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"wireshark-debugsource-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"wireshark-devel-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"wireshark-ui-qt-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"wireshark-ui-qt-debuginfo-2.4.11-lp150.2.16.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libwireshark9 / libwireshark9-debuginfo / libwiretap7 / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-06-05T11:18:18", "bulletinFamily": "scanner", "description": "This update for wireshark fixes the following issues :\n\nUpdate to Wireshark 2.4.11 (bsc#1117740).\n\nSecurity issues fixed :\n\n - CVE-2018-19625: The Wireshark dissection engine could\n crash (wnpa-sec-2018-51)\n\n - CVE-2018-19626: The DCOM dissector could crash\n (wnpa-sec-2018-52)\n\n - CVE-2018-19623: The LBMPDM dissector could crash\n (wnpa-sec-2018-53) \n\n - CVE-2018-19622: The MMSE dissector could go into an\n infinite loop (wnpa-sec-2018-54)\n\n - CVE-2018-19627: The IxVeriWave file parser could crash\n (wnpa-sec-2018-55) \n\n - CVE-2018-19624: The PVFS dissector could crash\n (wnpa-sec-2018-56)\n\nFurther bug fixes and updated protocol support as listed in :\n\n- https://www.wireshark.org/docs/relnotes/wireshark-2.4.11.html\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "modified": "2018-12-31T00:00:00", "id": "OPENSUSE-2018-1620.NASL", "href": "https://www.tenable.com/plugins/nessus/119950", "published": "2018-12-31T00:00:00", "title": "openSUSE Security Update : wireshark (openSUSE-2018-1620)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-1620.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119950);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/04\");\n\n script_cve_id(\"CVE-2018-19622\", \"CVE-2018-19623\", \"CVE-2018-19624\", \"CVE-2018-19625\", \"CVE-2018-19626\", \"CVE-2018-19627\");\n\n script_name(english:\"openSUSE Security Update : wireshark (openSUSE-2018-1620)\");\n script_summary(english:\"Check for the openSUSE-2018-1620 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for wireshark fixes the following issues :\n\nUpdate to Wireshark 2.4.11 (bsc#1117740).\n\nSecurity issues fixed :\n\n - CVE-2018-19625: The Wireshark dissection engine could\n crash (wnpa-sec-2018-51)\n\n - CVE-2018-19626: The DCOM dissector could crash\n (wnpa-sec-2018-52)\n\n - CVE-2018-19623: The LBMPDM dissector could crash\n (wnpa-sec-2018-53) \n\n - CVE-2018-19622: The MMSE dissector could go into an\n infinite loop (wnpa-sec-2018-54)\n\n - CVE-2018-19627: The IxVeriWave file parser could crash\n (wnpa-sec-2018-55) \n\n - CVE-2018-19624: The PVFS dissector could crash\n (wnpa-sec-2018-56)\n\nFurther bug fixes and updated protocol support as listed in :\n\n- https://www.wireshark.org/docs/relnotes/wireshark-2.4.11.html\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1117740\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-2.4.11.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwireshark9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwireshark9-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwiretap7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwiretap7-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwscodecs1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwscodecs1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwsutil8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwsutil8-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-ui-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-ui-qt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwireshark9-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwireshark9-debuginfo-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwiretap7-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwiretap7-debuginfo-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwscodecs1-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwscodecs1-debuginfo-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwsutil8-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwsutil8-debuginfo-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"wireshark-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"wireshark-debuginfo-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"wireshark-debugsource-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"wireshark-devel-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"wireshark-ui-qt-2.4.11-lp150.2.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"wireshark-ui-qt-debuginfo-2.4.11-lp150.2.16.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libwireshark9 / libwireshark9-debuginfo / libwiretap7 / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-08-01T05:41:13", "bulletinFamily": "scanner", "description": "The version of Wireshark installed on the remote Windows host is\n2.4.x prior to 2.4.11. It is, therefore,\naffected by multiple vulnerabilities.", "modified": "2020-08-02T00:00:00", "id": "WIRESHARK_2_4_11.NASL", "href": "https://www.tenable.com/plugins/nessus/119419", "published": "2018-12-05T00:00:00", "title": "Wireshark 2.4.x < 2.4.11 Multiple Vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119419);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/11/01\");\n\n script_cve_id(\n \"CVE-2018-19622\",\n \"CVE-2018-19623\",\n \"CVE-2018-19624\",\n \"CVE-2018-19625\",\n \"CVE-2018-19626\",\n \"CVE-2018-19627\"\n );\n script_bugtraq_id(106051);\n\n script_name(english:\"Wireshark 2.4.x < 2.4.11 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of Wireshark.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote Windows host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Wireshark installed on the remote Windows host is\n2.4.x prior to 2.4.11. It is, therefore,\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-2.4.11.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-51.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-52.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-53.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-54.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-55.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-56.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Wireshark version 2.4.11 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-19627\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"wireshark_installed.nasl\");\n script_require_keys(\"installed_sw/Wireshark\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\n\napp_info = vcf::get_app_info(app:\"Wireshark\", win_local:TRUE);\n\nconstraints = [\n { \"min_version\" : \"2.4.0\", \"fixed_version\" : \"2.4.11\" }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-08-01T03:22:38", "bulletinFamily": "scanner", "description": "The version of Wireshark installed on the remote MacOS/MacOSX host\nis 2.4.x prior to 2.4.11. It is, therefore, affected by multiple\nvulnerabilities.", "modified": "2020-08-02T00:00:00", "id": "MACOSX_WIRESHARK_2_4_11.NASL", "href": "https://www.tenable.com/plugins/nessus/119417", "published": "2018-12-05T00:00:00", "title": "Wireshark 2.4.x < 2.4.11 Multiple Vulnerabilities (MacOS)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119417);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/11/01\");\n\n script_cve_id(\n \"CVE-2018-19622\",\n \"CVE-2018-19623\",\n \"CVE-2018-19624\",\n \"CVE-2018-19625\",\n \"CVE-2018-19626\",\n \"CVE-2018-19627\"\n );\n script_bugtraq_id(106051);\n\n script_name(english:\"Wireshark 2.4.x < 2.4.11 Multiple Vulnerabilities (MacOS)\");\n script_summary(english:\"Checks the version of Wireshark.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote MacOS / MacOSX host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Wireshark installed on the remote MacOS/MacOSX host\nis 2.4.x prior to 2.4.11. It is, therefore, affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-2.4.11.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-51.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-52.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-53.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-54.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-55.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-56.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Wireshark version 2.4.11 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-19627\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_wireshark_installed.nbin\");\n script_require_keys(\"installed_sw/Wireshark\", \"Host/MacOSX/Version\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\n\nget_kb_item_or_exit(\"Host/MacOSX/Version\");\n\napp_info = vcf::get_app_info(app:\"Wireshark\");\n\nconstraints = [\n { \"min_version\" : \"2.4.0\", \"fixed_version\" : \"2.4.11\" }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-06-05T11:19:07", "bulletinFamily": "scanner", "description": "This update for wireshark fixes the following issues :\n\nMinor vulnerabilities that could be used to trigger dissector crashes\nor cause dissectors to go into large infinite loops by making\nWireshark read specially crafted packages from the network or capture\nfiles (boo#1088200) :\n\n - CVE-2018-9264: ADB dissector crash \n\n - CVE-2018-9260: IEEE 802.15.4 dissector crash \n\n - CVE-2018-9261: NBAP dissector crash \n\n - CVE-2018-9262: VLAN dissector crash\n\n - CVE-2018-9256: LWAPP dissector crash\n\n - CVE-2018-9263: Kerberos dissector crash\n\n - CVE-2018-9259: MP4 dissector crash\n\n - Memory leaks in multiple dissectors: CVE-2018-9265,\n CVE-2018-9266, CVE-2018-9267, CVE-2018-9268,\n CVE-2018-9269, CVE-2018-9270, CVE-2018-9271,\n CVE-2018-9272, CVE-2018-9273, CVE-2018-9274\n\nThis update also contains all upstream bug fixes and updated protocol\nsupport as listed in :\n\nhttps://www.wireshark.org/docs/relnotes/wireshark-2.2.14.html", "modified": "2018-04-10T00:00:00", "id": "OPENSUSE-2018-347.NASL", "href": "https://www.tenable.com/plugins/nessus/108937", "published": "2018-04-10T00:00:00", "title": "openSUSE Security Update : wireshark (openSUSE-2018-347)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-347.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(108937);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/04\");\n\n script_cve_id(\"CVE-2018-9256\", \"CVE-2018-9259\", \"CVE-2018-9260\", \"CVE-2018-9261\", \"CVE-2018-9262\", \"CVE-2018-9263\", \"CVE-2018-9264\", \"CVE-2018-9265\", \"CVE-2018-9266\", \"CVE-2018-9267\", \"CVE-2018-9268\", \"CVE-2018-9269\", \"CVE-2018-9270\", \"CVE-2018-9271\", \"CVE-2018-9272\", \"CVE-2018-9273\", \"CVE-2018-9274\");\n\n script_name(english:\"openSUSE Security Update : wireshark (openSUSE-2018-347)\");\n script_summary(english:\"Check for the openSUSE-2018-347 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for wireshark fixes the following issues :\n\nMinor vulnerabilities that could be used to trigger dissector crashes\nor cause dissectors to go into large infinite loops by making\nWireshark read specially crafted packages from the network or capture\nfiles (boo#1088200) :\n\n - CVE-2018-9264: ADB dissector crash \n\n - CVE-2018-9260: IEEE 802.15.4 dissector crash \n\n - CVE-2018-9261: NBAP dissector crash \n\n - CVE-2018-9262: VLAN dissector crash\n\n - CVE-2018-9256: LWAPP dissector crash\n\n - CVE-2018-9263: Kerberos dissector crash\n\n - CVE-2018-9259: MP4 dissector crash\n\n - Memory leaks in multiple dissectors: CVE-2018-9265,\n CVE-2018-9266, CVE-2018-9267, CVE-2018-9268,\n CVE-2018-9269, CVE-2018-9270, CVE-2018-9271,\n CVE-2018-9272, CVE-2018-9273, CVE-2018-9274\n\nThis update also contains all upstream bug fixes and updated protocol\nsupport as listed in :\n\nhttps://www.wireshark.org/docs/relnotes/wireshark-2.2.14.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1088200\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-2.2.14.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-ui-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-ui-gtk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-ui-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-ui-qt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"wireshark-2.2.14-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"wireshark-debuginfo-2.2.14-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"wireshark-debugsource-2.2.14-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"wireshark-devel-2.2.14-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"wireshark-ui-gtk-2.2.14-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"wireshark-ui-gtk-debuginfo-2.2.14-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"wireshark-ui-qt-2.2.14-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"wireshark-ui-qt-debuginfo-2.2.14-38.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark / wireshark-debuginfo / wireshark-debugsource / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-08-01T05:05:10", "bulletinFamily": "scanner", "description": "This update for wireshark fixes the following issues :\n\n - Update to wireshark 2.2.14, fix such issues :\n\n - bsc#1088200 VUL-0: wireshark: multiple vulnerabilities\n fixed in 2.2.14, 2.4.6\n\n - CVE-2018-9256: LWAPP dissector crash\n\n - CVE-2018-9260: IEEE 802.15.4 dissector crash\n\n - CVE-2018-9261: NBAP dissector crash\n\n - CVE-2018-9262: VLAN dissector crash\n\n - CVE-2018-9263: Kerberos dissector crash\n\n - CVE-2018-9264: ADB dissector crash\n\n - CVE-2018-9265: tn3270 dissector has a memory leak\n\n - CVE-2018-9266: ISUP dissector memory leak\n\n - CVE-2018-9267: LAPD dissector memory leak\n\n - CVE-2018-9268: SMB2 dissector memory leak\n\n - CVE-2018-9269: GIOP dissector memory leak\n\n - CVE-2018-9270: OIDS dissector memory leak\n\n - CVE-2018-9271: multipart dissector memory leak\n\n - CVE-2018-9272: h223 dissector memory leak\n\n - CVE-2018-9273: pcp dissector memory leak\n\n - CVE-2018-9274: failure message memory leak\n\n - CVE-2018-9259: MP4 dissector crash\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2020-08-02T00:00:00", "id": "SUSE_SU-2018-0980-1.NASL", "href": "https://www.tenable.com/plugins/nessus/109197", "published": "2018-04-20T00:00:00", "title": "SUSE SLES11 Security Update : wireshark (SUSE-SU-2018:0980-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:0980-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109197);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/09/10 13:51:47\");\n\n script_cve_id(\"CVE-2018-9256\", \"CVE-2018-9259\", \"CVE-2018-9260\", \"CVE-2018-9261\", \"CVE-2018-9262\", \"CVE-2018-9263\", \"CVE-2018-9264\", \"CVE-2018-9265\", \"CVE-2018-9266\", \"CVE-2018-9267\", \"CVE-2018-9268\", \"CVE-2018-9269\", \"CVE-2018-9270\", \"CVE-2018-9271\", \"CVE-2018-9272\", \"CVE-2018-9273\", \"CVE-2018-9274\");\n\n script_name(english:\"SUSE SLES11 Security Update : wireshark (SUSE-SU-2018:0980-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for wireshark fixes the following issues :\n\n - Update to wireshark 2.2.14, fix such issues :\n\n - bsc#1088200 VUL-0: wireshark: multiple vulnerabilities\n fixed in 2.2.14, 2.4.6\n\n - CVE-2018-9256: LWAPP dissector crash\n\n - CVE-2018-9260: IEEE 802.15.4 dissector crash\n\n - CVE-2018-9261: NBAP dissector crash\n\n - CVE-2018-9262: VLAN dissector crash\n\n - CVE-2018-9263: Kerberos dissector crash\n\n - CVE-2018-9264: ADB dissector crash\n\n - CVE-2018-9265: tn3270 dissector has a memory leak\n\n - CVE-2018-9266: ISUP dissector memory leak\n\n - CVE-2018-9267: LAPD dissector memory leak\n\n - CVE-2018-9268: SMB2 dissector memory leak\n\n - CVE-2018-9269: GIOP dissector memory leak\n\n - CVE-2018-9270: OIDS dissector memory leak\n\n - CVE-2018-9271: multipart dissector memory leak\n\n - CVE-2018-9272: h223 dissector memory leak\n\n - CVE-2018-9273: pcp dissector memory leak\n\n - CVE-2018-9274: failure message memory leak\n\n - CVE-2018-9259: MP4 dissector crash\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1088200\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9256/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9259/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9260/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9261/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9262/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9263/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9264/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9265/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9266/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9267/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9268/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9269/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9270/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9271/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9272/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9273/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9274/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20180980-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?93daedc9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t\npatch sdksp4-wireshark-13566=1\n\nSUSE Linux Enterprise Server 11-SP4:zypper in -t patch\nslessp4-wireshark-13566=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch\ndbgsp4-wireshark-13566=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwireshark8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwiretap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwscodecs1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwsutil7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/04/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libwireshark8-2.2.14-40.25.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libwiretap6-2.2.14-40.25.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libwscodecs1-2.2.14-40.25.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libwsutil7-2.2.14-40.25.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"wireshark-2.2.14-40.25.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"wireshark-gtk-2.2.14-40.25.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-08-01T05:05:10", "bulletinFamily": "scanner", "description": "This update for wireshark fixes the following issues :\n\n - Update to wireshark 2.2.14, fix such issues :\n\n - bsc#1088200 VUL-0: wireshark: multiple vulnerabilities\n fixed in 2.2.14, 2.4.6\n\n - CVE-2018-9256: LWAPP dissector crash\n\n - CVE-2018-9260: IEEE 802.15.4 dissector crash\n\n - CVE-2018-9261: NBAP dissector crash\n\n - CVE-2018-9262: VLAN dissector crash\n\n - CVE-2018-9263: Kerberos dissector crash\n\n - CVE-2018-9264: ADB dissector crash\n\n - CVE-2018-9265: tn3270 dissector has a memory leak\n\n - CVE-2018-9266: ISUP dissector memory leak\n\n - CVE-2018-9267: LAPD dissector memory leak\n\n - CVE-2018-9268: SMB2 dissector memory leak\n\n - CVE-2018-9269: GIOP dissector memory leak\n\n - CVE-2018-9270: OIDS dissector memory leak\n\n - CVE-2018-9271: multipart dissector memory leak\n\n - CVE-2018-9272: h223 dissector memory leak\n\n - CVE-2018-9273: pcp dissector memory leak\n\n - CVE-2018-9274: failure message memory leak\n\n - CVE-2018-9259: MP4 dissector crash\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2020-08-02T00:00:00", "id": "SUSE_SU-2018-0981-1.NASL", "href": "https://www.tenable.com/plugins/nessus/109198", "published": "2018-04-20T00:00:00", "title": "SUSE SLED12 / SLES12 Security Update : wireshark (SUSE-SU-2018:0981-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:0981-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109198);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/09/10 13:51:47\");\n\n script_cve_id(\"CVE-2018-9256\", \"CVE-2018-9259\", \"CVE-2018-9260\", \"CVE-2018-9261\", \"CVE-2018-9262\", \"CVE-2018-9263\", \"CVE-2018-9264\", \"CVE-2018-9265\", \"CVE-2018-9266\", \"CVE-2018-9267\", \"CVE-2018-9268\", \"CVE-2018-9269\", \"CVE-2018-9270\", \"CVE-2018-9271\", \"CVE-2018-9272\", \"CVE-2018-9273\", \"CVE-2018-9274\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : wireshark (SUSE-SU-2018:0981-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for wireshark fixes the following issues :\n\n - Update to wireshark 2.2.14, fix such issues :\n\n - bsc#1088200 VUL-0: wireshark: multiple vulnerabilities\n fixed in 2.2.14, 2.4.6\n\n - CVE-2018-9256: LWAPP dissector crash\n\n - CVE-2018-9260: IEEE 802.15.4 dissector crash\n\n - CVE-2018-9261: NBAP dissector crash\n\n - CVE-2018-9262: VLAN dissector crash\n\n - CVE-2018-9263: Kerberos dissector crash\n\n - CVE-2018-9264: ADB dissector crash\n\n - CVE-2018-9265: tn3270 dissector has a memory leak\n\n - CVE-2018-9266: ISUP dissector memory leak\n\n - CVE-2018-9267: LAPD dissector memory leak\n\n - CVE-2018-9268: SMB2 dissector memory leak\n\n - CVE-2018-9269: GIOP dissector memory leak\n\n - CVE-2018-9270: OIDS dissector memory leak\n\n - CVE-2018-9271: multipart dissector memory leak\n\n - CVE-2018-9272: h223 dissector memory leak\n\n - CVE-2018-9273: pcp dissector memory leak\n\n - CVE-2018-9274: failure message memory leak\n\n - CVE-2018-9259: MP4 dissector crash\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1088200\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9256/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9259/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9260/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9261/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9262/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9263/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9264/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9265/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9266/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9267/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9268/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9269/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9270/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9271/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9272/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9273/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9274/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20180981-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?45fc2dd2\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t\npatch SUSE-SLE-SDK-12-SP3-2018-658=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2018-658=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2018-658=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwireshark8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwireshark8-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwiretap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwiretap6-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwscodecs1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwscodecs1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwsutil7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwsutil7-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-gtk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/04/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwireshark8-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwireshark8-debuginfo-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwiretap6-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwiretap6-debuginfo-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwscodecs1-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwscodecs1-debuginfo-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwsutil7-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwsutil7-debuginfo-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"wireshark-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"wireshark-debuginfo-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"wireshark-debugsource-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"wireshark-gtk-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"wireshark-gtk-debuginfo-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwireshark8-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwireshark8-debuginfo-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwiretap6-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwiretap6-debuginfo-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwscodecs1-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwscodecs1-debuginfo-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwsutil7-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwsutil7-debuginfo-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"wireshark-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"wireshark-debuginfo-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"wireshark-debugsource-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"wireshark-gtk-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"wireshark-gtk-debuginfo-2.2.14-48.24.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "debian": [{"lastseen": "2020-07-14T12:49:09", "bulletinFamily": "unix", "description": "Package : wireshark\nVersion : 1.12.1+g01b65bf-4+deb8u16\nCVE ID : CVE-2017-7700 CVE-2017-7703 CVE-2017-7746 CVE-2017-7747\n CVE-2017-9766 CVE-2017-11406 CVE-2017-11407 CVE-2017-11409\n CVE-2017-13765 CVE-2017-15191 CVE-2017-17935 CVE-2017-17997\n CVE-2018-7322 CVE-2018-7323 CVE-2018-7324 CVE-2018-7325\n CVE-2018-7331 CVE-2018-7336 CVE-2018-7417 CVE-2018-7418\n CVE-2018-7420 CVE-2018-9256 CVE-2018-9259 CVE-2018-9260\n CVE-2018-9262 CVE-2018-9263 CVE-2018-9265 CVE-2018-9267\n CVE-2018-9268 CVE-2018-9269 CVE-2018-9270 CVE-2018-11356\n CVE-2018-11357 CVE-2018-11359 CVE-2018-16057 CVE-2018-16058\n CVE-2018-19622 CVE-2018-19623 CVE-2018-19624 CVE-2018-19625\n CVE-2018-19626\n\n\nSeveral issues in wireshark, a tool that captures and analyzes packets \noff the wire, have been found by different people.\nThese are basically issues with length checks or invalid memory access in \ndifferent dissectors. This could result in infinite loops or crashes by \nmalicious packets.\n\n\nFor Debian 8 "Jessie", these problems have been fixed in version\n1.12.1+g01b65bf-4+deb8u16.\n\nWe recommend that you upgrade your wireshark packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n\n", "modified": "2019-01-15T19:39:28", "published": "2019-01-15T19:39:28", "id": "DEBIAN:DLA-1634-1:9CB4F", "href": "https://lists.debian.org/debian-lts-announce/2019/debian-lts-announce-201901/msg00010.html", "title": "[SECURITY] [DLA 1634-1] wireshark security update", "type": "debian", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-07-14T12:58:47", "bulletinFamily": "unix", "description": "Package : wireshark\nVersion : 1.12.1+g01b65bf-4+deb8u6~deb7u10\nCVE ID : CVE-2018-7322 CVE-2018-7323 CVE-2018-7324 CVE-2018-7332\n CVE-2018-7334 CVE-2018-7335 CVE-2018-7336 CVE-2018-7337\n CVE-2018-7417 CVE-2018-7418 CVE-2018-7419 CVE-2018-7420\n\n\nIt was discovered that wireshark, a network protocol analyzer, contained\nseveral vulnerabilities that could result in infinite loops in different\ndissectors. Other issues are related to crash in dissectors that are \ncaused by special crafted and malformed packets.\n\n\n\nFor Debian 7 "Wheezy", these problems have been fixed in version\n1.12.1+g01b65bf-4+deb8u6~deb7u10.\n\nWe recommend that you upgrade your wireshark packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n\n", "modified": "2018-04-18T20:20:32", "published": "2018-04-18T20:20:32", "id": "DEBIAN:DLA-1353-1:A8A6D", "href": "https://lists.debian.org/debian-lts-announce/2018/debian-lts-announce-201804/msg00018.html", "title": "[SECURITY] [DLA 1353-1] wireshark security update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-07-14T12:54:41", "bulletinFamily": "unix", "description": "Package : wireshark\nVersion : 1.12.1+g01b65bf-4+deb8u6~deb7u11\nCVE ID : CVE-2018-9258 CVE-2018-9260 CVE-2018-9261 CVE-2018-9263\n CVE-2018-9268 CVE-2018-9269 CVE-2018-9270 CVE-2018-11358\n CVE-2018-11362\n\n\nSeveral issues that could result in a crash within different dissectors \nhave been fixed. Other issues are related to memory leaks or heap-based \nbuffer overflows.\n\n\nAll issue could be caused by special crafted and malformed packets.\n\n\nFor Debian 7 "Wheezy", these problems have been fixed in version\n1.12.1+g01b65bf-4+deb8u6~deb7u11.\n\nWe recommend that you upgrade your wireshark packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n\n", "modified": "2018-05-28T20:35:29", "published": "2018-05-28T20:35:29", "id": "DEBIAN:DLA-1388-1:8C249", "href": "https://lists.debian.org/debian-lts-announce/2018/debian-lts-announce-201805/msg00019.html", "title": "[SECURITY] [DLA 1388-1] wireshark security update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-07-14T13:02:06", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4359-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nDecember 27, 2018 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : wireshark\nCVE ID : CVE-2018-12086 CVE-2018-18225 CVE-2018-18226\n CVE-2018-18227 CVE-2018-19622 CVE-2018-19623\n\t\t CVE-2018-19624 CVE-2018-19625 CVE-2018-19626\n\t\t CVE-2018-19627 CVE-2018-19628\n\nMultiple vulnerabilities have been discovered in Wireshark, a network\nprotocol analyzer, which could result in denial of service or the\nexecution of arbitrary code.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 2.6.5-1~deb9u1.\n\nWe recommend that you upgrade your wireshark packages.\n\nFor the detailed security status of wireshark please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/wireshark\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2018-12-27T14:57:12", "published": "2018-12-27T14:57:12", "id": "DEBIAN:DSA-4359-1:68CD3", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2018/msg00292.html", "title": "[SECURITY] [DSA 4359-1] wireshark security update", "type": "debian", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "f5": [{"lastseen": "2020-04-06T22:40:44", "bulletinFamily": "software", "description": "\nF5 Product Development has assigned ID 743743 (BIG-IP) to this vulnerability.\n\nTo determine if your product and version have been evaluated for this vulnerability, refer to the **Applies to (see versions)** box. To determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table. For more information about security advisory versioning, refer to [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>).\n\nProduct | Branch | Versions known to be vulnerable | Fixes introduced in | Severity | CVSSv3 score1 | Vulnerable component or feature \n---|---|---|---|---|---|--- \nBIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator) | 14.x | 14.0.0 | None | Medium | [5.3](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L>) | Wireshark \n13.x | 13.0.0 - 13.1.1 | None \n12.x | 12.1.3 | None \n11.x | None | Not applicable \nEnterprise Manager | 3.x | None | Not applicable | Not vulnerable | None | None \nBIG-IQ Centralized Management | 6.x | None | Not applicable | Not vulnerable | None | None \n5.x | None | Not applicable \n4.x | None | Not applicable \nBIG-IQ Cloud and Orchestration | 1.x | None | Not applicable | Not vulnerable | None | None \nF5 iWorkflow | 2.x | None | Not applicable | Not vulnerable | None | None \nTraffix SDC | 5.x | None | Not applicable | Not vulnerable | None | None \n4.x | None | Not applicable \n \n1 The CVSSv3 score link takes you to a resource outside of AskF5, and it is possible that the document may be removed without our knowledge. \n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Fixes introduced in** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\nTo mitigate this vulnerability, you can use the** tcpdump** utility to capture network traffic on the BIG-IP system, then download the packet captures and perform analysis with Wireshark on another device.\n\n * [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>)\n * [K41942608: Overview of Security Advisory articles](<https://support.f5.com/csp/article/K41942608>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K21232150: Considerations for upgrading BIG-IQ or F5 iWorkflow systems](<https://support.f5.com/csp/article/K21232150>)\n", "modified": "2018-09-14T07:31:00", "published": "2018-09-05T00:26:00", "id": "F5:K02215905", "href": "https://support.f5.com/csp/article/K02215905", "title": "Wireshark vulnerabilities CVE-2018-16056, CVE-2018-16057, and CVE-2018-16058", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-04-06T22:39:33", "bulletinFamily": "software", "description": "\nF5 Product Development has assigned ID 710705 (BIG-IP) to this vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth/>) may list Heuristic H34035645 on the **Diagnostics** > **Identified** > **Medium** page.\n\nTo determine if your product and version have been evaluated for this vulnerability, refer to the **Applies to (see versions)** box. To determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table. For more information about security advisory versioning, refer to [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>).\n\nProduct | Branch | Versions known to be vulnerable | Fixes introduced in | Severity | CVSSv3 score1 | Vulnerable component or feature \n---|---|---|---|---|---|--- \nBIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe) | 14.x | 14.0.0 | 14.1.0 \n14.0.0.3 | Medium | [6.4](<https://first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H>) | Wireshark \n13.x | 13.0.0 - 13.1.1 | 13.1.1.2 \n12.x | 12.1.3 | 12.1.3.6 \n11.x | None | Not applicable \nARX | 6.x | None | Not applicable | Not vulnerable | None | None \nEnterprise Manager | 3.x | None | Not applicable | Not vulnerable | None | None \nBIG-IQ Centralized Management | 5.x | None | Not applicable | Not vulnerable | None | None \n4.x | None | Not applicable \nBIG-IQ Cloud and Orchestration | 1.x | None | Not applicable | Not vulnerable | None | None \nF5 iWorkflow | 2.x | None | Not applicable | Not vulnerable | None | None \nLineRate | 2.x | None | Not applicable | Not vulnerable | None | None \nTraffix SDC | 5.x | None | Not applicable | Not vulnerable | None | None \n4.x | None | Not applicable \n \n1The CVSSv3 score link takes you to a resource outside of AskF5, and it is possible that the document may be removed without our knowledge.\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Fixes introduced in** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\nTo mitigate this vulnerability, you can use the **tshark **utility to perform a traffic capture to a file instead of using the affected protocol parsers.\n\n * [K41942608: Overview of Security Advisory articles](<https://support.f5.com/csp/article/K41942608>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n", "modified": "2018-12-17T21:19:00", "published": "2018-03-22T18:11:00", "id": "F5:K34035645", "href": "https://support.f5.com/csp/article/K34035645", "title": "Multiple Wireshark vulnerabilities", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "suse": [{"lastseen": "2018-12-30T14:02:09", "bulletinFamily": "unix", "description": "This update for wireshark fixes the following issues:\n\n Update to Wireshark 2.4.11 (bsc#1117740).\n\n Security issues fixed:\n\n - CVE-2018-19625: The Wireshark dissection engine could crash\n (wnpa-sec-2018-51)\n - CVE-2018-19626: The DCOM dissector could crash (wnpa-sec-2018-52)\n - CVE-2018-19623: The LBMPDM dissector could crash (wnpa-sec-2018-53)\n - CVE-2018-19622: The MMSE dissector could go into an infinite loop\n (wnpa-sec-2018-54)\n - CVE-2018-19627: The IxVeriWave file parser could crash (wnpa-sec-2018-55)\n - CVE-2018-19624: The PVFS dissector could crash (wnpa-sec-2018-56)\n\n Further bug fixes and updated protocol support as listed in:\n\n - <a rel=\"nofollow\" href=\"https://www.wireshark.org/docs/relnotes/wireshark-2.4.11.html\">https://www.wireshark.org/docs/relnotes/wireshark-2.4.11.html</a>\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "modified": "2018-12-29T15:17:25", "published": "2018-12-29T15:17:25", "id": "OPENSUSE-SU-2018:4307-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-12/msg00077.html", "title": "Security update for wireshark (moderate)", "type": "suse", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-05-28T01:40:25", "bulletinFamily": "unix", "description": "This update for wireshark fixes the following issues:\n\n Minor vulnerabilities that could be used to trigger dissector crashes or\n cause excessive memory use by making Wireshark read specially crafted\n packages from the network or capture files (boo#1094301):\n\n - CVE-2018-11356: DNS dissector crash\n - CVE-2018-11357: Multiple dissectors could consume excessive memory\n - CVE-2018-11358: Q.931 dissector crash\n - CVE-2018-11359: The RRC dissector and other dissectors could crash\n - CVE-2018-11360: GSM A DTAP dissector crash\n - CVE-2018-11362: LDSS dissector crash\n\n This update to version 2.4.7 also contains bug fixes and updated protocol\n support as listed in:\n <a rel=\"nofollow\" href=\"https://www.wireshark.org/docs/relnotes/wireshark-2.4.7.html\">https://www.wireshark.org/docs/relnotes/wireshark-2.4.7.html</a>\n\n", "modified": "2018-05-26T00:08:12", "published": "2018-05-26T00:08:12", "id": "OPENSUSE-SU-2018:1428-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-05/msg00104.html", "title": "Security update for wireshark (moderate)", "type": "suse", "cvss": {"score": 0.0, "vector": "NONE"}}], "cve": [{"lastseen": "2019-06-07T13:18:52", "bulletinFamily": "NVD", "description": "In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the MQ dissector could crash. This was addressed in epan/dissectors/packet-mq.c by validating the fragment length before a reassembly attempt.", "modified": "2019-03-01T18:06:00", "id": "CVE-2017-11407", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11407", "published": "2017-07-18T21:29:00", "title": "CVE-2017-11407", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:16:56", "bulletinFamily": "NVD", "description": "In Wireshark before 2.2.12, the MRDISC dissector misuses a NULL pointer and crashes. This was addressed in epan/dissectors/packet-mrdisc.c by validating an IPv4 address. This vulnerability is similar to CVE-2017-9343.", "modified": "2019-03-01T18:19:00", "id": "CVE-2017-17997", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-17997", "published": "2017-12-30T07:29:00", "title": "CVE-2017-17997", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-10-04T12:18:47", "bulletinFamily": "NVD", "description": "In Wireshark 2.0.0 to 2.0.13, the GPRS LLC dissector could go into a large loop. This was addressed in epan/dissectors/packet-gprs-llc.c by using a different integer data type.", "modified": "2019-10-03T00:03:00", "id": "CVE-2017-11409", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11409", "published": "2017-07-18T21:29:00", "title": "CVE-2017-11409", "type": "cve", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-10-04T12:19:24", "bulletinFamily": "NVD", "description": "In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SLSK dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-slsk.c by adding checks for the remaining length.", "modified": "2019-10-03T00:03:00", "id": "CVE-2017-7746", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7746", "published": "2017-04-12T23:59:00", "title": "CVE-2017-7746", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-10-04T12:26:48", "bulletinFamily": "NVD", "description": "In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-dcm.c had an infinite loop that was addressed by checking for integer wraparound.", "modified": "2019-10-03T00:03:00", "id": "CVE-2018-7322", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7322", "published": "2018-02-23T22:29:00", "title": "CVE-2018-7322", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-03-20T12:29:34", "bulletinFamily": "NVD", "description": "In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP dissector and other dissectors could consume excessive memory. This was addressed in epan/tvbuff.c by rejecting negative lengths.", "modified": "2020-03-20T01:15:00", "id": "CVE-2018-11357", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11357", "published": "2018-05-22T21:29:00", "title": "CVE-2018-11357", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-10-04T12:19:02", "bulletinFamily": "NVD", "description": "The File_read_line function in epan/wslua/wslua_file.c in Wireshark through 2.2.11 does not properly strip '\\n' characters, which allows remote attackers to cause a denial of service (buffer underflow and application crash) via a crafted packet that triggers the attempted processing of an empty line.", "modified": "2019-10-03T00:03:00", "id": "CVE-2017-17935", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-17935", "published": "2017-12-27T17:08:00", "title": "CVE-2017-17935", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-10-04T12:19:27", "bulletinFamily": "NVD", "description": "In Wireshark 2.2.7, PROFINET IO data with a high recursion depth allows remote attackers to cause a denial of service (stack exhaustion) in the dissect_IODWriteReq function in plugins/profinet/packet-dcerpc-pn-io.c.", "modified": "2019-10-03T00:03:00", "id": "CVE-2017-9766", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9766", "published": "2017-06-21T07:29:00", "title": "CVE-2017-9766", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-06-07T13:18:55", "bulletinFamily": "NVD", "description": "In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash. This was addressed in epan/dissectors/packet-dmp.c by validating a string length.", "modified": "2019-03-01T18:12:00", "id": "CVE-2017-15191", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15191", "published": "2017-10-10T21:29:00", "title": "CVE-2017-15191", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:20:30", "bulletinFamily": "NVD", "description": "In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the MP4 dissector could crash. This was addressed in epan/dissectors/file-mp4.c by restricting the box recursion depth.", "modified": "2019-02-27T17:16:00", "id": "CVE-2018-9259", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-9259", "published": "2018-04-04T07:29:00", "title": "CVE-2018-9259", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "openvas": [{"lastseen": "2019-07-17T14:04:06", "bulletinFamily": "scanner", "description": "This host is installed with Wireshark\n and is prone to multiple vulnerabilities.", "modified": "2019-07-05T00:00:00", "published": "2018-11-29T00:00:00", "id": "OPENVAS:1361412562310814515", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814515", "title": "Wireshark Multiple Vulnerabilities-Nov18 (MACOSX)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Wireshark Multiple Vulnerabilities-Nov18 (MACOSX)\n#\n# Authors:\n# Antu Sanadi <santusecpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:wireshark:wireshark\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814515\");\n script_version(\"2019-07-05T09:12:25+0000\");\n script_cve_id(\"CVE-2018-19627\", \"CVE-2018-19626\", \"CVE-2018-19625\", \"CVE-2018-19624\",\n \"CVE-2018-19623\", \"CVE-2018-19622\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 09:12:25 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-11-29 11:28:24 +0530 (Thu, 29 Nov 2018)\");\n script_name(\"Wireshark Multiple Vulnerabilities-Nov18 (MACOSX)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - The IxVeriWave file parser could crash,\n\n - The DCOM dissector could crash,\n\n - The Wireshark dissection engine could crash,\n\n - The PVFS dissector could crash,\n\n - The LBMPDM dissector could crash and\n\n - The MMSE dissector could go into an infinite loop.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an\n attackers to cause denial of service conditions.\");\n\n script_tag(name:\"affected\", value:\"Wireshark versions 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10 on MACOSX.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark version 2.6.5, 2.4.11 or later. Please see the references for more information.\");\n\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-55\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-52\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-51\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-56\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-53\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-54\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_wireshark_detect_macosx.nasl\");\n script_mandatory_keys(\"Wireshark/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nwirversion = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version:wirversion, test_version:\"2.6.0\", test_version2:\"2.6.4\")){\n fix = \"2.6.5\";\n}\n\nelse if(version_in_range(version:wirversion, test_version:\"2.4.0\", test_version2:\"2.4.10\")){\n fix = \"2.4.11\";\n}\n\nif(fix)\n{\n report = report_fixed_ver(installed_version:wirversion, fixed_version:fix, install_path:path);\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-31T16:48:02", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2019-01-01T00:00:00", "id": "OPENVAS:1361412562310852219", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852219", "title": "openSUSE: Security Advisory for wireshark (openSUSE-SU-2018:4307-1)", "type": "openvas", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852219\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2018-19622\", \"CVE-2018-19623\", \"CVE-2018-19624\", \"CVE-2018-19625\", \"CVE-2018-19626\", \"CVE-2018-19627\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-01-01 04:00:58 +0100 (Tue, 01 Jan 2019)\");\n script_name(\"openSUSE: Security Advisory for wireshark (openSUSE-SU-2018:4307-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:4307-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-12/msg00077.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the openSUSE-SU-2018:4307-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for wireshark fixes the following issues:\n\n Update to Wireshark 2.4.11 (bsc#1117740).\n\n Security issues fixed:\n\n - CVE-2018-19625: The Wireshark dissection engine could crash\n (wnpa-sec-2018-51)\n\n - CVE-2018-19626: The DCOM dissector could crash (wnpa-sec-2018-52)\n\n - CVE-2018-19623: The LBMPDM dissector could crash (wnpa-sec-2018-53)\n\n - CVE-2018-19622: The MMSE dissector could go into an infinite loop\n (wnpa-sec-2018-54)\n\n - CVE-2018-19627: The IxVeriWave file parser could crash (wnpa-sec-2018-55)\n\n - CVE-2018-19624: The PVFS dissector could crash (wnpa-sec-2018-56)\n\n Further bug fixes and updated protocol support as listed in:\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2018-1620=1\");\n\n script_tag(name:\"affected\", value:\"wireshark on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n if(!isnull(res = isrpmvuln(pkg:\"libwireshark9\", rpm:\"libwireshark9~2.4.11~lp150.2.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwireshark9-debuginfo\", rpm:\"libwireshark9-debuginfo~2.4.11~lp150.2.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwiretap7\", rpm:\"libwiretap7~2.4.11~lp150.2.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwiretap7-debuginfo\", rpm:\"libwiretap7-debuginfo~2.4.11~lp150.2.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwscodecs1\", rpm:\"libwscodecs1~2.4.11~lp150.2.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwscodecs1-debuginfo\", rpm:\"libwscodecs1-debuginfo~2.4.11~lp150.2.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwsutil8\", rpm:\"libwsutil8~2.4.11~lp150.2.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwsutil8-debuginfo\", rpm:\"libwsutil8-debuginfo~2.4.11~lp150.2.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~2.4.11~lp150.2.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~2.4.11~lp150.2.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark-debugsource\", rpm:\"wireshark-debugsource~2.4.11~lp150.2.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark-devel\", rpm:\"wireshark-devel~2.4.11~lp150.2.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark-ui-qt\", rpm:\"wireshark-ui-qt~2.4.11~lp150.2.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark-ui-qt-debuginfo\", rpm:\"wireshark-ui-qt-debuginfo~2.4.11~lp150.2.16.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-07-17T14:04:06", "bulletinFamily": "scanner", "description": "This host is installed with Wireshark\n and is prone to multiple vulnerabilities.", "modified": "2019-07-05T00:00:00", "published": "2018-11-29T00:00:00", "id": "OPENVAS:1361412562310814514", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814514", "title": "Wireshark Multiple Vulnerabilities-Nov18 (Windows)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Wireshark Multiple Vulnerabilities-Nov18 (Windows)\n#\n# Authors:\n# Antu Sanadi <santusecpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:wireshark:wireshark\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814514\");\n script_version(\"2019-07-05T09:12:25+0000\");\n script_cve_id(\"CVE-2018-19627\", \"CVE-2018-19626\", \"CVE-2018-19625\", \"CVE-2018-19624\",\n \"CVE-2018-19623\", \"CVE-2018-19622\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 09:12:25 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-11-29 11:28:23 +0530 (Thu, 29 Nov 2018)\");\n script_name(\"Wireshark Multiple Vulnerabilities-Nov18 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - The IxVeriWave file parser could crash,\n\n - The DCOM dissector could crash,\n\n - The Wireshark dissection engine could crash,\n\n - The PVFS dissector could crash,\n\n - The LBMPDM dissector could crash and\n\n - The MMSE dissector could go into an infinite loop.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an\n attackers to cause denial of service conditions.\");\n\n script_tag(name:\"affected\", value:\"Wireshark versions 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark version 2.6.5, 2.4.11 or later. Please see the references for more information.\");\n\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-55\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-52\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-51\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-56\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-53\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-54\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nwirversion = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version:wirversion, test_version:\"2.6.0\", test_version2:\"2.6.4\")){\n fix = \"2.6.5\";\n}\n\nelse if(version_in_range(version:wirversion, test_version:\"2.4.0\", test_version2:\"2.4.10\")){\n fix = \"2.4.11\";\n}\n\nif(fix)\n{\n report = report_fixed_ver(installed_version:wirversion, fixed_version:fix, install_path:path);\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-29T20:09:21", "bulletinFamily": "scanner", "description": "It was discovered that wireshark, a network protocol analyzer, contained\nseveral vulnerabilities that could result in infinite loops in different\ndissectors. Other issues are related to crash in dissectors that are caused by special crafted and malformed packets.", "modified": "2020-01-29T00:00:00", "published": "2018-04-19T00:00:00", "id": "OPENVAS:1361412562310891353", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891353", "title": "Debian LTS: Security Advisory for wireshark (DLA-1353-1)", "type": "openvas", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891353\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2018-7322\", \"CVE-2018-7323\", \"CVE-2018-7324\", \"CVE-2018-7332\", \"CVE-2018-7334\",\n \"CVE-2018-7335\", \"CVE-2018-7336\", \"CVE-2018-7337\", \"CVE-2018-7417\", \"CVE-2018-7418\",\n \"CVE-2018-7419\", \"CVE-2018-7420\");\n script_name(\"Debian LTS: Security Advisory for wireshark (DLA-1353-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-04-19 00:00:00 +0200 (Thu, 19 Apr 2018)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2018/04/msg00018.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n\n script_tag(name:\"affected\", value:\"wireshark on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 7 'Wheezy', these problems have been fixed in version\n1.12.1+g01b65bf-4+deb8u6~deb7u10.\n\nWe recommend that you upgrade your wireshark packages.\");\n\n script_tag(name:\"summary\", value:\"It was discovered that wireshark, a network protocol analyzer, contained\nseveral vulnerabilities that could result in infinite loops in different\ndissectors. Other issues are related to crash in dissectors that are caused by special crafted and malformed packets.\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\n# nb: libwireshark2, libwiretap2 and libwsutil2 having a lower version 1.8.2-5wheezy18, keep this in mind when overwriting this LSC\nif(!isnull(res = isdpkgvuln(pkg:\"libwireshark-data\", ver:\"1.12.1+g01b65bf-4+deb8u6~deb7u10\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwireshark-dev\", ver:\"1.12.1+g01b65bf-4+deb8u6~deb7u10\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwiretap-dev\", ver:\"1.12.1+g01b65bf-4+deb8u6~deb7u10\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwsutil-dev\", ver:\"1.12.1+g01b65bf-4+deb8u6~deb7u10\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"tshark\", ver:\"1.12.1+g01b65bf-4+deb8u6~deb7u10\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark\", ver:\"1.12.1+g01b65bf-4+deb8u6~deb7u10\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-common\", ver:\"1.12.1+g01b65bf-4+deb8u6~deb7u10\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-dbg\", ver:\"1.12.1+g01b65bf-4+deb8u6~deb7u10\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-dev\", ver:\"1.12.1+g01b65bf-4+deb8u6~deb7u10\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-doc\", ver:\"1.12.1+g01b65bf-4+deb8u6~deb7u10\", rls:\"DEB7\"))) {\n report += res;\n}\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:32:34", "bulletinFamily": "scanner", "description": "This host is installed with Wireshark\n and is prone to multiple denial of service vulnerabilities.", "modified": "2019-05-17T00:00:00", "published": "2018-04-05T00:00:00", "id": "OPENVAS:1361412562310813066", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813066", "title": "Wireshark Multiple Denial of Service Vulnerabilities Apr18 (Windows)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Wireshark Multiple Denial of Service Vulnerabilities Apr18 (Windows)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:wireshark:wireshark\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813066\");\n script_version(\"2019-05-17T10:45:27+0000\");\n script_cve_id(\"CVE-2018-9274\", \"CVE-2018-9272\", \"CVE-2018-9273\", \"CVE-2018-9270\",\n \"CVE-2018-9271\", \"CVE-2018-9268\", \"CVE-2018-9269\", \"CVE-2018-9267\",\n \"CVE-2018-9265\", \"CVE-2018-9266\", \"CVE-2018-9263\", \"CVE-2018-9264\",\n \"CVE-2018-9262\", \"CVE-2018-9261\", \"CVE-2018-9259\", \"CVE-2018-9260\",\n \"CVE-2018-9256\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-17 10:45:27 +0000 (Fri, 17 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-04-05 16:18:35 +0530 (Thu, 05 Apr 2018)\");\n script_name(\"Wireshark Multiple Denial of Service Vulnerabilities Apr18 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark\n and is prone to multiple denial of service vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - Multiple memory leak errors in 'ui/failure_message.c', 'epan/dissectors/packet-h223.c',\n 'epan/dissectors/packet-pcp.c', 'epan/oids.c', 'epan/dissectors/packet-multipart.c',\n 'epan/dissectors/packet-smb2.c', 'epan/dissectors/packet-lapd.c',\n 'epan/dissectors/packet-isup.c', 'epan/dissectors/packet-tn3270.c',\n 'epan/dissectors/packet-kerberos.c', 'epan/dissectors/packet-vlan.c',\n 'epan/dissectors/packet-ieee802154.c', 'epan/dissectors/file-mp4.c' and\n 'epan/dissectors/packet-lwapp.c' scripts.\n\n - Multiple heap-based buffer overflow errors in 'epan/dissectors/packet-nbap.c'\n and 'epan/dissectors/packet-adb.c' scripts.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will make Wireshark\n crash by injecting malformed packets.\");\n\n script_tag(name:\"affected\", value:\"Wireshark version 2.4.0 to 2.4.5, 2.2.0 to 2.2.13 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark version 2.4.6, 2.2.14 or later. Please see the references for more information.\");\n\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/#download\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-15\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-16\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-17\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-18\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-19\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-24\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-23\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-20\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nvers = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version:vers, test_version:\"2.2.0\", test_version2:\"2.2.13\")) {\n fix = \"2.2.14\";\n}\n\nelse if(version_in_range(version:vers, test_version:\"2.4.0\", test_version2:\"2.4.5\")){\n fix = \"2.4.6\";\n}\n\nif(fix)\n{\n report = report_fixed_ver(installed_version:vers, fixed_version:fix, install_path:path);\n security_message(data:report);\n exit(0);\n}\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:32:34", "bulletinFamily": "scanner", "description": "This host is installed with Wireshark\n and is prone to multiple denial of service vulnerabilities.", "modified": "2019-05-17T00:00:00", "published": "2018-04-05T00:00:00", "id": "OPENVAS:1361412562310813067", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813067", "title": "Wireshark Multiple Denial of Service Vulnerabilities Apr18 (Mac OS X)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Wireshark Multiple Denial of Service Vulnerabilities Apr18 (Mac OS X)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:wireshark:wireshark\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813067\");\n script_version(\"2019-05-17T10:45:27+0000\");\n script_cve_id(\"CVE-2018-9274\", \"CVE-2018-9272\", \"CVE-2018-9273\", \"CVE-2018-9270\",\n \"CVE-2018-9271\", \"CVE-2018-9268\", \"CVE-2018-9269\", \"CVE-2018-9267\",\n \"CVE-2018-9265\", \"CVE-2018-9266\", \"CVE-2018-9263\", \"CVE-2018-9264\",\n \"CVE-2018-9262\", \"CVE-2018-9261\", \"CVE-2018-9259\", \"CVE-2018-9260\",\n \"CVE-2018-9256\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-17 10:45:27 +0000 (Fri, 17 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-04-05 16:18:35 +0530 (Thu, 05 Apr 2018)\");\n script_name(\"Wireshark Multiple Denial of Service Vulnerabilities Apr18 (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark\n and is prone to multiple denial of service vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - Multiple memory leak errors in 'ui/failure_message.c', 'epan/dissectors/packet-h223.c',\n 'epan/dissectors/packet-pcp.c', 'epan/oids.c', 'epan/dissectors/packet-multipart.c',\n 'epan/dissectors/packet-smb2.c', 'epan/dissectors/packet-lapd.c',\n 'epan/dissectors/packet-isup.c', 'epan/dissectors/packet-tn3270.c',\n 'epan/dissectors/packet-kerberos.c', 'epan/dissectors/packet-vlan.c',\n 'epan/dissectors/packet-ieee802154.c', 'epan/dissectors/file-mp4.c' and\n 'epan/dissectors/packet-lwapp.c' scripts.\n\n - Multiple heap-based buffer overflow errors in 'epan/dissectors/packet-nbap.c'\n and 'epan/dissectors/packet-adb.c' scripts.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will make Wireshark\n crash by injecting malformed packets.\");\n\n script_tag(name:\"affected\", value:\"Wireshark version 2.4.0 to 2.4.5,\n 2.2.0 to 2.2.13 on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark version 2.4.6, 2.2.14 or later. Please see the references for more information.\");\n\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/#download\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-15\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-16\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-17\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-18\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-19\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-24\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-23\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-20\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_wireshark_detect_macosx.nasl\");\n script_mandatory_keys(\"Wireshark/MacOSX/Version\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nvers = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version:vers, test_version:\"2.2.0\", test_version2:\"2.2.13\")) {\n fix = \"2.2.14\";\n}\n\nelse if(version_in_range(version:vers, test_version:\"2.4.0\", test_version2:\"2.4.5\")){\n fix = \"2.4.6\";\n}\n\nif(fix)\n{\n report = report_fixed_ver(installed_version:vers, fixed_version:fix, install_path:path);\n security_message(data:report);\n exit(0);\n}\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:32:19", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-05-14T00:00:00", "published": "2019-05-07T00:00:00", "id": "OPENVAS:1361412562310875672", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875672", "title": "Fedora Update for wireshark FEDORA-2018-cb410a3812", "type": "openvas", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875672\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-19622\", \"CVE-2018-19623\", \"CVE-2018-19624\", \"CVE-2018-19625\", \"CVE-2018-19626\", \"CVE-2018-19627\", \"CVE-2018-19628\", \"CVE-2018-16056\", \"CVE-2018-16057\", \"CVE-2018-16058\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:15:18 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for wireshark FEDORA-2018-cb410a3812\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2018-cb410a3812\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F3NMZYPRNUMMUL7FJJD2MY3J6NL4YZNB\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the FEDORA-2018-cb410a3812 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Wireshark allows you to examine protocol data stored in files or as it is\ncaptured from wired or wireless (WiFi or Bluetooth) networks, USB devices,\nand many other sources. It supports dozens of protocol capture file formats\nand understands more than a thousand protocols.\n\nIt has many powerful features including a rich display filter language\nand the ability to reassemble multiple protocol packets in order to, for\nexample, view a complete TCP stream, save the contents of a file which was\ntransferred over HTTP or CIFS, or play back an RTP audio stream.\");\n\n script_tag(name:\"affected\", value:\"'wireshark' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~2.6.5~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-29T20:09:11", "bulletinFamily": "scanner", "description": "Several issues that could result in a crash within different dissectors have been fixed. Other issues are related to memory leaks or heap-based buffer overflows.\n\n\nAll issue could be caused by special crafted and malformed packets.", "modified": "2020-01-29T00:00:00", "published": "2018-05-29T00:00:00", "id": "OPENVAS:1361412562310891388", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891388", "title": "Debian LTS: Security Advisory for wireshark (DLA-1388-1)", "type": "openvas", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891388\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2018-11358\", \"CVE-2018-11362\", \"CVE-2018-9258\", \"CVE-2018-9260\", \"CVE-2018-9261\",\n \"CVE-2018-9263\", \"CVE-2018-9268\", \"CVE-2018-9269\", \"CVE-2018-9270\");\n script_name(\"Debian LTS: Security Advisory for wireshark (DLA-1388-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-05-29 00:00:00 +0200 (Tue, 29 May 2018)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2018/05/msg00019.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n\n script_tag(name:\"affected\", value:\"wireshark on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 7 'Wheezy', these problems have been fixed in version\n1.12.1+g01b65bf-4+deb8u6~deb7u11.\n\nWe recommend that you upgrade your wireshark packages.\");\n\n script_tag(name:\"summary\", value:\"Several issues that could result in a crash within different dissectors have been fixed. Other issues are related to memory leaks or heap-based buffer overflows.\n\n\nAll issue could be caused by special crafted and malformed packets.\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\n# nb: libwireshark2, libwiretap2 and libwsutil2 having a lower version 1.8.2-5wheezy18, keep this in mind when overwriting this LSC\nif(!isnull(res = isdpkgvuln(pkg:\"libwireshark-data\", ver:\"1.12.1+g01b65bf-4+deb8u6~deb7u11\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwireshark-dev\", ver:\"1.12.1+g01b65bf-4+deb8u6~deb7u11\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwiretap-dev\", ver:\"1.12.1+g01b65bf-4+deb8u6~deb7u11\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwsutil-dev\", ver:\"1.12.1+g01b65bf-4+deb8u6~deb7u11\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"tshark\", ver:\"1.12.1+g01b65bf-4+deb8u6~deb7u11\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark\", ver:\"1.12.1+g01b65bf-4+deb8u6~deb7u11\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-common\", ver:\"1.12.1+g01b65bf-4+deb8u6~deb7u11\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-dbg\", ver:\"1.12.1+g01b65bf-4+deb8u6~deb7u11\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-dev\", ver:\"1.12.1+g01b65bf-4+deb8u6~deb7u11\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wireshark-doc\", ver:\"1.12.1+g01b65bf-4+deb8u6~deb7u11\", rls:\"DEB7\"))) {\n report += res;\n}\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:34:06", "bulletinFamily": "scanner", "description": "This host is installed with Wireshark\n and is prone to multiple denial-of-service vulnerabilities.", "modified": "2018-10-15T00:00:00", "published": "2017-04-19T00:00:00", "id": "OPENVAS:1361412562310811002", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310811002", "title": "Wireshark Multiple DoS Vulnerabilities-02 Apr17 (Mac OS X)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_wireshark_mult_dos_vuln02_apr17_macosx.nasl 11901 2018-10-15 08:47:18Z mmartin $\n#\n# Wireshark Multiple DoS Vulnerabilities-02 Apr17 (Mac OS X)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:wireshark:wireshark\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.811002\");\n script_version(\"$Revision: 11901 $\");\n script_cve_id(\"CVE-2017-7748\", \"CVE-2017-7746\", \"CVE-2017-7747\", \"CVE-2017-7745\",\n \"CVE-2017-7705\", \"CVE-2017-7702\", \"CVE-2017-7703\", \"CVE-2017-7701\",\n \"CVE-2017-7700\");\n script_bugtraq_id(97628, 97635, 97638, 97627, 97630, 97633, 97636, 97632, 97631);\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-15 10:47:18 +0200 (Mon, 15 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-04-19 15:22:16 +0530 (Wed, 19 Apr 2017)\");\n script_name(\"Wireshark Multiple DoS Vulnerabilities-02 Apr17 (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark\n and is prone to multiple denial-of-service vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Multiple errors in WSP dissector, SLSK dissector, SIGCOMP dissector,\n RPC over RDMA dissector, WBXML dissector, BGP dissector and NetScaler file\n parser which could go into an infinite loop triggered by packet injection or\n a malformed capture file.\n\n - Multiple errors in PacketBB dissector and IMAP dissector triggered by packet\n injection or a malformed capture file.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to cause the application to crash resulting in denial-of-service\n condition.\");\n\n script_tag(name:\"affected\", value:\"Wireshark version 2.2.0 through 2.2.5\n and 2.0.0 through 2.0.11 on Mac OS X\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark version 2.2.6 or\n 2.2.12 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2017-21.html\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2017-19.html\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2017-18.html\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2017-20.html\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2017-15.html\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2017-13.html\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2017-12.html\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2017-16.html\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2017-14.html\");\n\n script_category(ACT_GATHER_INFO);\n script_family(\"Denial of Service\");\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_dependencies(\"gb_wireshark_detect_macosx.nasl\");\n script_mandatory_keys(\"Wireshark/MacOSX/Version\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!wirversion = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(wirversion =~ \"^2\\.\")\n{\n if(version_in_range(version:wirversion, test_version:\"2.2.0\", test_version2:\"2.2.5\"))\n {\n fix = \"2.2.6\";\n VULN = TRUE;\n }\n else if(version_in_range(version:wirversion, test_version:\"2.0.0\", test_version2:\"2.0.11\"))\n {\n fix = \"2.0.12\";\n VULN = TRUE;\n }\n\n if(VULN)\n {\n report = report_fixed_ver(installed_version:wirversion, fixed_version:fix);\n security_message(data:report);\n exit(0);\n }\n}\n\nexit(0);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:34:01", "bulletinFamily": "scanner", "description": "This host is installed with Wireshark\n and is prone to multiple denial-of-service vulnerabilities.", "modified": "2018-10-17T00:00:00", "published": "2017-04-19T00:00:00", "id": "OPENVAS:1361412562310811001", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310811001", "title": "Wireshark Multiple DoS Vulnerabilities-02 Apr17 (Windows)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_wireshark_mult_dos_vuln02_apr17_win.nasl 11936 2018-10-17 09:05:37Z mmartin $\n#\n# Wireshark Multiple DoS Vulnerabilities-02 Apr17 (Windows)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:wireshark:wireshark\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.811001\");\n script_version(\"$Revision: 11936 $\");\n script_cve_id(\"CVE-2017-7748\", \"CVE-2017-7746\", \"CVE-2017-7747\", \"CVE-2017-7745\",\n \"CVE-2017-7705\", \"CVE-2017-7702\", \"CVE-2017-7703\", \"CVE-2017-7701\",\n \"CVE-2017-7700\");\n script_bugtraq_id(97628, 97635, 97638, 97627, 97630, 97633, 97636, 97632, 97631);\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-17 11:05:37 +0200 (Wed, 17 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-04-19 15:07:50 +0530 (Wed, 19 Apr 2017)\");\n script_name(\"Wireshark Multiple DoS Vulnerabilities-02 Apr17 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark\n and is prone to multiple denial-of-service vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Multiple errors in WSP dissector, SLSK dissector, SIGCOMP dissector,\n RPC over RDMA dissector, WBXML dissector, BGP dissector and NetScaler file\n parser which could go into an infinite loop triggered by packet injection or\n a malformed capture file.\n\n - Multiple errors in PacketBB dissector and IMAP dissector triggered by packet\n injection or a malformed capture file.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to cause the application to crash resulting in denial-of-service\n condition.\");\n\n script_tag(name:\"affected\", value:\"Wireshark version 2.2.0 through 2.2.5\n and 2.0.0 through 2.0.11 on Windows\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark version 2.2.6 or\n 2.2.12 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2017-21.html\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2017-19.html\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2017-18.html\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2017-20.html\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2017-15.html\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2017-13.html\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2017-12.html\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2017-16.html\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2017-14.html\");\n\n script_category(ACT_GATHER_INFO);\n script_family(\"Denial of Service\");\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!wirversion = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(wirversion =~ \"^2\\.\")\n{\n if(version_in_range(version:wirversion, test_version:\"2.2.0\", test_version2:\"2.2.5\"))\n {\n fix = \"2.2.6\";\n VULN = TRUE;\n }\n else if(version_in_range(version:wirversion, test_version:\"2.0.0\", test_version2:\"2.0.11\"))\n {\n fix = \"2.0.12\";\n VULN = TRUE;\n }\n\n if(VULN)\n {\n report = report_fixed_ver(installed_version:wirversion, fixed_version:fix);\n security_message(data:report);\n exit(0);\n }\n}\n\nexit(0);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "kaspersky": [{"lastseen": "2019-03-21T00:14:23", "bulletinFamily": "info", "description": "### *Detect date*:\n11/27/2018\n\n### *Severity*:\nWarning\n\n### *Description*:\nMultiple serious vulnerabilities were found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions.\n\n### *Affected products*:\nWireshark 2.6.x earlier than 2.6.5 \nWireshark 2.4.x earlier than 2.4.11\n\n### *Solution*:\nUpdate to the latest version \n[Get Wireshark](<https://www.wireshark.org/#download>)\n\n### *Original advisories*:\n[wnpa-sec-2018-51](<https://www.wireshark.org/security/wnpa-sec-2018-51.html>) \n[wnpa-sec-2018-52](<https://www.wireshark.org/security/wnpa-sec-2018-52.html>) \n[wnpa-sec-2018-53](<https://www.wireshark.org/security/wnpa-sec-2018-53.html>) \n[wnpa-sec-2018-54](<https://www.wireshark.org/security/wnpa-sec-2018-54.html>) \n[wnpa-sec-2018-55](<https://www.wireshark.org/security/wnpa-sec-2018-55.html>) \n[wnpa-sec-2018-56](<https://www.wireshark.org/security/wnpa-sec-2018-56.html>) \n[wnpa-sec-2018-57](<https://www.wireshark.org/security/wnpa-sec-2018-57.html>) \n\n\n### *Impacts*:\nDoS \n\n### *CVE-IDS*:\n[CVE-2018-19625](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19625>)5.3Warning \n[CVE-2018-19626](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19626>)5.3Warning \n[CVE-2018-19623](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19623>)5.9Warning \n[CVE-2018-19622](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19622>)5.3Warning \n[CVE-2018-19627](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19627>)5.3Warning \n[CVE-2018-19624](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19624>)5.3Warning \n[CVE-2018-19628](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19628>)5.3Warning", "modified": "2019-03-07T00:00:00", "published": "2018-11-27T00:00:00", "id": "KLA11377", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11377", "title": "\r KLA11377Multiple vulnerabilities in Wireshark ", "type": "kaspersky", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "freebsd": [{"lastseen": "2019-05-29T18:31:59", "bulletinFamily": "unix", "description": "\nwireshark developers reports:\n\nwnpa-sec-2018-05. IEEE 802.11 dissector crash. (CVE-2018-7335)\nwnpa-sec-2018-06. Large or infinite loops in multiple dissectors. (CVE-2018-7321 through CVE-2018-7333)\nwnpa-sec-2018-07. UMTS MAC dissector crash. (CVE-2018-7334)\nwnpa-sec-2018-08. DOCSIS dissector crash. (CVE-2018-7337)\nwnpa-sec-2018-09. FCP dissector crash. (CVE-2018-7336)\nwnpa-sec-2018-10. SIGCOMP dissector crash. (CVE-2018-7320)\nwnpa-sec-2018-11. Pcapng file parser crash.\nwnpa-sec-2018-12. IPMI dissector crash.\nwnpa-sec-2018-13. SIGCOMP dissector crash.\nwnpa-sec-2018-14. NBAP dissector crash.\n\n", "modified": "2018-02-23T00:00:00", "published": "2018-02-23T00:00:00", "id": "C5AB620F-4576-4AD5-B51F-93E4FEC9CD0E", "href": "https://vuxml.freebsd.org/freebsd/c5ab620f-4576-4ad5-b51f-93e4fec9cd0e.html", "title": "wireshark -- multiple security issues", "type": "freebsd", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}]}
