{"id": "OPENVAS:65787", "type": "openvas", "bulletinFamily": "scanner", "title": "SLES10: Security update for ethereal", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n ethereal\n ethereal-devel\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "published": "2009-10-13T00:00:00", "modified": "2017-07-11T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=65787", "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "references": [], "cvelist": ["CVE-2008-3146", "CVE-2008-3138", "CVE-2008-3145", "CVE-2008-3137", "CVE-2008-3140", "CVE-2008-3141", "CVE-2008-3139"], "lastseen": "2017-07-26T08:56:00", "viewCount": 0, "enchantments": {"score": {"value": 7.0, "vector": "NONE", "modified": "2017-07-26T08:56:00", "rev": 2}, "dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:61395", "OPENVAS:860721", "OPENVAS:61936", "OPENVAS:1361412562310880229", "OPENVAS:65262", "OPENVAS:880181", "OPENVAS:860041", "OPENVAS:136141256231065262", "OPENVAS:136141256231065787", "OPENVAS:1361412562310122552"]}, {"type": "nessus", "idList": ["GENTOO_GLSA-200808-04.NASL", "SUSE9_12225.NASL", "FEDORA_2008-6440.NASL", "FEDORA_2008-6645.NASL", "DEBIAN_DSA-1673.NASL", "REDHAT-RHSA-2008-0890.NASL", "SUSE_ETHEREAL-5520.NASL", "SUSE_11_0_WIRESHARK-080814.NASL", "SUSE_WIRESHARK-5515.NASL", "MANDRIVA_MDVSA-2008-152.NASL"]}, {"type": "gentoo", "idList": ["GLSA-200809-17", "GLSA-200808-04"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:20550", "SECURITYVULNS:VULN:9170", "SECURITYVULNS:VULN:9299", "SECURITYVULNS:DOC:20304", "SECURITYVULNS:VULN:9202", "SECURITYVULNS:DOC:20219"]}, {"type": "cve", "idList": ["CVE-2008-3141", "CVE-2008-3138", "CVE-2008-3139", "CVE-2008-3146", "CVE-2008-3140", "CVE-2008-3137", "CVE-2008-3145"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1673-1:71D41"]}, {"type": "centos", "idList": ["CESA-2008:0890"]}, {"type": "redhat", "idList": ["RHSA-2008:0890"]}, {"type": "oraclelinux", "idList": ["ELSA-2008-0890"]}, {"type": "exploitdb", "idList": ["EDB-ID:32006"]}], "modified": "2017-07-26T08:56:00", "rev": 2}, "vulnersScore": 7.0}, "pluginID": "65787", "sourceData": "#\n#VID slesp2-ethereal-5520\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for ethereal\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n ethereal\n ethereal-devel\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_id(65787);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2008-3137\", \"CVE-2008-3138\", \"CVE-2008-3139\", \"CVE-2008-3140\", \"CVE-2008-3141\", \"CVE-2008-3145\", \"CVE-2008-3146\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES10: Security update for ethereal\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"ethereal\", rpm:\"ethereal~0.10.14~16.26\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ethereal-devel\", rpm:\"ethereal-devel~0.10.14~16.26\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "SuSE Local Security Checks"}

{"openvas": [{"lastseen": "2017-07-26T08:56:19", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3146", "CVE-2008-3138", "CVE-2008-3145", "CVE-2008-3137", "CVE-2008-3140", "CVE-2008-3141", "CVE-2008-3139"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n ethereal\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5033780 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-10T00:00:00", "id": "OPENVAS:65262", "href": "http://plugins.openvas.org/nasl.php?oid=65262", "type": "openvas", "title": "SLES9: Security update for ethereal", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5033780.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for ethereal\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n ethereal\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5033780 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65262);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2008-3137\", \"CVE-2008-3138\", \"CVE-2008-3139\", \"CVE-2008-3140\", \"CVE-2008-3141\", \"CVE-2008-3145\", \"CVE-2008-3146\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for ethereal\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"ethereal\", rpm:\"ethereal~0.10.13~2.34\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:39", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3146", "CVE-2008-3138", "CVE-2008-3145", "CVE-2008-3137", "CVE-2008-3140", "CVE-2008-3141", "CVE-2008-3139"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n ethereal\n ethereal-devel\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-10-13T00:00:00", "id": "OPENVAS:136141256231065787", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065787", "type": "openvas", "title": "SLES10: Security update for ethereal", "sourceData": "#\n#VID slesp2-ethereal-5520\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for ethereal\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n ethereal\n ethereal-devel\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65787\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2008-3137\", \"CVE-2008-3138\", \"CVE-2008-3139\", \"CVE-2008-3140\", \"CVE-2008-3141\", \"CVE-2008-3145\", \"CVE-2008-3146\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES10: Security update for ethereal\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"ethereal\", rpm:\"ethereal~0.10.14~16.26\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ethereal-devel\", rpm:\"ethereal-devel~0.10.14~16.26\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:40:34", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3146", "CVE-2008-3138", "CVE-2008-3145", "CVE-2008-3137", "CVE-2008-3140", "CVE-2008-3141", "CVE-2008-3139"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n ethereal\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5033780 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-10-10T00:00:00", "id": "OPENVAS:136141256231065262", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065262", "type": "openvas", "title": "SLES9: Security update for ethereal", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5033780.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for ethereal\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n ethereal\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5033780 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65262\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2008-3137\", \"CVE-2008-3138\", \"CVE-2008-3139\", \"CVE-2008-3140\", \"CVE-2008-3141\", \"CVE-2008-3145\", \"CVE-2008-3146\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for ethereal\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"ethereal\", rpm:\"ethereal~0.10.13~2.34\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:55", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3138", "CVE-2008-3145", "CVE-2008-3137", "CVE-2008-3140", "CVE-2008-3141", "CVE-2008-3139"], "description": "Check for the Version of wireshark", "modified": "2017-07-10T00:00:00", "published": "2009-02-17T00:00:00", "id": "OPENVAS:860041", "href": "http://plugins.openvas.org/nasl.php?oid=860041", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2008-6645", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wireshark FEDORA-2008-6645\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a network traffic analyzer for Unix-ish operating systems.\n\n This package lays base for libpcap, a packet capture and filtering\n library, contains command-line utilities, contains plugins and\n documentation for wireshark. A graphical user interface is packaged\n separately to GTK+ package.\";\n\ntag_affected = \"wireshark on Fedora 8\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00798.html\");\n script_id(860041);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-17 17:01:32 +0100 (Tue, 17 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2008-6645\");\n script_cve_id(\"CVE-2008-3137\", \"CVE-2008-3145\", \"CVE-2008-3140\", \"CVE-2008-3139\", \"CVE-2008-3138\", \"CVE-2008-3141\");\n script_name( \"Fedora Update for wireshark FEDORA-2008-6645\");\n\n script_summary(\"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.2~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:30", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3138", "CVE-2008-3145", "CVE-2008-3137", "CVE-2008-3140", "CVE-2008-3141", "CVE-2008-3139"], "description": "Check for the Version of wireshark", "modified": "2017-07-10T00:00:00", "published": "2009-02-17T00:00:00", "id": "OPENVAS:860721", "href": "http://plugins.openvas.org/nasl.php?oid=860721", "type": "openvas", "title": "Fedora Update for wireshark FEDORA-2008-6440", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wireshark FEDORA-2008-6440\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a network traffic analyzer for Unix-ish operating systems.\n\n This package lays base for libpcap, a packet capture and filtering\n library, contains command-line utilities, contains plugins and\n documentation for wireshark. A graphical user interface is packaged\n separately to GTK+ package.\";\n\ntag_affected = \"wireshark on Fedora 9\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00544.html\");\n script_id(860721);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-17 17:01:32 +0100 (Tue, 17 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2008-6440\");\n script_cve_id(\"CVE-2008-3140\", \"CVE-2008-3137\", \"CVE-2008-3145\", \"CVE-2008-3138\", \"CVE-2008-3141\", \"CVE-2008-3139\");\n script_name( \"Fedora Update for wireshark FEDORA-2008-6440\");\n\n script_summary(\"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC9\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.2~1.fc9\", rls:\"FC9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:15", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3138", "CVE-2008-3145", "CVE-2008-3137", "CVE-2008-3140", "CVE-2008-3141", "CVE-2008-3139"], "description": "The remote host is missing updates announced in\nadvisory GLSA 200808-04.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "id": "OPENVAS:61395", "href": "http://plugins.openvas.org/nasl.php?oid=61395", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200808-04 (wireshark)", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple Denial of Service vulnerabilities have been discovered in\nWireshark.\";\ntag_solution = \"All Wireshark users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-analyzer/wireshark-1.0.2'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200808-04\nhttp://bugs.gentoo.org/show_bug.cgi?id=230411\nhttp://bugs.gentoo.org/show_bug.cgi?id=231587\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200808-04.\";\n\n \n\nif(description)\n{\n script_id(61395);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2008-3137\", \"CVE-2008-3138\", \"CVE-2008-3139\", \"CVE-2008-3140\", \"CVE-2008-3141\", \"CVE-2008-3145\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200808-04 (wireshark)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"net-analyzer/wireshark\", unaffected: make_list(\"ge 1.0.2\"), vulnerable: make_list(\"lt 1.0.2\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:49:52", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3138", "CVE-2008-3933", "CVE-2008-3145", "CVE-2008-3137", "CVE-2008-3141", "CVE-2008-4683", "CVE-2008-4684", "CVE-2008-4685"], "description": "The remote host is missing an update to wireshark\nannounced via advisory DSA 1673-1.", "modified": "2017-07-07T00:00:00", "published": "2008-12-03T00:00:00", "id": "OPENVAS:61936", "href": "http://plugins.openvas.org/nasl.php?oid=61936", "type": "openvas", "title": "Debian Security Advisory DSA 1673-1 (wireshark)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1673_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1673-1 (wireshark)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several remote vulnerabilities have been discovered network traffic\nanalyzer Wireshark. For details, please visit the referenced security\nadvisories.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 0.99.4-5.etch.3.\n\nFor the upcoming stable distribution (lenny), these problems have been\nfixed in version 1.0.2-3+lenny2.\n\nFor the unstable distribution (sid), these problems will be fixed soon.\n\nWe recommend that you upgrade your wireshark packages.\";\ntag_summary = \"The remote host is missing an update to wireshark\nannounced via advisory DSA 1673-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201673-1\";\n\n\nif(description)\n{\n script_id(61936);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-12-03 18:25:22 +0100 (Wed, 03 Dec 2008)\");\n script_cve_id(\"CVE-2008-3137\", \"CVE-2008-3138\", \"CVE-2008-3141\", \"CVE-2008-3145\", \"CVE-2008-3933\", \"CVE-2008-4683\", \"CVE-2008-4684\", \"CVE-2008-4685\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Debian Security Advisory DSA 1673-1 (wireshark)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"ethereal-common\", ver:\"0.99.4-5.etch.3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tethereal\", ver:\"0.99.4-5.etch.3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-common\", ver:\"0.99.4-5.etch.3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-dev\", ver:\"0.99.4-5.etch.3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ethereal\", ver:\"0.99.4-5.etch.3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark\", ver:\"0.99.4-5.etch.3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ethereal-dev\", ver:\"0.99.4-5.etch.3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"tshark\", ver:\"0.99.4-5.etch.3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:11", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3146", "CVE-2008-3138", "CVE-2008-3934", "CVE-2008-3933", "CVE-2008-1071", "CVE-2008-1561", "CVE-2008-3145", "CVE-2008-3137", "CVE-2008-3141", "CVE-2008-1070", "CVE-2008-3932", "CVE-2008-1562", "CVE-2008-1072", "CVE-2008-1563"], "description": "Check for the Version of wireshark", "modified": "2017-07-10T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:880213", "href": "http://plugins.openvas.org/nasl.php?oid=880213", "type": "openvas", "title": "CentOS Update for wireshark CESA-2008:0890 centos4 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for wireshark CESA-2008:0890 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a program for monitoring network traffic. Wireshark was\n previously known as Ethereal.\n\n Multiple buffer overflow flaws were found in Wireshark. If Wireshark read\n a malformed packet off a network, it could crash or, possibly, execute\n arbitrary code as the user running Wireshark. (CVE-2008-3146)\n \n Several denial of service flaws were found in Wireshark. Wireshark could\n crash or stop responding if it read a malformed packet off a network, or\n opened a malformed dump file. (CVE-2008-1070, CVE-2008-1071, CVE-2008-1072,\n CVE-2008-1561, CVE-2008-1562, CVE-2008-1563, CVE-2008-3137, CVE-2008-3138,\n CVE-2008-3141, CVE-2008-3145, CVE-2008-3932, CVE-2008-3933, CVE-2008-3934)\n \n Additionally, this update changes the default Pluggable Authentication\n Modules (PAM) configuration to always prompt for the root password before\n each start of Wireshark. This avoids unintentionally running Wireshark with\n root privileges.\n \n Users of wireshark should upgrade to these updated packages, which contain\n Wireshark version 1.0.3, and resolve these issues.\";\n\ntag_affected = \"wireshark on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-October/015297.html\");\n script_id(880213);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 09:02:20 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0890\");\n script_cve_id(\"CVE-2008-1070\", \"CVE-2008-1071\", \"CVE-2008-1072\", \"CVE-2008-1561\", \"CVE-2008-1562\", \"CVE-2008-1563\", \"CVE-2008-3137\", \"CVE-2008-3138\", \"CVE-2008-3141\", \"CVE-2008-3145\", \"CVE-2008-3146\", \"CVE-2008-3932\", \"CVE-2008-3933\", \"CVE-2008-3934\");\n script_name( \"CentOS Update for wireshark CESA-2008:0890 centos4 i386\");\n\n script_summary(\"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.3~3.el4_7\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.3~3.el4_7\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:41:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3146", "CVE-2008-3138", "CVE-2008-3934", "CVE-2008-3933", "CVE-2008-1071", "CVE-2008-1561", "CVE-2008-3145", "CVE-2008-3137", "CVE-2008-3141", "CVE-2008-1070", "CVE-2008-3932", "CVE-2008-1562", "CVE-2008-1072", "CVE-2008-1563"], "description": "Check for the Version of wireshark", "modified": "2018-04-06T00:00:00", "published": "2009-03-06T00:00:00", "id": "OPENVAS:1361412562310870001", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870001", "type": "openvas", "title": "RedHat Update for wireshark RHSA-2008:0890-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for wireshark RHSA-2008:0890-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a program for monitoring network traffic. Wireshark was\n previously known as Ethereal.\n\n Multiple buffer overflow flaws were found in Wireshark. If Wireshark read\n a malformed packet off a network, it could crash or, possibly, execute\n arbitrary code as the user running Wireshark. (CVE-2008-3146)\n \n Several denial of service flaws were found in Wireshark. Wireshark could\n crash or stop responding if it read a malformed packet off a network, or\n opened a malformed dump file. (CVE-2008-1070, CVE-2008-1071, CVE-2008-1072,\n CVE-2008-1561, CVE-2008-1562, CVE-2008-1563, CVE-2008-3137, CVE-2008-3138,\n CVE-2008-3141, CVE-2008-3145, CVE-2008-3932, CVE-2008-3933, CVE-2008-3934)\n \n Additionally, this update changes the default Pluggable Authentication\n Modules (PAM) configuration to always prompt for the root password before\n each start of Wireshark. This avoids unintentionally running Wireshark with\n root privileges.\n \n Users of wireshark should upgrade to these updated packages, which contain\n Wireshark version 1.0.3, and resolve these issues.\";\n\ntag_affected = \"wireshark on Red Hat Enterprise Linux AS version 3,\n Red Hat Enterprise Linux ES version 3,\n Red Hat Enterprise Linux WS version 3,\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4,\n Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-October/msg00000.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870001\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0890-01\");\n script_cve_id(\"CVE-2008-1070\", \"CVE-2008-1071\", \"CVE-2008-1072\", \"CVE-2008-1561\", \"CVE-2008-1562\", \"CVE-2008-1563\", \"CVE-2008-3137\", \"CVE-2008-3138\", \"CVE-2008-3141\", \"CVE-2008-3145\", \"CVE-2008-3146\", \"CVE-2008-3932\", \"CVE-2008-3933\", \"CVE-2008-3934\");\n script_name( \"RedHat Update for wireshark RHSA-2008:0890-01\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.3~4.el5_2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~1.0.3~4.el5_2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.3~4.el5_2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.3~3.el4_7\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~1.0.3~3.el4_7\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.3~3.el4_7\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_3\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.3~EL3.3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~1.0.3~EL3.3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.3~EL3.3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:43", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3146", "CVE-2008-3138", "CVE-2008-3934", "CVE-2008-3933", "CVE-2008-1071", "CVE-2008-1561", "CVE-2008-3145", "CVE-2008-3137", "CVE-2008-3141", "CVE-2008-1070", "CVE-2008-3932", "CVE-2008-1562", "CVE-2008-1072", "CVE-2008-1563"], "description": "Check for the Version of wireshark", "modified": "2017-07-10T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:880108", "href": "http://plugins.openvas.org/nasl.php?oid=880108", "type": "openvas", "title": "CentOS Update for wireshark CESA-2008:0890 centos3 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for wireshark CESA-2008:0890 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a program for monitoring network traffic. Wireshark was\n previously known as Ethereal.\n\n Multiple buffer overflow flaws were found in Wireshark. If Wireshark read\n a malformed packet off a network, it could crash or, possibly, execute\n arbitrary code as the user running Wireshark. (CVE-2008-3146)\n \n Several denial of service flaws were found in Wireshark. Wireshark could\n crash or stop responding if it read a malformed packet off a network, or\n opened a malformed dump file. (CVE-2008-1070, CVE-2008-1071, CVE-2008-1072,\n CVE-2008-1561, CVE-2008-1562, CVE-2008-1563, CVE-2008-3137, CVE-2008-3138,\n CVE-2008-3141, CVE-2008-3145, CVE-2008-3932, CVE-2008-3933, CVE-2008-3934)\n \n Additionally, this update changes the default Pluggable Authentication\n Modules (PAM) configuration to always prompt for the root password before\n each start of Wireshark. This avoids unintentionally running Wireshark with\n root privileges.\n \n Users of wireshark should upgrade to these updated packages, which contain\n Wireshark version 1.0.3, and resolve these issues.\";\n\ntag_affected = \"wireshark on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-October/015281.html\");\n script_id(880108);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 09:02:20 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0890\");\n script_cve_id(\"CVE-2008-1070\", \"CVE-2008-1071\", \"CVE-2008-1072\", \"CVE-2008-1561\", \"CVE-2008-1562\", \"CVE-2008-1563\", \"CVE-2008-3137\", \"CVE-2008-3138\", \"CVE-2008-3141\", \"CVE-2008-3145\", \"CVE-2008-3146\", \"CVE-2008-3932\", \"CVE-2008-3933\", \"CVE-2008-3934\");\n script_name( \"CentOS Update for wireshark CESA-2008:0890 centos3 i386\");\n\n script_summary(\"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.3~EL3.3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.3~EL3.3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2021-01-17T14:03:46", "description": "Various vulnerabilities have been fixed in wireshark: CVE-2008-3137,\nCVE-2008-3138, CVE-2008-3139, CVE-2008-3140, CVE-2008-3141,\nCVE-2008-3145 and CVE-2008-3146.", "edition": 24, "published": "2009-07-21T00:00:00", "title": "openSUSE Security Update : wireshark (wireshark-149)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3146", "CVE-2008-3138", "CVE-2008-3145", "CVE-2008-3137", "CVE-2008-3140", "CVE-2008-3141", "CVE-2008-3139"], "modified": "2009-07-21T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:wireshark", "p-cpe:/a:novell:opensuse:wireshark-devel", "cpe:/o:novell:opensuse:11.0"], "id": "SUSE_11_0_WIRESHARK-080814.NASL", "href": "https://www.tenable.com/plugins/nessus/40151", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update wireshark-149.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40151);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-3137\", \"CVE-2008-3138\", \"CVE-2008-3139\", \"CVE-2008-3140\", \"CVE-2008-3141\", \"CVE-2008-3145\", \"CVE-2008-3146\");\n\n script_name(english:\"openSUSE Security Update : wireshark (wireshark-149)\");\n script_summary(english:\"Check for the wireshark-149 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Various vulnerabilities have been fixed in wireshark: CVE-2008-3137,\nCVE-2008-3138, CVE-2008-3139, CVE-2008-3140, CVE-2008-3141,\nCVE-2008-3145 and CVE-2008-3146.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=405266\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20, 119, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"wireshark-1.0.0-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"wireshark-devel-1.0.0-17.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T14:43:33", "description": "Various vulnerabilities have been fixed in wireshark: CVE-2008-3137 /\nCVE-2008-3138 / CVE-2008-3139 / CVE-2008-3140 / CVE-2008-3141 /\nCVE-2008-3145 / CVE-2008-3146.", "edition": 24, "published": "2008-08-26T00:00:00", "title": "SuSE 10 Security Update : ethereal (ZYPP Patch Number 5520)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3146", "CVE-2008-3138", "CVE-2008-3145", "CVE-2008-3137", "CVE-2008-3140", "CVE-2008-3141", "CVE-2008-3139"], "modified": "2008-08-26T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_ETHEREAL-5520.NASL", "href": "https://www.tenable.com/plugins/nessus/34046", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34046);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-3137\", \"CVE-2008-3138\", \"CVE-2008-3139\", \"CVE-2008-3140\", \"CVE-2008-3141\", \"CVE-2008-3145\", \"CVE-2008-3146\");\n\n script_name(english:\"SuSE 10 Security Update : ethereal (ZYPP Patch Number 5520)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Various vulnerabilities have been fixed in wireshark: CVE-2008-3137 /\nCVE-2008-3138 / CVE-2008-3139 / CVE-2008-3140 / CVE-2008-3141 /\nCVE-2008-3145 / CVE-2008-3146.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3137.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3138.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3139.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3140.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3141.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3145.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3146.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 5520.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20, 119, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/08/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"ethereal-0.10.14-16.26\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"ethereal-0.10.14-16.26\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"ethereal-0.10.14-16.26\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"ethereal-devel-0.10.14-16.26\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"ethereal-0.10.14-16.26\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"ethereal-devel-0.10.14-16.26\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T14:47:16", "description": "Various vulnerabilities have been fixed in wireshark: CVE-2008-3137,\nCVE-2008-3138, CVE-2008-3139, CVE-2008-3140, CVE-2008-3141,\nCVE-2008-3145 and CVE-2008-3146.", "edition": 24, "published": "2008-08-26T00:00:00", "title": "openSUSE 10 Security Update : wireshark (wireshark-5515)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3146", "CVE-2008-3138", "CVE-2008-3145", "CVE-2008-3137", "CVE-2008-3140", "CVE-2008-3141", "CVE-2008-3139"], "modified": "2008-08-26T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:wireshark", "cpe:/o:novell:opensuse:10.3", "cpe:/o:novell:opensuse:10.2", "p-cpe:/a:novell:opensuse:wireshark-devel"], "id": "SUSE_WIRESHARK-5515.NASL", "href": "https://www.tenable.com/plugins/nessus/34047", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update wireshark-5515.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34047);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-3137\", \"CVE-2008-3138\", \"CVE-2008-3139\", \"CVE-2008-3140\", \"CVE-2008-3141\", \"CVE-2008-3145\", \"CVE-2008-3146\");\n\n script_name(english:\"openSUSE 10 Security Update : wireshark (wireshark-5515)\");\n script_summary(english:\"Check for the wireshark-5515 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Various vulnerabilities have been fixed in wireshark: CVE-2008-3137,\nCVE-2008-3138, CVE-2008-3139, CVE-2008-3140, CVE-2008-3141,\nCVE-2008-3145 and CVE-2008-3146.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20, 119, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/08/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.2|SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.2 / 10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.2\", reference:\"wireshark-0.99.5-5.12\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"wireshark-devel-0.99.5-5.12\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"wireshark-0.99.6-31.9\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"wireshark-devel-0.99.6-31.9\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T14:02:16", "description": "Various vulnerabilities have been fixed in ethereal: CVE-2008-3137,\nCVE-2008-3138, CVE-2008-3139, CVE-2008-3140, CVE-2008-3141,\nCVE-2008-3145 and CVE-2008-3146.", "edition": 24, "published": "2009-09-24T00:00:00", "title": "SuSE9 Security Update : ethereal (YOU Patch Number 12225)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3146", "CVE-2008-3138", "CVE-2008-3145", "CVE-2008-3137", "CVE-2008-3140", "CVE-2008-3141", "CVE-2008-3139"], "modified": "2009-09-24T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE9_12225.NASL", "href": "https://www.tenable.com/plugins/nessus/41234", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41234);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-3137\", \"CVE-2008-3138\", \"CVE-2008-3139\", \"CVE-2008-3140\", \"CVE-2008-3141\", \"CVE-2008-3145\", \"CVE-2008-3146\");\n\n script_name(english:\"SuSE9 Security Update : ethereal (YOU Patch Number 12225)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 9 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Various vulnerabilities have been fixed in ethereal: CVE-2008-3137,\nCVE-2008-3138, CVE-2008-3139, CVE-2008-3140, CVE-2008-3141,\nCVE-2008-3145 and CVE-2008-3146.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3137.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3138.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3139.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3140.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3141.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3145.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3146.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply YOU patch number 12225.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20, 119, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 9 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SUSE9\", reference:\"ethereal-0.10.13-2.34\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T11:51:55", "description": "A number of vulnerabilities were discovered in Wireshark that could\ncause it to crash while processing malicious packets (CVE-2008-3137,\nCVE-2008-3138, CVE-2008-3139, CVE-2008-3140, CVE-2008-3141,\nCVE-2008-3145).\n\nThis update provides Wireshark 1.0.2, which is not vulnerable to these\nissues.", "edition": 26, "published": "2009-04-23T00:00:00", "title": "Mandriva Linux Security Advisory : wireshark (MDVSA-2008:152)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3138", "CVE-2008-3145", "CVE-2008-3137", "CVE-2008-3140", "CVE-2008-3141", "CVE-2008-3139"], "modified": "2009-04-23T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:libwireshark-devel", "p-cpe:/a:mandriva:linux:dumpcap", "p-cpe:/a:mandriva:linux:libwireshark0", "cpe:/o:mandriva:linux:2007.1", "p-cpe:/a:mandriva:linux:rawshark", "p-cpe:/a:mandriva:linux:lib64wireshark0", "cpe:/o:mandriva:linux:2008.1", "p-cpe:/a:mandriva:linux:tshark", "cpe:/o:mandriva:linux:2008.0", "p-cpe:/a:mandriva:linux:lib64wireshark-devel", "p-cpe:/a:mandriva:linux:wireshark-tools", "p-cpe:/a:mandriva:linux:wireshark"], "id": "MANDRIVA_MDVSA-2008-152.NASL", "href": "https://www.tenable.com/plugins/nessus/36557", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2008:152. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(36557);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-3137\", \"CVE-2008-3138\", \"CVE-2008-3139\", \"CVE-2008-3140\", \"CVE-2008-3141\", \"CVE-2008-3145\");\n script_bugtraq_id(30020);\n script_xref(name:\"MDVSA\", value:\"2008:152\");\n\n script_name(english:\"Mandriva Linux Security Advisory : wireshark (MDVSA-2008:152)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A number of vulnerabilities were discovered in Wireshark that could\ncause it to crash while processing malicious packets (CVE-2008-3137,\nCVE-2008-3138, CVE-2008-3139, CVE-2008-3140, CVE-2008-3141,\nCVE-2008-3145).\n\nThis update provides Wireshark 1.0.2, which is not vulnerable to these\nissues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.wireshark.org/security/wnpa-sec-2008-03.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.wireshark.org/security/wnpa-sec-2008-04.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dumpcap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64wireshark0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libwireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libwireshark0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rawshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:wireshark-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/07/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64wireshark0-1.0.2-0.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libwireshark0-1.0.2-0.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"tshark-1.0.2-0.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"wireshark-1.0.2-0.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"wireshark-tools-1.0.2-0.1mdv2007.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2008.0\", reference:\"dumpcap-1.0.2-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64wireshark-devel-1.0.2-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64wireshark0-1.0.2-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libwireshark-devel-1.0.2-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libwireshark0-1.0.2-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"rawshark-1.0.2-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"tshark-1.0.2-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"wireshark-1.0.2-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"wireshark-tools-1.0.2-0.1mdv2008.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2008.1\", reference:\"dumpcap-1.0.2-0.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64wireshark-devel-1.0.2-0.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64wireshark0-1.0.2-0.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libwireshark-devel-1.0.2-0.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libwireshark0-1.0.2-0.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"rawshark-1.0.2-0.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tshark-1.0.2-0.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"wireshark-1.0.2-0.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"wireshark-tools-1.0.2-0.1mdv2008.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T10:52:24", "description": "The remote host is affected by the vulnerability described in GLSA-200808-04\n(Wireshark: Denial of Service)\n\n Multiple vulnerabilities related to memory management were discovered\n in the GSM SMS dissector (CVE-2008-3137), the PANA and KISMET\n dissectors (CVE-2008-3138), the RTMPT dissector (CVE-2008-3139), the\n syslog dissector (CVE-2008-3140) and the RMI dissector (CVE-2008-3141)\n and when reassembling fragmented packets (CVE-2008-3145).\n \nImpact :\n\n A remote attacker could exploit these vulnerabilities by sending a\n specially crafted packet on a network being monitored by Wireshark or\n enticing a user to read a malformed packet trace file, causing a Denial\n of Service.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 25, "published": "2008-08-07T00:00:00", "title": "GLSA-200808-04 : Wireshark: Denial of Service", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3138", "CVE-2008-3145", "CVE-2008-3137", "CVE-2008-3140", "CVE-2008-3141", "CVE-2008-3139"], "modified": "2008-08-07T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:wireshark"], "id": "GENTOO_GLSA-200808-04.NASL", "href": "https://www.tenable.com/plugins/nessus/33834", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200808-04.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(33834);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-3137\", \"CVE-2008-3138\", \"CVE-2008-3139\", \"CVE-2008-3140\", \"CVE-2008-3141\", \"CVE-2008-3145\");\n script_bugtraq_id(30020);\n script_xref(name:\"GLSA\", value:\"200808-04\");\n\n script_name(english:\"GLSA-200808-04 : Wireshark: Denial of Service\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200808-04\n(Wireshark: Denial of Service)\n\n Multiple vulnerabilities related to memory management were discovered\n in the GSM SMS dissector (CVE-2008-3137), the PANA and KISMET\n dissectors (CVE-2008-3138), the RTMPT dissector (CVE-2008-3139), the\n syslog dissector (CVE-2008-3140) and the RMI dissector (CVE-2008-3141)\n and when reassembling fragmented packets (CVE-2008-3145).\n \nImpact :\n\n A remote attacker could exploit these vulnerabilities by sending a\n specially crafted packet on a network being monitored by Wireshark or\n enticing a user to read a malformed packet trace file, causing a Denial\n of Service.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200808-04\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Wireshark users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-analyzer/wireshark-1.0.2'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/08/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/08/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-analyzer/wireshark\", unaffected:make_list(\"ge 1.0.2\"), vulnerable:make_list(\"lt 1.0.2\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Wireshark\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T10:06:37", "description": "Upgrade to upstream 1.0.2 that fixes several security vulnerabilities:\nhttp://www.wireshark.org/security/wnpa-sec-2008-03.html\nhttp://www.wireshark.org/security/wnpa-sec-2008-04.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "published": "2008-07-23T00:00:00", "title": "Fedora 8 : wireshark-1.0.2-1.fc8 (2008-6645)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3138", "CVE-2008-3145", "CVE-2008-3137", "CVE-2008-3140", "CVE-2008-3141", "CVE-2008-3139"], "modified": "2008-07-23T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:wireshark", "cpe:/o:fedoraproject:fedora:8"], "id": "FEDORA_2008-6645.NASL", "href": "https://www.tenable.com/plugins/nessus/33553", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-6645.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(33553);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-3137\", \"CVE-2008-3138\", \"CVE-2008-3139\", \"CVE-2008-3140\", \"CVE-2008-3141\", \"CVE-2008-3145\");\n script_xref(name:\"FEDORA\", value:\"2008-6645\");\n\n script_name(english:\"Fedora 8 : wireshark-1.0.2-1.fc8 (2008-6645)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Upgrade to upstream 1.0.2 that fixes several security vulnerabilities:\nhttp://www.wireshark.org/security/wnpa-sec-2008-03.html\nhttp://www.wireshark.org/security/wnpa-sec-2008-04.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.wireshark.org/security/wnpa-sec-2008-03.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/security/wnpa-sec-2008-03.html\"\n );\n # http://www.wireshark.org/security/wnpa-sec-2008-04.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/security/wnpa-sec-2008-04.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=454970\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=454971\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=454972\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=454973\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=454975\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=454984\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-July/012678.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fe85f10b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cwe_id(20, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:8\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/07/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/07/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 8.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC8\", reference:\"wireshark-1.0.2-1.fc8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T10:06:37", "description": "Upgrade to upstream 1.0.2 that fixes several security vulnerabilities:\nhttp://www.wireshark.org/security/wnpa-sec-2008-03.html\nhttp://www.wireshark.org/security/wnpa-sec-2008-04.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 26, "published": "2008-07-16T00:00:00", "title": "Fedora 9 : wireshark-1.0.2-1.fc9 (2008-6440)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3138", "CVE-2008-3145", "CVE-2008-3137", "CVE-2008-3140", "CVE-2008-3141", "CVE-2008-3139"], "modified": "2008-07-16T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:wireshark", "cpe:/o:fedoraproject:fedora:9"], "id": "FEDORA_2008-6440.NASL", "href": "https://www.tenable.com/plugins/nessus/33521", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-6440.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(33521);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-3137\", \"CVE-2008-3138\", \"CVE-2008-3139\", \"CVE-2008-3140\", \"CVE-2008-3141\", \"CVE-2008-3145\");\n script_bugtraq_id(30020);\n script_xref(name:\"FEDORA\", value:\"2008-6440\");\n\n script_name(english:\"Fedora 9 : wireshark-1.0.2-1.fc9 (2008-6440)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Upgrade to upstream 1.0.2 that fixes several security vulnerabilities:\nhttp://www.wireshark.org/security/wnpa-sec-2008-03.html\nhttp://www.wireshark.org/security/wnpa-sec-2008-04.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.wireshark.org/security/wnpa-sec-2008-03.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/security/wnpa-sec-2008-03.html\"\n );\n # http://www.wireshark.org/security/wnpa-sec-2008-04.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/security/wnpa-sec-2008-04.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=454970\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=454971\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=454972\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=454973\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=454975\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=454984\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-July/012424.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f73c181a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:9\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/07/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/07/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 9.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC9\", reference:\"wireshark-1.0.2-1.fc9\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-06T09:45:09", "description": "Several remote vulnerabilities have been discovered in network traffic\nanalyzer Wireshark. The Common Vulnerabilities and Exposures project\nidentifies the following problems :\n\n - CVE-2008-3137\n The GSM SMS dissector is vulnerable to denial of\n service.\n\n - CVE-2008-3138\n The PANA and KISMET dissectors are vulnerable to denial\n of service.\n\n - CVE-2008-3141\n The RMI dissector could disclose system memory.\n\n - CVE-2008-3145\n The packet reassembling module is vulnerable to denial\n of service.\n\n - CVE-2008-3933\n The zlib uncompression module is vulnerable to denial of\n service.\n\n - CVE-2008-4683\n The Bluetooth ACL dissector is vulnerable to denial of\n service.\n\n - CVE-2008-4684\n The PRP and MATE dissectors are vulnerable to denial of\n service.\n\n - CVE-2008-4685\n The Q931 dissector is vulnerable to denial of service.", "edition": 27, "published": "2008-12-01T00:00:00", "title": "Debian DSA-1673-1 : wireshark - several vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3138", "CVE-2008-3933", "CVE-2008-3145", "CVE-2008-3137", "CVE-2008-3141", "CVE-2008-4683", "CVE-2008-4684", "CVE-2008-4685"], "modified": "2008-12-01T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:4.0", "p-cpe:/a:debian:debian_linux:wireshark"], "id": "DEBIAN_DSA-1673.NASL", "href": "https://www.tenable.com/plugins/nessus/34974", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1673. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34974);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-3137\", \"CVE-2008-3138\", \"CVE-2008-3141\", \"CVE-2008-3145\", \"CVE-2008-3933\", \"CVE-2008-4683\", \"CVE-2008-4684\", \"CVE-2008-4685\");\n script_bugtraq_id(30020, 30181, 31009, 31838);\n script_xref(name:\"DSA\", value:\"1673\");\n\n script_name(english:\"Debian DSA-1673-1 : wireshark - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several remote vulnerabilities have been discovered in network traffic\nanalyzer Wireshark. The Common Vulnerabilities and Exposures project\nidentifies the following problems :\n\n - CVE-2008-3137\n The GSM SMS dissector is vulnerable to denial of\n service.\n\n - CVE-2008-3138\n The PANA and KISMET dissectors are vulnerable to denial\n of service.\n\n - CVE-2008-3141\n The RMI dissector could disclose system memory.\n\n - CVE-2008-3145\n The packet reassembling module is vulnerable to denial\n of service.\n\n - CVE-2008-3933\n The zlib uncompression module is vulnerable to denial of\n service.\n\n - CVE-2008-4683\n The Bluetooth ACL dissector is vulnerable to denial of\n service.\n\n - CVE-2008-4684\n The PRP and MATE dissectors are vulnerable to denial of\n service.\n\n - CVE-2008-4685\n The Q931 dissector is vulnerable to denial of service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-3137\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-3138\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-3141\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-3145\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-3933\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-4683\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-4684\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-4685\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2008/dsa-1673\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the wireshark packages.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 0.99.4-5.etch.3.\n\nFor the upcoming stable distribution (lenny), these problems have been\nfixed in version 1.0.2-3+lenny2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 200, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/11/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/12/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"ethereal\", reference:\"0.99.4-5.etch.3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"ethereal-common\", reference:\"0.99.4-5.etch.3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"ethereal-dev\", reference:\"0.99.4-5.etch.3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"tethereal\", reference:\"0.99.4-5.etch.3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"tshark\", reference:\"0.99.4-5.etch.3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"wireshark\", reference:\"0.99.4-5.etch.3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"wireshark-common\", reference:\"0.99.4-5.etch.3\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"wireshark-dev\", reference:\"0.99.4-5.etch.3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T13:06:17", "description": "Updated wireshark packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 3, 4, and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nWireshark is a program for monitoring network traffic. Wireshark was\npreviously known as Ethereal.\n\nMultiple buffer overflow flaws were found in Wireshark. If Wireshark\nread a malformed packet off a network, it could crash or, possibly,\nexecute arbitrary code as the user running Wireshark. (CVE-2008-3146)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark\ncould crash or stop responding if it read a malformed packet off a\nnetwork, or opened a malformed dump file. (CVE-2008-1070,\nCVE-2008-1071, CVE-2008-1072, CVE-2008-1561, CVE-2008-1562,\nCVE-2008-1563, CVE-2008-3137, CVE-2008-3138, CVE-2008-3141,\nCVE-2008-3145, CVE-2008-3932, CVE-2008-3933, CVE-2008-3934)\n\nAdditionally, this update changes the default Pluggable Authentication\nModules (PAM) configuration to always prompt for the root password\nbefore each start of Wireshark. This avoids unintentionally running\nWireshark with root privileges.\n\nUsers of wireshark should upgrade to these updated packages, which\ncontain Wireshark version 1.0.3, and resolve these issues.", "edition": 27, "published": "2008-10-02T00:00:00", "title": "RHEL 3 / 4 / 5 : wireshark (RHSA-2008:0890)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3146", "CVE-2008-3138", "CVE-2008-3934", "CVE-2008-3933", "CVE-2008-1071", "CVE-2008-1561", "CVE-2008-3145", "CVE-2008-3137", "CVE-2008-3141", "CVE-2008-1070", "CVE-2008-3932", "CVE-2008-1562", "CVE-2008-1072", "CVE-2008-1563"], "modified": "2008-10-02T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:wireshark", "cpe:/o:redhat:enterprise_linux:5.2", "p-cpe:/a:redhat:enterprise_linux:wireshark-gnome", "cpe:/o:redhat:enterprise_linux:4.7"], "id": "REDHAT-RHSA-2008-0890.NASL", "href": "https://www.tenable.com/plugins/nessus/34328", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0890. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34328);\n script_version(\"1.33\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-1070\", \"CVE-2008-1071\", \"CVE-2008-1072\", \"CVE-2008-1561\", \"CVE-2008-1562\", \"CVE-2008-1563\", \"CVE-2008-3137\", \"CVE-2008-3138\", \"CVE-2008-3141\", \"CVE-2008-3145\", \"CVE-2008-3146\", \"CVE-2008-3932\", \"CVE-2008-3933\", \"CVE-2008-3934\");\n script_bugtraq_id(28025, 28485, 30020, 30181, 31009);\n script_xref(name:\"RHSA\", value:\"2008:0890\");\n\n script_name(english:\"RHEL 3 / 4 / 5 : wireshark (RHSA-2008:0890)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated wireshark packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 3, 4, and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nWireshark is a program for monitoring network traffic. Wireshark was\npreviously known as Ethereal.\n\nMultiple buffer overflow flaws were found in Wireshark. If Wireshark\nread a malformed packet off a network, it could crash or, possibly,\nexecute arbitrary code as the user running Wireshark. (CVE-2008-3146)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark\ncould crash or stop responding if it read a malformed packet off a\nnetwork, or opened a malformed dump file. (CVE-2008-1070,\nCVE-2008-1071, CVE-2008-1072, CVE-2008-1561, CVE-2008-1562,\nCVE-2008-1563, CVE-2008-3137, CVE-2008-3138, CVE-2008-3141,\nCVE-2008-3145, CVE-2008-3932, CVE-2008-3933, CVE-2008-3934)\n\nAdditionally, this update changes the default Pluggable Authentication\nModules (PAM) configuration to always prompt for the root password\nbefore each start of Wireshark. This avoids unintentionally running\nWireshark with root privileges.\n\nUsers of wireshark should upgrade to these updated packages, which\ncontain Wireshark version 1.0.3, and resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1070\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1071\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1072\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1561\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1562\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1563\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3137\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3138\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3141\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3145\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3146\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3932\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3933\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3934\"\n );\n # http://www.wireshark.org/docs/relnotes/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/\"\n );\n # http://www.wireshark.org/security/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/security/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0890\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark and / or wireshark-gnome packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(20, 119, 200, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:wireshark-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/02/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/10/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/10/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x / 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0890\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", reference:\"wireshark-1.0.3-EL3.3\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"wireshark-gnome-1.0.3-EL3.3\")) flag++;\n\n\n if (rpm_check(release:\"RHEL4\", reference:\"wireshark-1.0.3-3.el4_7\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"wireshark-gnome-1.0.3-3.el4_7\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"wireshark-1.0.3-4.el5_2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"wireshark-1.0.3-4.el5_2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"wireshark-1.0.3-4.el5_2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"wireshark-gnome-1.0.3-4.el5_2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"wireshark-gnome-1.0.3-4.el5_2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"wireshark-gnome-1.0.3-4.el5_2\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark / wireshark-gnome\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:44", "bulletinFamily": "unix", "cvelist": ["CVE-2008-3138", "CVE-2008-3145", "CVE-2008-3137", "CVE-2008-3140", "CVE-2008-3141", "CVE-2008-3139"], "edition": 1, "description": "### Background\n\nWireshark is a network protocol analyzer with a graphical front-end. \n\n### Description\n\nMultiple vulnerabilities related to memory management were discovered in the GSM SMS dissector (CVE-2008-3137), the PANA and KISMET dissectors (CVE-2008-3138), the RTMPT dissector (CVE-2008-3139), the syslog dissector (CVE-2008-3140) and the RMI dissector (CVE-2008-3141) and when reassembling fragmented packets (CVE-2008-3145). \n\n### Impact\n\nA remote attacker could exploit these vulnerabilities by sending a specially crafted packet on a network being monitored by Wireshark or enticing a user to read a malformed packet trace file, causing a Denial of Service. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Wireshark users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-analyzer/wireshark-1.0.2\"", "modified": "2008-08-06T00:00:00", "published": "2008-08-06T00:00:00", "id": "GLSA-200808-04", "href": "https://security.gentoo.org/glsa/200808-04", "type": "gentoo", "title": "Wireshark: Denial of Service", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-06T19:46:44", "bulletinFamily": "unix", "cvelist": ["CVE-2008-3146", "CVE-2008-3934", "CVE-2008-3933", "CVE-2008-3932"], "edition": 1, "description": "### Background\n\nWireshark is a network protocol analyzer with a graphical front-end. \n\n### Description\n\nThe following vulnerabilities were reported: \n\n * Multiple buffer overflows in the NCP dissector (CVE-2008-3146). \n * Infinite loop in the NCP dissector (CVE-2008-3932). \n * Invalid read in the tvb_uncompress() function when processing zlib compressed data (CVE-2008-3933). \n * Unspecified error when processing Textronix .rf5 files (CVE-2008-3934).\n\n### Impact\n\nA remote attacker could exploit these vulnerabilities by sending specially crafted packets on a network being monitored by Wireshark or by enticing a user to read a malformed packet trace file, causing a Denial of Service. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Wireshark users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-analyzer/wireshark-1.0.3\"", "modified": "2008-09-25T00:00:00", "published": "2008-09-25T00:00:00", "id": "GLSA-200809-17", "href": "https://security.gentoo.org/glsa/200809-17", "type": "gentoo", "title": "Wireshark: Multiple Denials of Service", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:27", "bulletinFamily": "software", "cvelist": ["CVE-2008-3138", "CVE-2008-3145", "CVE-2008-3137", "CVE-2008-3140", "CVE-2008-3141", "CVE-2008-3139"], "description": "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\nGentoo Linux Security Advisory GLSA 200808-04\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n http://security.gentoo.org/\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n\r\n Severity: Normal\r\n Title: Wireshark: Denial of Service\r\n Date: August 06, 2008\r\n Bugs: #230411, #231587\r\n ID: 200808-04\r\n\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n\r\nSynopsis\r\n========\r\n\r\nMultiple Denial of Service vulnerabilities have been discovered in\r\nWireshark.\r\n\r\nBackground\r\n==========\r\n\r\nWireshark is a network protocol analyzer with a graphical front-end.\r\n\r\nAffected packages\r\n=================\r\n\r\n -------------------------------------------------------------------\r\n Package / Vulnerable / Unaffected\r\n -------------------------------------------------------------------\r\n 1 net-analyzer/wireshark &lt; 1.0.2 &gt;= 1.0.2\r\n\r\nDescription\r\n===========\r\n\r\nMultiple vulnerabilities related to memory management were discovered\r\nin the GSM SMS dissector &#40;CVE-2008-3137&#41;, the PANA and KISMET\r\ndissectors &#40;CVE-2008-3138&#41;, the RTMPT dissector &#40;CVE-2008-3139&#41;, the\r\nsyslog dissector &#40;CVE-2008-3140&#41; and the RMI dissector &#40;CVE-2008-3141&#41;\r\nand when reassembling fragmented packets &#40;CVE-2008-3145&#41;.\r\n\r\nImpact\r\n======\r\n\r\nA remote attacker could exploit these vulnerabilities by sending a\r\nspecially crafted packet on a network being monitored by Wireshark or\r\nenticing a user to read a malformed packet trace file, causing a Denial\r\nof Service.\r\n\r\nWorkaround\r\n==========\r\n\r\nThere is no known workaround at this time.\r\n\r\nResolution\r\n==========\r\n\r\nAll Wireshark users should upgrade to the latest version:\r\n\r\n # emerge --sync\r\n # emerge --ask --oneshot --verbose &quot;&gt;=net-analyzer/wireshark-1.0.2&quot;\r\n\r\nReferences\r\n==========\r\n\r\n [ 1 ] CVE-2008-3137\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3137\r\n [ 2 ] CVE-2008-3138\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3138\r\n [ 3 ] CVE-2008-3139\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3139\r\n [ 4 ] CVE-2008-3140\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3140\r\n [ 5 ] CVE-2008-3141\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3141\r\n [ 6 ] CVE-2008-3145\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3145\r\n\r\nAvailability\r\n============\r\n\r\nThis GLSA and any updates to it are available for viewing at\r\nthe Gentoo Security Website:\r\n\r\n http://security.gentoo.org/glsa/glsa-200808-04.xml\r\n\r\nConcerns?\r\n=========\r\n\r\nSecurity is a primary focus of Gentoo Linux and ensuring the\r\nconfidentiality and security of our users machines is of utmost\r\nimportance to us. Any security concerns should be addressed to\r\nsecurity@gentoo.org or alternatively, you may file a bug at\r\nhttp://bugs.gentoo.org.\r\n\r\nLicense\r\n=======\r\n\r\nCopyright 2008 Gentoo Foundation, Inc; referenced text\r\nbelongs to its owner&#40;s&#41;.\r\n\r\nThe contents of this document are licensed under the\r\nCreative Commons - Attribution / Share Alike license.\r\n\r\nhttp://creativecommons.org/licenses/by-sa/2.5", "edition": 1, "modified": "2008-08-07T00:00:00", "published": "2008-08-07T00:00:00", "id": "SECURITYVULNS:DOC:20304", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:20304", "title": "[ GLSA 200808-04 ] Wireshark: Denial of Service", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:30", "bulletinFamily": "software", "cvelist": ["CVE-2008-3138", "CVE-2008-3137", "CVE-2008-3140", "CVE-2008-3139"], "description": "Multiple vulnerabilities in protocol dissectors, causing application to crash.", "edition": 1, "modified": "2008-08-07T00:00:00", "published": "2008-08-07T00:00:00", "id": "SECURITYVULNS:VULN:9202", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:9202", "title": "Wireshark multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:27", "bulletinFamily": "software", "cvelist": ["CVE-2008-3145"], "description": "\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n \r\n Mandriva Linux Security Advisory MDVSA-2008:152\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n \r\n Package : wireshark\r\n Date : July 22, 2008\r\n Affected: 2007.1, 2008.0, 2008.1, Corporate 4.0\r\n _______________________________________________________________________\r\n \r\n Problem Description:\r\n \r\n A vulnerability was found in Wireshark, that could cause it to crash\r\n while processing malicious packets.\r\n \r\n This update provides Wireshark 1.0.2, which is not vulnerable to that.\r\n _______________________________________________________________________\r\n\r\n References:\r\n \r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3145\r\n http://www.wireshark.org/security/wnpa-sec-2008-04.html\r\n _______________________________________________________________________\r\n \r\n Updated Packages:\r\n \r\n Mandriva Linux 2007.1:\r\n dd208d3bd415b566884410e3efb5a748 2007.1/i586/libwireshark0-1.0.2-0.1mdv2007.1.i586.rpm\r\n 8ac38caee13fca07ff4cf7119491256c 2007.1/i586/tshark-1.0.2-0.1mdv2007.1.i586.rpm\r\n 31815a8faec571b90c786112651853bf 2007.1/i586/wireshark-1.0.2-0.1mdv2007.1.i586.rpm\r\n 6c61296c26edd8e8d62e30c7af36ba02 2007.1/i586/wireshark-tools-1.0.2-0.1mdv2007.1.i586.rpm \r\n 00dca267b96e50a75e7c4b7952ca1e61 2007.1/SRPMS/wireshark-1.0.2-0.1mdv2007.1.src.rpm\r\n\r\n Mandriva Linux 2007.1/X86_64:\r\n 0fa4bbaf37ea0bbec825a292f6ba1f08 2007.1/x86_64/lib64wireshark0-1.0.2-0.1mdv2007.1.x86_64.rpm\r\n ec00436f7fa7246808ff9294d3d30106 2007.1/x86_64/tshark-1.0.2-0.1mdv2007.1.x86_64.rpm\r\n c0f6b3ce6506a9027d713a89fb411aac 2007.1/x86_64/wireshark-1.0.2-0.1mdv2007.1.x86_64.rpm\r\n 83cde7ccbdc2455adb91f5f8449866f6 2007.1/x86_64/wireshark-tools-1.0.2-0.1mdv2007.1.x86_64.rpm \r\n 00dca267b96e50a75e7c4b7952ca1e61 2007.1/SRPMS/wireshark-1.0.2-0.1mdv2007.1.src.rpm\r\n\r\n Mandriva Linux 2008.0:\r\n 7f8c3c3536693c76c35a2433217672f1 2008.0/i586/dumpcap-1.0.2-0.1mdv2008.0.i586.rpm\r\n d786b113715eebfed26d744f234926f9 2008.0/i586/libwireshark0-1.0.2-0.1mdv2008.0.i586.rpm\r\n 20e723680556b90b32753a22debcc8fd 2008.0/i586/libwireshark-devel-1.0.2-0.1mdv2008.0.i586.rpm\r\n 55324e20c3793fefa4fc31466a230859 2008.0/i586/rawshark-1.0.2-0.1mdv2008.0.i586.rpm\r\n 36c42e5a2a8ca9133ef8b23781c2a908 2008.0/i586/tshark-1.0.2-0.1mdv2008.0.i586.rpm\r\n cdc0c62d7936e449564c32fe6a829394 2008.0/i586/wireshark-1.0.2-0.1mdv2008.0.i586.rpm\r\n 856e94f29f01a71cffc9d1fc05cfcabc 2008.0/i586/wireshark-tools-1.0.2-0.1mdv2008.0.i586.rpm \r\n 802f0a708e0dd820b242b9682ef5f482 2008.0/SRPMS/wireshark-1.0.2-0.1mdv2008.0.src.rpm\r\n\r\n Mandriva Linux 2008.0/X86_64:\r\n a473c5eab195923066ba820207cd4dd0 2008.0/x86_64/dumpcap-1.0.2-0.1mdv2008.0.x86_64.rpm\r\n 2345349e97af7c3b07c9effba42e9a5b 2008.0/x86_64/lib64wireshark0-1.0.2-0.1mdv2008.0.x86_64.rpm\r\n ded19cb2dc2e3a435c83ad6010dd1ab6 2008.0/x86_64/lib64wireshark-devel-1.0.2-0.1mdv2008.0.x86_64.rpm\r\n 6ae396fcdc52b87f7c4d359ae596e861 2008.0/x86_64/rawshark-1.0.2-0.1mdv2008.0.x86_64.rpm\r\n b28e8bcf8801836a8d1c35f53e566fc6 2008.0/x86_64/tshark-1.0.2-0.1mdv2008.0.x86_64.rpm\r\n bd219f2c009719d100f5411fd2e1472f 2008.0/x86_64/wireshark-1.0.2-0.1mdv2008.0.x86_64.rpm\r\n 3f552df165c98123991e8aca8290944b 2008.0/x86_64/wireshark-tools-1.0.2-0.1mdv2008.0.x86_64.rpm \r\n 802f0a708e0dd820b242b9682ef5f482 2008.0/SRPMS/wireshark-1.0.2-0.1mdv2008.0.src.rpm\r\n\r\n Mandriva Linux 2008.1:\r\n b4cd63431babb044b459f41edd4df7a9 2008.1/i586/dumpcap-1.0.2-0.1mdv2008.1.i586.rpm\r\n aecdbf2396bd03ff4035ce3d0361c8e0 2008.1/i586/libwireshark0-1.0.2-0.1mdv2008.1.i586.rpm\r\n 21947f15d454e06e183282e943590fc5 2008.1/i586/libwireshark-devel-1.0.2-0.1mdv2008.1.i586.rpm\r\n 04e5404a727ec4ca9bbb15ee577b2a3e 2008.1/i586/rawshark-1.0.2-0.1mdv2008.1.i586.rpm\r\n c4779d4d2118c82a01c0427fcc63edaf 2008.1/i586/tshark-1.0.2-0.1mdv2008.1.i586.rpm\r\n 4cea15f71bb937e02babe751db0bf14e 2008.1/i586/wireshark-1.0.2-0.1mdv2008.1.i586.rpm\r\n dfbb6ffde7247a632f668f505e238b93 2008.1/i586/wireshark-tools-1.0.2-0.1mdv2008.1.i586.rpm \r\n 2053cca12220e79bb9b3c44d05cdc025 2008.1/SRPMS/wireshark-1.0.2-0.1mdv2008.1.src.rpm\r\n\r\n Mandriva Linux 2008.1/X86_64:\r\n 01304dde4b0d58f4b25cf189cd26e6e4 2008.1/x86_64/dumpcap-1.0.2-0.1mdv2008.1.x86_64.rpm\r\n a1ca40167925697676bb747bb073cbe3 2008.1/x86_64/lib64wireshark0-1.0.2-0.1mdv2008.1.x86_64.rpm\r\n 325f5a4bfcbc85e1eb0a2d73f7643b0c 2008.1/x86_64/lib64wireshark-devel-1.0.2-0.1mdv2008.1.x86_64.rpm\r\n 974780f892d6c73b3071708cc8e43f7a 2008.1/x86_64/rawshark-1.0.2-0.1mdv2008.1.x86_64.rpm\r\n 65e8b1137469b6f2c57c6c67c71c3f34 2008.1/x86_64/tshark-1.0.2-0.1mdv2008.1.x86_64.rpm\r\n 9c006ce97cc27a379ad7103fae91d276 2008.1/x86_64/wireshark-1.0.2-0.1mdv2008.1.x86_64.rpm\r\n 5b58551478a166e16a1eefe6b7bf8734 2008.1/x86_64/wireshark-tools-1.0.2-0.1mdv2008.1.x86_64.rpm \r\n 2053cca12220e79bb9b3c44d05cdc025 2008.1/SRPMS/wireshark-1.0.2-0.1mdv2008.1.src.rpm\r\n\r\n Corporate 4.0:\r\n b7c9b207a1f6671c389de029acad1c69 corporate/4.0/i586/dumpcap-1.0.2-0.1.20060mlcs4.i586.rpm\r\n 11a820b27705d4860f809894fb86d085 corporate/4.0/i586/libwireshark0-1.0.2-0.1.20060mlcs4.i586.rpm\r\n 1de9bd371f233413b1bd0c120d43e1c5 corporate/4.0/i586/libwireshark-devel-1.0.2-0.1.20060mlcs4.i586.rpm\r\n 3b1335973cc247f69a944850d8cbc125 corporate/4.0/i586/rawshark-1.0.2-0.1.20060mlcs4.i586.rpm\r\n 563078c222926843c031f130d3d99c2c corporate/4.0/i586/tshark-1.0.2-0.1.20060mlcs4.i586.rpm\r\n cfcbbd5c3e911ac5987364f74ae4f588 corporate/4.0/i586/wireshark-1.0.2-0.1.20060mlcs4.i586.rpm\r\n c139f48f790fd228abd6bb36e5a64208 corporate/4.0/i586/wireshark-tools-1.0.2-0.1.20060mlcs4.i586.rpm \r\n 1be97ba104894a51125ab692206d8611 corporate/4.0/SRPMS/wireshark-1.0.2-0.1.20060mlcs4.src.rpm\r\n\r\n Corporate 4.0/X86_64:\r\n d75d7a3ee8af84b96a84ffcd52dc89b8 corporate/4.0/x86_64/dumpcap-1.0.2-0.1.20060mlcs4.x86_64.rpm\r\n 0bfb4e76da0b755e27eea200d86a14d2 \r\ncorporate/4.0/x86_64/lib64wireshark0-1.0.2-0.1.20060mlcs4.x86_64.rpm\r\n 807c5bab351e4bbf760cabc1ac4e731d \r\ncorporate/4.0/x86_64/lib64wireshark-devel-1.0.2-0.1.20060mlcs4.x86_64.rpm\r\n 01dd72f008237d1a466970b2393a58d6 corporate/4.0/x86_64/rawshark-1.0.2-0.1.20060mlcs4.x86_64.rpm\r\n 03fc5d527317d3bf56d837ac3519c92e corporate/4.0/x86_64/tshark-1.0.2-0.1.20060mlcs4.x86_64.rpm\r\n 85a416415f1e2bb89a9e772de95999ef corporate/4.0/x86_64/wireshark-1.0.2-0.1.20060mlcs4.x86_64.rpm\r\n 05a1763fc92c61ca4e717cafbdd78f39 \r\ncorporate/4.0/x86_64/wireshark-tools-1.0.2-0.1.20060mlcs4.x86_64.rpm \r\n 1be97ba104894a51125ab692206d8611 corporate/4.0/SRPMS/wireshark-1.0.2-0.1.20060mlcs4.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_&#40;at&#41;_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n &lt;security*mandriva.com&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFIhjoamqjQ0CJFipgRAhogAKCPcm4mIZm8MEZEyLJI0hflilgeowCeIHby\r\nlsRqFcGoIZ/xLVh10fNTX2U=\r\n=AYQ7\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2008-07-24T00:00:00", "published": "2008-07-24T00:00:00", "id": "SECURITYVULNS:DOC:20219", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:20219", "title": "[ MDVSA-2008:152 ] - Updated wireshark packages fix denial of service vulnerability", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:30", "bulletinFamily": "software", "cvelist": ["CVE-2008-3145"], "description": "Application crash on network traffic parsing.", "edition": 1, "modified": "2008-07-24T00:00:00", "published": "2008-07-24T00:00:00", "id": "SECURITYVULNS:VULN:9170", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:9170", "title": "Wireshark sniffer DoS", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:27", "bulletinFamily": "software", "cvelist": ["CVE-2008-3146", "CVE-2008-3934", "CVE-2008-3933", "CVE-2008-3932"], "description": "\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2008:199\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : wireshark\r\n Date : September 19, 2008\r\n Affected: 2008.0, 2008.1, Corporate 4.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n A number of vulnerabilities were discovered in Wireshark that could\r\n cause it to crash while processing malicious packets &#40;CVE-2008-3146,\r\n CVE-2008-3932, CVE-2008-3933, CVE-2008-3934&#41;.\r\n \r\n This update provides Wireshark 1.0.3, which is not vulnerable to\r\n these issues.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3146\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3932\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3933\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3934\r\n http://www.wireshark.org/security/wnpa-sec-2008-05.html\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Linux 2008.0:\r\n 052d8ebe59721965be4e1abc3d26aa4f 2008.0/i586/dumpcap-1.0.3-0.1mdv2008.0.i586.rpm\r\n 6e1ff488246d3e61dd86adf22db10157 2008.0/i586/libwireshark0-1.0.3-0.1mdv2008.0.i586.rpm\r\n 4a3380a50b95b4b47280d31051f03733 2008.0/i586/libwireshark-devel-1.0.3-0.1mdv2008.0.i586.rpm\r\n 47e77c47f5433386e134590e902d97fa 2008.0/i586/rawshark-1.0.3-0.1mdv2008.0.i586.rpm\r\n f19bb7a5f07b2e14d13bbb80a063e9c2 2008.0/i586/tshark-1.0.3-0.1mdv2008.0.i586.rpm\r\n 59bd1fe60ddc1aef03c43f1e244d310f 2008.0/i586/wireshark-1.0.3-0.1mdv2008.0.i586.rpm\r\n 7537a0e613adbd9a33f8506eff4b79dc 2008.0/i586/wireshark-tools-1.0.3-0.1mdv2008.0.i586.rpm \r\n 695458967bc7120dc18c0e021c21ef98 2008.0/SRPMS/wireshark-1.0.3-0.1mdv2008.0.src.rpm\r\n\r\n Mandriva Linux 2008.0/X86_64:\r\n 4579cf82a33b706a8332fb9da25bb714 2008.0/x86_64/dumpcap-1.0.3-0.1mdv2008.0.x86_64.rpm\r\n e2dc5b80e269394968a732d340584c50 2008.0/x86_64/lib64wireshark0-1.0.3-0.1mdv2008.0.x86_64.rpm\r\n 179c3d0406afacadeae37dabeb950ca9 2008.0/x86_64/lib64wireshark-devel-1.0.3-0.1mdv2008.0.x86_64.rpm\r\n c6460878e3237026fb2dcc31314a2e86 2008.0/x86_64/rawshark-1.0.3-0.1mdv2008.0.x86_64.rpm\r\n 61060d1d41bee4101c58780ea9acbde3 2008.0/x86_64/tshark-1.0.3-0.1mdv2008.0.x86_64.rpm\r\n afcda73f3b39721f2f9131d83b51518e 2008.0/x86_64/wireshark-1.0.3-0.1mdv2008.0.x86_64.rpm\r\n 593a07cded73079f4c744f4f774ea0da 2008.0/x86_64/wireshark-tools-1.0.3-0.1mdv2008.0.x86_64.rpm \r\n 695458967bc7120dc18c0e021c21ef98 2008.0/SRPMS/wireshark-1.0.3-0.1mdv2008.0.src.rpm\r\n\r\n Mandriva Linux 2008.1:\r\n 325f81f7981ec1b0bb7af6ef00ea77b3 2008.1/i586/dumpcap-1.0.3-0.1mdv2008.1.i586.rpm\r\n b1374e0f57b9ddc67d138489a61514eb 2008.1/i586/libwireshark0-1.0.3-0.1mdv2008.1.i586.rpm\r\n b56d0679bc1889ce274d0331f809b4a4 2008.1/i586/libwireshark-devel-1.0.3-0.1mdv2008.1.i586.rpm\r\n 7cab501287ca8cb9b9e6c4c19c08e890 2008.1/i586/rawshark-1.0.3-0.1mdv2008.1.i586.rpm\r\n 7e40fab1043159337cc1108f7be86f4b 2008.1/i586/tshark-1.0.3-0.1mdv2008.1.i586.rpm\r\n b47879b7e4ed639ec7a2c0b721225b01 2008.1/i586/wireshark-1.0.3-0.1mdv2008.1.i586.rpm\r\n 871afd4c2295bf2f7b743e0adac825fa 2008.1/i586/wireshark-tools-1.0.3-0.1mdv2008.1.i586.rpm \r\n 4959379f906f32983e1d95c38dc01f3c 2008.1/SRPMS/wireshark-1.0.3-0.1mdv2008.1.src.rpm\r\n\r\n Mandriva Linux 2008.1/X86_64:\r\n a903d45a26f4e4c324dbdecb51729f6f 2008.1/x86_64/dumpcap-1.0.3-0.1mdv2008.1.x86_64.rpm\r\n a85194ad83eb2833191cf8924fd68468 2008.1/x86_64/lib64wireshark0-1.0.3-0.1mdv2008.1.x86_64.rpm\r\n 966f0182801ae6e1d84c6736a796afca 2008.1/x86_64/lib64wireshark-devel-1.0.3-0.1mdv2008.1.x86_64.rpm\r\n 2e5035d90d7549a0c11b25be8050081c 2008.1/x86_64/rawshark-1.0.3-0.1mdv2008.1.x86_64.rpm\r\n 1d5e478b7149920d684a4c4e9f7e4b9f 2008.1/x86_64/tshark-1.0.3-0.1mdv2008.1.x86_64.rpm\r\n 0b8adf3d5c2412c282da2c5273a1d502 2008.1/x86_64/wireshark-1.0.3-0.1mdv2008.1.x86_64.rpm\r\n ebd622e02eb614171990b9cd5194ddbb 2008.1/x86_64/wireshark-tools-1.0.3-0.1mdv2008.1.x86_64.rpm \r\n 4959379f906f32983e1d95c38dc01f3c 2008.1/SRPMS/wireshark-1.0.3-0.1mdv2008.1.src.rpm\r\n\r\n Corporate 4.0:\r\n 9aec40405f83f4102135e4af7234dc45 corporate/4.0/i586/dumpcap-1.0.3-0.1.20060mlcs4.i586.rpm\r\n 5846034eaf54cac8aaa5001cd05c8a23 corporate/4.0/i586/libwireshark0-1.0.3-0.1.20060mlcs4.i586.rpm\r\n 61c8775b586e3c3ff0ef26c5453a40de corporate/4.0/i586/libwireshark-devel-1.0.3-0.1.20060mlcs4.i586.rpm\r\n fb5a51694ac720ebb02fdc2006e827cc corporate/4.0/i586/rawshark-1.0.3-0.1.20060mlcs4.i586.rpm\r\n 04d4bcd97fc137d904bade0ff71d6d8a corporate/4.0/i586/tshark-1.0.3-0.1.20060mlcs4.i586.rpm\r\n a817d8255ab4224cbe8b29fb5d9f7d6e corporate/4.0/i586/wireshark-1.0.3-0.1.20060mlcs4.i586.rpm\r\n 74d39fc12f1d82d6b5b944001a99c6e0 corporate/4.0/i586/wireshark-tools-1.0.3-0.1.20060mlcs4.i586.rpm \r\n 6a321e896cb17afea59981b2c20c6f9d corporate/4.0/SRPMS/wireshark-1.0.3-0.1.20060mlcs4.src.rpm\r\n\r\n Corporate 4.0/X86_64:\r\n 327f1445af63d045abd689286a13cfb7 corporate/4.0/x86_64/dumpcap-1.0.3-0.1.20060mlcs4.x86_64.rpm\r\n 5e57899fa206ba15425a643b0f5395ab corporate/4.0/x86_64/lib64wireshark0-1.0.3-0.1.20060mlcs4.x86_64.rpm\r\n ecae0b5846ff684524d0b6fd6f082fca corporate/4.0/x86_64/lib64wireshark-devel-1.0.3-0.1.20060mlcs4.x86_64.rpm\r\n f649de4fd1cb4663d51d1befd688000a corporate/4.0/x86_64/rawshark-1.0.3-0.1.20060mlcs4.x86_64.rpm\r\n b41496a881a1644c6a376c89fd25aa32 corporate/4.0/x86_64/tshark-1.0.3-0.1.20060mlcs4.x86_64.rpm\r\n 219e77ae2a975e781c45344c62e2f4b8 corporate/4.0/x86_64/wireshark-1.0.3-0.1.20060mlcs4.x86_64.rpm\r\n bc7397b7fce20c989668b71afbfa3ad4 corporate/4.0/x86_64/wireshark-tools-1.0.3-0.1.20060mlcs4.x86_64.rpm \r\n 6a321e896cb17afea59981b2c20c6f9d corporate/4.0/SRPMS/wireshark-1.0.3-0.1.20060mlcs4.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_&#40;at&#41;_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n &lt;security*mandriva.com&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFI09/QmqjQ0CJFipgRAozLAKDaaK7z4VDoXNJ345Loi4s8bkSPVQCgnm97\r\nwN51WJRipenpVo9BIHwvAaM=\r\n=2zXb\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2008-09-20T00:00:00", "published": "2008-09-20T00:00:00", "id": "SECURITYVULNS:DOC:20550", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:20550", "title": "[ MDVSA-2008:199 ] wireshark", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:30", "bulletinFamily": "software", "cvelist": ["CVE-2008-3146", "CVE-2008-3934", "CVE-2008-3933", "CVE-2008-3932"], "description": "Multiple DoS conditions on different protocols parsing.", "edition": 1, "modified": "2008-09-20T00:00:00", "published": "2008-09-20T00:00:00", "id": "SECURITYVULNS:VULN:9299", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:9299", "title": "Wireshark / TShark multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "fedora": [{"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2008-3137", "CVE-2008-3138", "CVE-2008-3139", "CVE-2008-3140", "CVE-2008-3141", "CVE-2008-3145"], "description": "Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. ", "modified": "2008-07-23T07:19:43", "published": "2008-07-23T07:19:43", "id": "FEDORA:361B11AD0DC", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 8 Update: wireshark-1.0.2-1.fc8", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2008-3137", "CVE-2008-3138", "CVE-2008-3139", "CVE-2008-3140", "CVE-2008-3141", "CVE-2008-3145"], "description": "Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. ", "modified": "2008-07-15T12:18:41", "published": "2008-07-15T12:18:41", "id": "FEDORA:M6FCIHCU008408", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 9 Update: wireshark-1.0.2-1.fc9", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2008-3146", "CVE-2008-3932", "CVE-2008-3933", "CVE-2008-3934"], "description": "Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. ", "modified": "2008-09-11T17:11:17", "published": "2008-09-11T17:11:17", "id": "FEDORA:076042E0344", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 9 Update: wireshark-1.0.3-1.fc9", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2008-3146", "CVE-2008-3932", "CVE-2008-3933", "CVE-2008-3934"], "description": "Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. ", "modified": "2008-09-11T17:05:28", "published": "2008-09-11T17:05:28", "id": "FEDORA:01C3E2E0262", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 8 Update: wireshark-1.0.3-1.fc8", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "cve": [{"lastseen": "2020-10-03T11:51:00", "description": "Unspecified vulnerability in the RMI dissector in Wireshark (formerly Ethereal) 0.9.5 through 1.0.0 allows remote attackers to read system memory via unspecified vectors.", "edition": 3, "cvss3": {}, "published": "2008-07-10T23:41:00", "title": "CVE-2008-3141", "type": "cve", "cwe": ["NVD-CWE-noinfo", "CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-3141"], "modified": "2018-10-11T20:47:00", "cpe": ["cpe:/a:wireshark:wireshark:0.99.3", "cpe:/a:wireshark:wireshark:1.0.0", "cpe:/a:wireshark:wireshark:0.99.5", "cpe:/a:wireshark:wireshark:0.99.6", "cpe:/a:wireshark:wireshark:0.99.8", "cpe:/a:wireshark:wireshark:0.9.5", "cpe:/a:wireshark:wireshark:0.99.2", "cpe:/a:wireshark:wireshark:1.0", "cpe:/a:wireshark:wireshark:0.99.4", "cpe:/a:wireshark:wireshark:0.99.7"], "id": "CVE-2008-3141", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3141", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:0.99.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.9.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.3:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:51:00", "description": "Multiple buffer overflows in packet_ncp2222.inc in Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted NCP packet that causes an invalid pointer to be used.", "edition": 3, "cvss3": {}, "published": "2008-09-02T14:24:00", "title": "CVE-2008-3146", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-3146"], "modified": "2018-10-11T20:47:00", "cpe": ["cpe:/a:wireshark:wireshark:0.99.3", "cpe:/a:wireshark:wireshark:0.99.6a", "cpe:/a:wireshark:wireshark:1.0.0", "cpe:/a:wireshark:wireshark:0.99.5", "cpe:/a:wireshark:wireshark:1.0.2", "cpe:/a:wireshark:wireshark:0.99", "cpe:/a:wireshark:wireshark:0.9.8", "cpe:/a:wireshark:wireshark:0.99.6", "cpe:/a:wireshark:wireshark:1.0.1", "cpe:/a:wireshark:wireshark:0.99.8", "cpe:/a:wireshark:wireshark:0.99.2", "cpe:/a:wireshark:wireshark:0.99.0", "cpe:/a:wireshark:wireshark:1.0", "cpe:/a:wireshark:wireshark:0.99.4", "cpe:/a:wireshark:wireshark:0.9.7", "cpe:/a:wireshark:wireshark:0.99.1", "cpe:/a:wireshark:wireshark:0.99.7"], "id": "CVE-2008-3146", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3146", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.6a:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.9.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.9.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.3:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:51:00", "description": "The syslog dissector in Wireshark (formerly Ethereal) 1.0.0 allows remote attackers to cause a denial of service (application crash) via unknown vectors, possibly related to an \"incomplete SS7 MSU syslog encapsulated packet.\"", "edition": 3, "cvss3": {}, "published": "2008-07-10T23:41:00", "title": "CVE-2008-3140", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-3140"], "modified": "2018-10-11T20:47:00", "cpe": ["cpe:/a:wireshark:wireshark:1.0.0"], "id": "CVE-2008-3140", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3140", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:1.0.0:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:51:00", "description": "The (1) PANA and (2) KISMET dissectors in Wireshark (formerly Ethereal) 0.99.3 through 1.0.0 allow remote attackers to cause a denial of service (application stop) via unknown vectors.", "edition": 3, "cvss3": {}, "published": "2008-07-10T23:41:00", "title": "CVE-2008-3138", "type": "cve", "cwe": ["NVD-CWE-noinfo", "CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-3138"], "modified": "2018-10-11T20:47:00", "cpe": ["cpe:/a:wireshark:wireshark:0.99.3", "cpe:/a:wireshark:wireshark:1.0.0", "cpe:/a:wireshark:wireshark:0.99.5", "cpe:/a:rpath:rpath_linux:1", "cpe:/a:wireshark:wireshark:0.99.6", "cpe:/a:wireshark:wireshark:0.99.8", "cpe:/a:wireshark:wireshark:0.9.5", "cpe:/a:wireshark:wireshark:0.99.2", "cpe:/a:wireshark:wireshark:1.0", "cpe:/a:wireshark:wireshark:0.99.4", "cpe:/a:wireshark:wireshark:0.99.7"], "id": "CVE-2008-3138", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3138", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:0.99.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.9.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:rpath:rpath_linux:1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.3:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:51:00", "description": "The RTMPT dissector in Wireshark (formerly Ethereal) 0.99.8 through 1.0.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: this might be due to a use-after-free error.", "edition": 3, "cvss3": {}, "published": "2008-07-10T23:41:00", "title": "CVE-2008-3139", "type": "cve", "cwe": ["NVD-CWE-noinfo", "CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-3139"], "modified": "2018-10-11T20:47:00", "cpe": ["cpe:/a:wireshark:wireshark:0.99.3", "cpe:/a:wireshark:wireshark:1.0.0", "cpe:/a:wireshark:wireshark:0.99.5", "cpe:/a:rpath:rpath_linux:1", "cpe:/a:wireshark:wireshark:0.99.6", "cpe:/a:wireshark:wireshark:0.99.8", "cpe:/a:wireshark:wireshark:0.9.5", "cpe:/a:wireshark:wireshark:0.99.2", "cpe:/a:wireshark:wireshark:1.0", "cpe:/a:wireshark:wireshark:0.99.4", "cpe:/a:wireshark:wireshark:0.99.7"], "id": "CVE-2008-3139", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3139", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:0.99.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.9.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:rpath:rpath_linux:1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.3:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:51:00", "description": "The GSM SMS dissector in Wireshark (formerly Ethereal) 0.99.2 through 1.0.0 allows remote attackers to cause a denial of service (application crash) via unknown vectors.", "edition": 3, "cvss3": {}, "published": "2008-07-10T23:41:00", "title": "CVE-2008-3137", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-3137"], "modified": "2018-10-11T20:47:00", "cpe": ["cpe:/a:wireshark:wireshark:0.99.3", "cpe:/a:wireshark:wireshark:1.0.0", "cpe:/a:wireshark:wireshark:0.99.5", "cpe:/a:wireshark:wireshark:0.99.6", "cpe:/a:wireshark:wireshark:0.99.8", "cpe:/a:wireshark:wireshark:0.9.5", "cpe:/a:wireshark:wireshark:0.99.2", "cpe:/a:wireshark:wireshark:1.0", "cpe:/a:wireshark:wireshark:0.99.4", "cpe:/a:wireshark:wireshark:0.99.7"], "id": "CVE-2008-3137", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3137", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:0.99.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.9.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.3:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:51:00", "description": "The fragment_add_work function in epan/reassemble.c in Wireshark 0.8.19 through 1.0.1 allows remote attackers to cause a denial of service (crash) via a series of fragmented packets with non-sequential fragmentation offset values, which lead to a buffer over-read.", "edition": 3, "cvss3": {}, "published": "2008-07-16T18:41:00", "title": "CVE-2008-3145", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-3145"], "modified": "2018-10-11T20:47:00", "cpe": ["cpe:/a:wireshark:wireshark:0.99.3", "cpe:/a:wireshark:wireshark:0.99.6a", "cpe:/a:wireshark:wireshark:1.0.0", "cpe:/a:wireshark:wireshark:0.99.5", "cpe:/a:wireshark:wireshark:0.8.19", "cpe:/a:wireshark:wireshark:0.99.6", "cpe:/a:wireshark:wireshark:1.0.1", "cpe:/a:wireshark:wireshark:0.99.8", "cpe:/a:wireshark:wireshark:0.99.2", "cpe:/a:wireshark:wireshark:0.99.0", "cpe:/a:wireshark:wireshark:1.0", "cpe:/a:wireshark:wireshark:0.99.4", "cpe:/a:wireshark:wireshark:0.99.1", "cpe:/a:wireshark:wireshark:0.99.7"], "id": "CVE-2008-3145", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3145", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.8.19:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.6a:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.3:*:*:*:*:*:*:*"]}], "debian": [{"lastseen": "2020-11-11T13:28:15", "bulletinFamily": "unix", "cvelist": ["CVE-2008-3138", "CVE-2008-3933", "CVE-2008-3145", "CVE-2008-3137", "CVE-2008-3141", "CVE-2008-4683", "CVE-2008-4684", "CVE-2008-4685"], "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1673-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nNovember 29, 2008 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : wireshark\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2008-3137 CVE-2008-3138 CVE-2008-3141 CVE-2008-3145 CVE-2008-3933 CVE-2008-4683 CVE-2008-4684 CVE-2008-4685\n\nSeveral remote vulnerabilities have been discovered network traffic\nanalyzer Wireshark. The Common Vulnerabilities and Exposures project\nidentifies the following problems:\n\nCVE-2008-3137\n\n The GSM SMS dissector is vulnerable to denial of service.\n\nCVE-2008-3138\n\n The PANA and KISMET dissectors are vulnerable to denial of service.\n\nCVE-2008-3141\n\n The RMI dissector could disclose system memory.\n\nCVE-2008-3145\n\n The packet reassembling module is vulnerable to denial of service.\n\nCVE-2008-3933\n\n The zlib uncompression module is vulnerable to denial of service.\n\nCVE-2008-4683\n\n The Bluetooth ACL dissector is vulnerable to denial of service.\n\nCVE-2008-4684\n\n The PRP and MATE dissectors are vulnerable to denial of service.\n\nCVE-2008-4685\n\n The Q931 dissector is vulnerable to denial of service.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 0.99.4-5.etch.3.\n\nFor the upcoming stable distribution (lenny), these problems have been\nfixed in version 1.0.2-3+lenny2.\n\nFor the unstable distribution (sid), these problems will be fixed soon.\n\nWe recommend that you upgrade your wireshark packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nStable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4.orig.tar.gz\n Size/MD5 checksum: 13306790 2556a31d0d770dd1990bd67b98bd2f9b\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.3.dsc\n Size/MD5 checksum: 1066 ece7cc5dd8e70c0b5c13bfbf6e8c6eee\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.3.diff.gz\n Size/MD5 checksum: 48388 2918d72a79fafde4759afe72db727d6f\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.3_alpha.deb\n Size/MD5 checksum: 22872 2ac3fe313364295340483294f1e9fb91\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.3_alpha.deb\n Size/MD5 checksum: 22504 e67991e3aa09ce8bd8a44833fe7e3883\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.3_alpha.deb\n Size/MD5 checksum: 9318436 d88e91f579849725048a4f5d9155871d\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.3_alpha.deb\n Size/MD5 checksum: 181432 bd619bdb6fdc69e10dd31241268fac22\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.3_alpha.deb\n Size/MD5 checksum: 22498 b6e13d7c505bceb09cd278c5f07c7c40\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.3_alpha.deb\n Size/MD5 checksum: 674820 b6a532ff5292b77773e1aa4cfc2fd577\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.3_alpha.deb\n Size/MD5 checksum: 22510 eafc125f4a6f9084880fdd2a557b9814\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.3_alpha.deb\n Size/MD5 checksum: 117502 d829953f80e3402ea53f96b5a60010a4\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.3_amd64.deb\n Size/MD5 checksum: 181784 be30e7ac952ecec26ed7cf9d73cf07ca\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.3_amd64.deb\n Size/MD5 checksum: 619708 b97e43ebf7fb339df7210c0fed2de92b\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.3_amd64.deb\n Size/MD5 checksum: 22502 24d2101cd90f05f7206ed1b222cf2655\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.3_amd64.deb\n Size/MD5 checksum: 9119506 67bc221048a9a1909e0780547e267956\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.3_amd64.deb\n Size/MD5 checksum: 112146 24dad3e9789181bc32c555174ebc6331\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.3_amd64.deb\n Size/MD5 checksum: 22516 fd918d886d3f43e85efc336267f8d3b1\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.3_amd64.deb\n Size/MD5 checksum: 22504 e427825910c10ca825d6263d72f3231d\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.3_amd64.deb\n Size/MD5 checksum: 22862 8b219977905e0ca92c11669b819a4d62\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.3_arm.deb\n Size/MD5 checksum: 7739012 2393f419581304f9d1bc96b2e80a87b9\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.3_arm.deb\n Size/MD5 checksum: 22520 91159635ccf35f1d0fc51d80eb5af43d\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.3_arm.deb\n Size/MD5 checksum: 600564 6c9dc2dfc018156969644378f856521a\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.3_arm.deb\n Size/MD5 checksum: 22870 64f1146af6c9759d7fce864dc5f0d7d3\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.3_arm.deb\n Size/MD5 checksum: 22528 44b24f50cf31c9c8e734fbf5cb32603f\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.3_arm.deb\n Size/MD5 checksum: 22514 073d8b3cf84d186a28f1923b77825651\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.3_arm.deb\n Size/MD5 checksum: 182074 21f420a957afb36f416b743ea928344c\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.3_arm.deb\n Size/MD5 checksum: 107352 a57d347239ea877d9dc7944f025a357f\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.3_hppa.deb\n Size/MD5 checksum: 22872 2ccd34d4f66efe4103e8bd6abefa9522\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.3_hppa.deb\n Size/MD5 checksum: 22512 5969e22027936a31221f293be3ee9a07\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.3_hppa.deb\n Size/MD5 checksum: 22506 c624bb7b41ceb11e497c09c231388f17\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.3_hppa.deb\n Size/MD5 checksum: 9856512 1dc01e880f2cbc9ed221775bada95006\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.3_hppa.deb\n Size/MD5 checksum: 109670 d4eea1ac706ac762a8ed8327438f4642\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.3_hppa.deb\n Size/MD5 checksum: 22504 a738cb866d71bd90d6221655993db604\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.3_hppa.deb\n Size/MD5 checksum: 634968 a399926534b08d75dc0858bebd83c9b5\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.3_hppa.deb\n Size/MD5 checksum: 182054 cef379511143780007c649c3089ea1b2\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.3_i386.deb\n Size/MD5 checksum: 182668 a1c8033946069020bf3c985ac15f3262\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.3_i386.deb\n Size/MD5 checksum: 564704 810e62b84fec47703eb3a123059b576b\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.3_i386.deb\n Size/MD5 checksum: 22492 e0730ad8b28f63b46e57dda4577009f2\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.3_i386.deb\n Size/MD5 checksum: 7502356 84707ff563a36e6dbdcafb47657b4260\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.3_i386.deb\n Size/MD5 checksum: 22860 34cc7a26d0416a35b9cbcd5dce2f875c\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.3_i386.deb\n Size/MD5 checksum: 102308 882325dfde6476fa6fef27435af1c9c7\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.3_i386.deb\n Size/MD5 checksum: 22498 a03f9bc9d8ce5f23bbab2280ab49798b\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.3_i386.deb\n Size/MD5 checksum: 22504 f2b77a28c0675c396652fcdc9c2c3803\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.3_ia64.deb\n Size/MD5 checksum: 22846 3c2f1b3206af0c51ad92aef628d1296c\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.3_ia64.deb\n Size/MD5 checksum: 145732 4f709746e604fd49e8500000c0c8b9fd\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.3_ia64.deb\n Size/MD5 checksum: 22498 00c321e1542af1331ca18b0df70eee08\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.3_ia64.deb\n Size/MD5 checksum: 10652434 5884462db3ab99cd180970b81bab92e1\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.3_ia64.deb\n Size/MD5 checksum: 22484 4591898f96b98e28d183328a0e21dba4\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.3_ia64.deb\n Size/MD5 checksum: 827582 c67bd7ddb1ab16764b7ebebbd5b1bb7c\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.3_ia64.deb\n Size/MD5 checksum: 22498 45334f3ef44ae17bb9c8d4a95f6cf4e6\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.3_ia64.deb\n Size/MD5 checksum: 182626 67cd7391e4c59b412ddc2e76c6fa6791\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.3_mips.deb\n Size/MD5 checksum: 104812 d3f86fe05592a3ac315047246c4dd26e\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.3_mips.deb\n Size/MD5 checksum: 8017676 583e585fb11a943ef5c0288016dffb43\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.3_mips.deb\n Size/MD5 checksum: 588850 2ea0a20be951ff4e8ab6ba6525dea911\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.3_mips.deb\n Size/MD5 checksum: 21856 8ad7420ab94abbaedd0a0283530f9bad\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.3_mips.deb\n Size/MD5 checksum: 22108 74e578c0a220a579e57830fe8031cc8b\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.3_mips.deb\n Size/MD5 checksum: 21844 7821c6a42d28f2c2833cf58b9ca033a5\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.3_mips.deb\n Size/MD5 checksum: 181530 cbdd1d6dd954ee7f1d7050ef3c9eba91\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.3_mips.deb\n Size/MD5 checksum: 21850 42ed2c8bc444299b2f6e4987e79ab666\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.3_mipsel.deb\n Size/MD5 checksum: 104602 79217e35d38b7a65b76c40f4e3cb9be1\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.3_mipsel.deb\n Size/MD5 checksum: 22492 f3005b052212919cdb4fcdb9b4fba65e\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.3_mipsel.deb\n Size/MD5 checksum: 7408744 4228174f1af0bf0b17f4d30de7cf7ea5\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.3_mipsel.deb\n Size/MD5 checksum: 22506 9b8bca5a067957146d32d0b92bb09117\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.3_mipsel.deb\n Size/MD5 checksum: 22506 250f509a57cee02c619151b65e6fd18e\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.3_mipsel.deb\n Size/MD5 checksum: 575840 750acb173d59b7936388b2a0d82dc796\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.3_mipsel.deb\n Size/MD5 checksum: 182672 766ee8b1ff019b03703ee93ebb76717f\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.3_mipsel.deb\n Size/MD5 checksum: 22856 9c5861628a2de7fd905f1924c0474332\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.3_powerpc.deb\n Size/MD5 checksum: 182652 1dfdaa74d72de475b67c3256bf14b637\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.3_powerpc.deb\n Size/MD5 checksum: 22498 4ec636076c7587204842382f6729001d\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.3_powerpc.deb\n Size/MD5 checksum: 22850 cb065d5901a738e96c35dc534407d59e\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.3_powerpc.deb\n Size/MD5 checksum: 22504 2da403f29c784c2da2b65d34a4342517\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.3_powerpc.deb\n Size/MD5 checksum: 104242 fd8bac6c5986e895547a8cd2bd0e047a\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.3_powerpc.deb\n Size/MD5 checksum: 8606102 2f48dcbf4864fff90668b9c9fd0b1f65\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.3_powerpc.deb\n Size/MD5 checksum: 583590 c2d40168eec70056745aacac50a1b6cd\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.3_powerpc.deb\n Size/MD5 checksum: 22490 452169dd566fa6bbf2d2ca1c2d950a37\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.3_s390.deb\n Size/MD5 checksum: 22848 02756b25f5eb8866a1c8281f088aba85\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.3_s390.deb\n Size/MD5 checksum: 22504 11c3d2072753d2f3a100e44c3d3fe33a\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.3_s390.deb\n Size/MD5 checksum: 115600 049e7e0f056196df2500e03c4d32a300\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.3_s390.deb\n Size/MD5 checksum: 9756694 e39b358505fa9cb7c7a8d0d6d898fd79\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.3_s390.deb\n Size/MD5 checksum: 22498 39c467d08525f96ce4900c9a26643477\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.3_s390.deb\n Size/MD5 checksum: 22488 23d2f294343796f2a7d44c3b5d93651e\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.3_s390.deb\n Size/MD5 checksum: 640960 539d3faeb8bebf6f945803a88f48f927\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.3_s390.deb\n Size/MD5 checksum: 182622 e0e7919335705d8062378606615675b7\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.3_sparc.deb\n Size/MD5 checksum: 22520 fcded97d018614d9c009b7381af86c0c\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.3_sparc.deb\n Size/MD5 checksum: 22508 08b5ee4324e7bf9c70e3dc64790c0b3a\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.3_sparc.deb\n Size/MD5 checksum: 104122 5389c35fe323621a57e570eae09efa84\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.3_sparc.deb\n Size/MD5 checksum: 586906 d32db40176c7a72e691d1015c1c399dc\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.3_sparc.deb\n Size/MD5 checksum: 183182 db42ff4d1f6cb72b3fed705d72cd9334\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.3_sparc.deb\n Size/MD5 checksum: 22866 880b204b5182202328541153989cf082\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.3_sparc.deb\n Size/MD5 checksum: 22522 acf3820b48c050b01da592940dee07ad\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.3_sparc.deb\n Size/MD5 checksum: 8679242 716f14e3d3ea4795e742fed07ebe2f44\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show &lt;pkg&gt;&#x27; and http://packages.debian.org/&lt;pkg&gt;\n", "edition": 7, "modified": "2008-11-29T23:07:57", "published": "2008-11-29T23:07:57", "id": "DEBIAN:DSA-1673-1:71D41", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2008/msg00265.html", "title": "[SECURITY] [DSA 1673-1] New wireshark packages fix several vulnerabilities", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "centos": [{"lastseen": "2020-07-17T03:28:19", "bulletinFamily": "unix", "cvelist": ["CVE-2008-3146", "CVE-2008-3138", "CVE-2008-3934", "CVE-2008-3933", "CVE-2008-1071", "CVE-2008-1561", "CVE-2008-3145", "CVE-2008-3137", "CVE-2008-3141", "CVE-2008-1070", "CVE-2008-3932", "CVE-2008-1562", "CVE-2008-1072", "CVE-2008-1563"], "description": "**CentOS Errata and Security Advisory** CESA-2008:0890\n\n\nWireshark is a program for monitoring network traffic. Wireshark was\npreviously known as Ethereal.\n\nMultiple buffer overflow flaws were found in Wireshark. If Wireshark read\na malformed packet off a network, it could crash or, possibly, execute\narbitrary code as the user running Wireshark. (CVE-2008-3146)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark could\ncrash or stop responding if it read a malformed packet off a network, or\nopened a malformed dump file. (CVE-2008-1070, CVE-2008-1071, CVE-2008-1072,\nCVE-2008-1561, CVE-2008-1562, CVE-2008-1563, CVE-2008-3137, CVE-2008-3138,\nCVE-2008-3141, CVE-2008-3145, CVE-2008-3932, CVE-2008-3933, CVE-2008-3934)\n\nAdditionally, this update changes the default Pluggable Authentication\nModules (PAM) configuration to always prompt for the root password before\neach start of Wireshark. This avoids unintentionally running Wireshark with\nroot privileges.\n\nUsers of wireshark should upgrade to these updated packages, which contain\nWireshark version 1.0.3, and resolve these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2008-October/027319.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-October/027320.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-October/027321.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-October/027322.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-October/027323.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-October/027328.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-October/027329.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-October/027332.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-October/027335.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-October/027336.html\n\n**Affected packages:**\nwireshark\nwireshark-gnome\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2008-0890.html", "edition": 6, "modified": "2008-10-04T00:45:23", "published": "2008-10-01T18:17:23", "href": "http://lists.centos.org/pipermail/centos-announce/2008-October/027319.html", "id": "CESA-2008:0890", "title": "wireshark security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:47:14", "bulletinFamily": "unix", "cvelist": ["CVE-2008-1070", "CVE-2008-1071", "CVE-2008-1072", "CVE-2008-1561", "CVE-2008-1562", "CVE-2008-1563", "CVE-2008-3137", "CVE-2008-3138", "CVE-2008-3141", "CVE-2008-3145", "CVE-2008-3146", "CVE-2008-3932", "CVE-2008-3933", "CVE-2008-3934"], "description": "Wireshark is a program for monitoring network traffic. Wireshark was\npreviously known as Ethereal.\n\nMultiple buffer overflow flaws were found in Wireshark. If Wireshark read\na malformed packet off a network, it could crash or, possibly, execute\narbitrary code as the user running Wireshark. (CVE-2008-3146)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark could\ncrash or stop responding if it read a malformed packet off a network, or\nopened a malformed dump file. (CVE-2008-1070, CVE-2008-1071, CVE-2008-1072,\nCVE-2008-1561, CVE-2008-1562, CVE-2008-1563, CVE-2008-3137, CVE-2008-3138,\nCVE-2008-3141, CVE-2008-3145, CVE-2008-3932, CVE-2008-3933, CVE-2008-3934)\n\nAdditionally, this update changes the default Pluggable Authentication\nModules (PAM) configuration to always prompt for the root password before\neach start of Wireshark. This avoids unintentionally running Wireshark with\nroot privileges.\n\nUsers of wireshark should upgrade to these updated packages, which contain\nWireshark version 1.0.3, and resolve these issues.", "modified": "2017-09-08T12:06:02", "published": "2008-10-01T04:00:00", "id": "RHSA-2008:0890", "href": "https://access.redhat.com/errata/RHSA-2008:0890", "type": "redhat", "title": "(RHSA-2008:0890) Moderate: wireshark security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:38:41", "bulletinFamily": "unix", "cvelist": ["CVE-2008-3146", "CVE-2008-3138", "CVE-2008-3934", "CVE-2008-3933", "CVE-2008-1071", "CVE-2008-1561", "CVE-2008-3145", "CVE-2008-3137", "CVE-2008-3141", "CVE-2008-1070", "CVE-2008-3932", "CVE-2008-1562", "CVE-2008-1072", "CVE-2008-1563"], "description": "[1.0.3-4.0.1.el5_2]\n- Add oracle-ocfs2-network.patch\n[1.0.3-4]\n- fix pam session file, wireshark requires root pswd everytime its started\n[1.0.3-3]\n- fix pie flags\n[1.0.3-1]\n- upgrade to 1.0.3\n- fixes several security issues\n- Resolves: #461569", "edition": 4, "modified": "2008-10-01T00:00:00", "published": "2008-10-01T00:00:00", "id": "ELSA-2008-0890", "href": "http://linux.oracle.com/errata/ELSA-2008-0890.html", "title": "wireshark security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "exploitdb": [{"lastseen": "2016-02-03T15:58:17", "description": "Wireshark 1.0.0 syslog Dissector Unspecified DoS. CVE-2008-3140. Dos exploits for multiple platform", "published": "2008-06-30T00:00:00", "type": "exploitdb", "title": "Wireshark 1.0.0 - Multiple DoS", "bulletinFamily": "exploit", "cvelist": ["CVE-2008-3140"], "modified": "2008-06-30T00:00:00", "id": "EDB-ID:32006", "href": "https://www.exploit-db.com/exploits/32006/", "sourceData": "source: http://www.securityfocus.com/bid/30020/info\r\n\r\nWireshark is prone to multiple vulnerabilities, including an information-disclosure issue and denial-of-service issues.\r\n\r\nExploiting these issues may allow attackers to obtain potentially sensitive information, cause crashes, and deny service to legitimate users of the application. Attackers may be able to leverage some of these vulnerabilities to execute arbitrary code, but this has not been confirmed.\r\n\r\nThese issues affect Wireshark 0.9.5 up to and including 1.0.0. \r\n\r\nhttps://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/32006-1.pcap\r\nhttps://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/32006-2.pcap\r\nhttps://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/32006-3.pcap", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/32006/"}]}