{"id": "OPENVAS:803333", "type": "openvas", "bulletinFamily": "scanner", "title": "Wireshark Multiple Dissector Multiple Vulnerabilities - March 13 (Mac OS X)", "description": "This host is installed with Wireshark and is prone to multiple\n vulnerabilities.", "published": "2013-03-11T00:00:00", "modified": "2017-05-15T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=803333", "reporter": "Copyright (C) 2013 Greenbone Networks GmbH", "references": ["http://securitytracker.com/id/1028254", "http://www.wireshark.org/docs/relnotes/wireshark-1.8.6.html", "http://www.securelist.com/en/advisories/52471"], "cvelist": ["CVE-2013-2477", "CVE-2013-2475", "CVE-2013-2476", "CVE-2013-2479", "CVE-2013-2487", "CVE-2013-2486"], "lastseen": "2017-07-02T21:11:12", "viewCount": 0, "enchantments": {"score": {"value": 5.5, "vector": "NONE", "modified": "2017-07-02T21:11:12", "rev": 2}, "dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:1361412562310803331", "OPENVAS:803331", "OPENVAS:1361412562310803333"]}, {"type": "cve", "idList": ["CVE-2013-2479", "CVE-2013-2477", "CVE-2013-2475", "CVE-2013-2476", "CVE-2013-2487", "CVE-2013-2486"]}, {"type": "kitploit", "idList": ["KITPLOIT:9011798985544138654"]}, {"type": "nessus", "idList": ["OPENSUSE-2013-223.NASL", "SOLARIS11_WIRESHARK_20130924.NASL", "WIRESHARK_1_8_7.NASL", "SUSE_11_WIRESHARK-130711.NASL", "SUSE_SU-2013-1276-1.NASL", "SUSE_WIRESHARK-8500.NASL", "OPENSUSE-2013-453.NASL", "SUSE_WIRESHARK-8659.NASL", "SUSE_11_WIRESHARK-130312.NASL", "WIRESHARK_1_8_6.NASL"]}, {"type": "debian", "idList": ["DEBIAN:DLA-497-1:1FD56"]}], "modified": "2017-07-02T21:11:12", "rev": 2}, "vulnersScore": 5.5}, "pluginID": "803333", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_wireshark_mult_vuln_mar13_macosx.nasl 6125 2017-05-15 09:03:42Z teissa $\n#\n# Wireshark Multiple Dissector Multiple Vulnerabilities - March 13 (Mac OS X)\n#\n# Authors:\n# Arun Kallavi <karun@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow remote attackers to cause denial of\n service or to consume excessive CPU resources.\n Impact Level: Application\";\n\ntag_affected = \"Wireshark versions 1.8.x before 1.8.6 on Mac OS X\";\ntag_insight = \"Multiple flaws are due to errors in RELOAD, MPLS Echo, CSN.1, HART/IP and TCP\n dissectors.\";\ntag_solution = \"Upgrade to the Wireshark version 1.8.6 or later,\n For updates refer to http://www.wireshark.org/download\";\ntag_summary = \"This host is installed with Wireshark and is prone to multiple\n vulnerabilities.\";\n\nif(description)\n{\n script_id(803333);\n script_version(\"$Revision: 6125 $\");\n script_cve_id(\"CVE-2013-2486\", \"CVE-2013-2487\", \"CVE-2013-2479\", \"CVE-2013-2477\",\n \"CVE-2013-2476\", \"CVE-2013-2475\");\n script_bugtraq_id(58363,58350,58354,58358,58349,58364);\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-15 11:03:42 +0200 (Mon, 15 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-11 18:29:11 +0530 (Mon, 11 Mar 2013)\");\n script_name(\"Wireshark Multiple Dissector Multiple Vulnerabilities - March 13 (Mac OS X)\");\n script_xref(name : \"URL\" , value : \"http://www.securelist.com/en/advisories/52471\");\n script_xref(name : \"URL\" , value : \"http://securitytracker.com/id/1028254\");\n script_xref(name : \"URL\" , value : \"http://www.wireshark.org/docs/relnotes/wireshark-1.8.6.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_wireshark_detect_macosx.nasl\");\n script_mandatory_keys(\"Wireshark/MacOSX/Version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Variable Initialization\nsharkVer = \"\";\n\n## Get version from KB\nsharkVer = get_kb_item(\"Wireshark/MacOSX/Version\");\n\nif(sharkVer && sharkVer=~ \"^1.8\")\n{\n ## Check for vulnerable Wireshark versions\n if(version_in_range(version:sharkVer, test_version:\"1.8.0\", test_version2:\"1.8.5\")){\n security_message(0);\n exit(0);\n }\n}\n", "naslFamily": "Denial of Service"}

{"openvas": [{"lastseen": "2017-07-02T21:11:06", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2477", "CVE-2013-2475", "CVE-2013-2476", "CVE-2013-2479", "CVE-2013-2487", "CVE-2013-2486"], "description": "This host is installed with Wireshark and is prone to multiple\n vulnerabilities.", "modified": "2017-05-08T00:00:00", "published": "2013-03-11T00:00:00", "id": "OPENVAS:803331", "href": "http://plugins.openvas.org/nasl.php?oid=803331", "type": "openvas", "title": "Wireshark Multiple Dissector Multiple Vulnerabilities - March 13 (Windows)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_wireshark_mult_vuln_mar13_win.nasl 6079 2017-05-08 09:03:33Z teissa $\n#\n# Wireshark Multiple Dissector Multiple Vulnerabilities - March 13 (Windows)\n#\n# Authors:\n# Arun Kallavi <karun@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow remote attackers to cause denial of\n service or to consume excessive CPU resources.\n Impact Level: Application\";\n\ntag_affected = \"Wireshark versions 1.8.x before 1.8.6 on Windows\";\ntag_insight = \"Multiple flaws are due to errors in RELOAD, MPLS Echo, CSN.1, HART/IP and TCP\n dissectors.\";\ntag_solution = \"Upgrade to the Wireshark version 1.8.6 or later,\n For updates refer to http://www.wireshark.org/download\";\ntag_summary = \"This host is installed with Wireshark and is prone to multiple\n vulnerabilities.\";\n\nif(description)\n{\n script_id(803331);\n script_version(\"$Revision: 6079 $\");\n script_cve_id(\"CVE-2013-2486\", \"CVE-2013-2487\", \"CVE-2013-2479\", \"CVE-2013-2477\",\n \"CVE-2013-2476\", \"CVE-2013-2475\");\n script_bugtraq_id(58363,58350,58354,58358,58349,58364);\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-08 11:03:33 +0200 (Mon, 08 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-11 18:15:06 +0530 (Mon, 11 Mar 2013)\");\n script_name(\"Wireshark Multiple Dissector Multiple Vulnerabilities - March 13 (Windows)\");\n script_xref(name : \"URL\" , value : \"http://www.securelist.com/en/advisories/52471\");\n script_xref(name : \"URL\" , value : \"http://securitytracker.com/id/1028254\");\n script_xref(name : \"URL\" , value : \"http://www.wireshark.org/docs/relnotes/wireshark-1.8.6.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\n## Variable Initialization\nsharkVer = \"\";\n\n## Get version from KB\nsharkVer = get_kb_item(\"Wireshark/Win/Ver\");\n\nif(sharkVer && sharkVer=~ \"^1.8\")\n{\n ## Check for vulnerable Wireshark versions\n if(version_in_range(version:sharkVer, test_version:\"1.8.0\", test_version2:\"1.8.5\")){\n security_message(0);\n exit(0);\n }\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:37:48", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2477", "CVE-2013-2475", "CVE-2013-2476", "CVE-2013-2479", "CVE-2013-2487", "CVE-2013-2486"], "description": "This host is installed with Wireshark and is prone to multiple\n vulnerabilities.", "modified": "2019-05-10T00:00:00", "published": "2013-03-11T00:00:00", "id": "OPENVAS:1361412562310803333", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803333", "type": "openvas", "title": "Wireshark Multiple Dissector Multiple Vulnerabilities - March 13 (Mac OS X)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Wireshark Multiple Dissector Multiple Vulnerabilities - March 13 (Mac OS X)\n#\n# Authors:\n# Arun Kallavi <karun@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803333\");\n script_version(\"2019-05-10T14:24:23+0000\");\n script_cve_id(\"CVE-2013-2486\", \"CVE-2013-2487\", \"CVE-2013-2479\", \"CVE-2013-2477\",\n \"CVE-2013-2476\", \"CVE-2013-2475\");\n script_bugtraq_id(58363, 58350, 58354, 58358, 58349, 58364);\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-10 14:24:23 +0000 (Fri, 10 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2013-03-11 18:29:11 +0530 (Mon, 11 Mar 2013)\");\n script_name(\"Wireshark Multiple Dissector Multiple Vulnerabilities - March 13 (Mac OS X)\");\n script_xref(name:\"URL\", value:\"http://www.securelist.com/en/advisories/52471\");\n script_xref(name:\"URL\", value:\"http://securitytracker.com/id/1028254\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/docs/relnotes/wireshark-1.8.6.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_wireshark_detect_macosx.nasl\");\n script_mandatory_keys(\"Wireshark/MacOSX/Version\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to cause denial of\n service or to consume excessive CPU resources.\");\n\n script_tag(name:\"affected\", value:\"Wireshark versions 1.8.x before 1.8.6 on Mac OS X.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to errors in RELOAD, MPLS Echo, CSN.1, HART/IP and TCP\n dissectors.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the Wireshark version 1.8.6 or later.\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark and is prone to multiple\n vulnerabilities.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\nsharkVer = get_kb_item(\"Wireshark/MacOSX/Version\");\n\nif(sharkVer && sharkVer=~ \"^1\\.8\")\n{\n if(version_in_range(version:sharkVer, test_version:\"1.8.0\", test_version2:\"1.8.5\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:38:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2477", "CVE-2013-2475", "CVE-2013-2476", "CVE-2013-2479", "CVE-2013-2487", "CVE-2013-2486"], "description": "This host is installed with Wireshark and is prone to multiple\n vulnerabilities.", "modified": "2019-05-16T00:00:00", "published": "2013-03-11T00:00:00", "id": "OPENVAS:1361412562310803331", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803331", "type": "openvas", "title": "Wireshark Multiple Dissector Multiple Vulnerabilities - March 13 (Windows)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Wireshark Multiple Dissector Multiple Vulnerabilities - March 13 (Windows)\n#\n# Authors:\n# Arun Kallavi <karun@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803331\");\n script_version(\"2019-05-16T08:02:32+0000\");\n script_cve_id(\"CVE-2013-2486\", \"CVE-2013-2487\", \"CVE-2013-2479\", \"CVE-2013-2477\",\n \"CVE-2013-2476\", \"CVE-2013-2475\");\n script_bugtraq_id(58363, 58350, 58354, 58358, 58349, 58364);\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-16 08:02:32 +0000 (Thu, 16 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2013-03-11 18:15:06 +0530 (Mon, 11 Mar 2013)\");\n script_name(\"Wireshark Multiple Dissector Multiple Vulnerabilities - March 13 (Windows)\");\n script_xref(name:\"URL\", value:\"http://www.securelist.com/en/advisories/52471\");\n script_xref(name:\"URL\", value:\"http://securitytracker.com/id/1028254\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/docs/relnotes/wireshark-1.8.6.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to cause a Denial of\n Service or to consume excessive CPU resources.\");\n\n script_tag(name:\"affected\", value:\"Wireshark versions 1.8.x before 1.8.6 on Windows.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to errors in RELOAD, MPLS Echo, CSN.1, HART/IP and TCP\n dissectors.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the Wireshark version 1.8.6 or later.\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark and is prone to multiple\n vulnerabilities.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\nsharkVer = get_kb_item(\"Wireshark/Win/Ver\");\n\nif(sharkVer && sharkVer=~ \"^1\\.8\")\n{\n if(version_in_range(version:sharkVer, test_version:\"1.8.0\", test_version2:\"1.8.5\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "cve": [{"lastseen": "2021-02-02T06:06:52", "description": "epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses incorrect integer data types, which allows remote attackers to cause a denial of service (infinite loop) via crafted integer values in a packet, related to the (1) dissect_icecandidates, (2) dissect_kinddata, (3) dissect_nodeid_list, (4) dissect_storeans, (5) dissect_storereq, (6) dissect_storeddataspecifier, (7) dissect_fetchreq, (8) dissect_findans, (9) dissect_diagnosticinfo, (10) dissect_diagnosticresponse, (11) dissect_reload_messagecontents, and (12) dissect_reload_message functions, a different vulnerability than CVE-2013-2486.", "edition": 4, "cvss3": {}, "published": "2013-03-07T15:55:00", "title": "CVE-2013-2487", "type": "cve", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2487"], "modified": "2018-10-30T16:27:00", "cpe": ["cpe:/o:opensuse:opensuse:12.1", "cpe:/a:wireshark:wireshark:1.8.0", "cpe:/a:wireshark:wireshark:1.8.1", "cpe:/o:opensuse:opensuse:11.4", "cpe:/a:wireshark:wireshark:1.8.4", "cpe:/o:opensuse:opensuse:12.2", "cpe:/a:wireshark:wireshark:1.8.3", "cpe:/a:wireshark:wireshark:1.8.5", "cpe:/o:debian:debian_linux:7.0", "cpe:/a:wireshark:wireshark:1.8.2", "cpe:/o:opensuse:opensuse:12.3"], "id": "CVE-2013-2487", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2487", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.8.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.8.0:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.8.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.8.2:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T06:06:51", "description": "The CSN.1 dissector in Wireshark 1.8.x before 1.8.6 does not properly manage function pointers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.", "edition": 4, "cvss3": {}, "published": "2013-03-07T15:55:00", "title": "CVE-2013-2477", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2477"], "modified": "2018-10-30T16:27:00", "cpe": ["cpe:/a:wireshark:wireshark:1.8.0", "cpe:/a:wireshark:wireshark:1.8.1", "cpe:/o:opensuse:opensuse:11.4", "cpe:/a:wireshark:wireshark:1.8.4", "cpe:/o:opensuse:opensuse:12.2", "cpe:/a:wireshark:wireshark:1.8.3", "cpe:/a:wireshark:wireshark:1.8.5", "cpe:/a:wireshark:wireshark:1.8.2", "cpe:/o:opensuse:opensuse:12.3"], "id": "CVE-2013-2477", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2477", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.8.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.8.0:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.8.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.8.2:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T06:06:51", "description": "The dissect_hartip function in epan/dissectors/packet-hartip.c in the HART/IP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a packet with a header that is too short.", "edition": 4, "cvss3": {}, "published": "2013-03-07T15:55:00", "title": "CVE-2013-2476", "type": "cve", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 6.1, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2476"], "modified": "2018-10-30T16:27:00", "cpe": ["cpe:/o:opensuse:opensuse:12.1", "cpe:/a:wireshark:wireshark:1.8.0", "cpe:/a:wireshark:wireshark:1.8.1", "cpe:/o:opensuse:opensuse:11.4", "cpe:/a:wireshark:wireshark:1.8.4", "cpe:/o:opensuse:opensuse:12.2", "cpe:/a:wireshark:wireshark:1.8.3", "cpe:/a:wireshark:wireshark:1.8.5", "cpe:/a:wireshark:wireshark:1.8.2", "cpe:/o:opensuse:opensuse:12.3"], "id": "CVE-2013-2476", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2476", "cvss": {"score": 6.1, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.8.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.8.0:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.8.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.8.2:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T06:06:51", "description": "The TCP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (application crash) via a malformed packet.", "edition": 4, "cvss3": {}, "published": "2013-03-07T15:55:00", "title": "CVE-2013-2475", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2475"], "modified": "2018-10-30T16:27:00", "cpe": ["cpe:/o:opensuse:opensuse:12.1", "cpe:/a:wireshark:wireshark:1.8.0", "cpe:/a:wireshark:wireshark:1.8.1", "cpe:/o:opensuse:opensuse:11.4", "cpe:/a:wireshark:wireshark:1.8.4", "cpe:/o:opensuse:opensuse:12.2", "cpe:/a:wireshark:wireshark:1.8.3", "cpe:/a:wireshark:wireshark:1.8.5", "cpe:/a:wireshark:wireshark:1.8.2", "cpe:/o:opensuse:opensuse:12.3"], "id": "CVE-2013-2475", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2475", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.8.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.8.0:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.8.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.8.2:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T06:06:52", "description": "The dissect_diagnosticrequest function in epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (infinite loop) via crafted integer values in a packet.", "edition": 4, "cvss3": {}, "published": "2013-03-07T15:55:00", "title": "CVE-2013-2486", "type": "cve", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 6.1, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2486"], "modified": "2018-10-30T16:27:00", "cpe": ["cpe:/o:opensuse:opensuse:12.1", "cpe:/a:wireshark:wireshark:1.8.0", "cpe:/a:wireshark:wireshark:1.8.1", "cpe:/o:opensuse:opensuse:11.4", "cpe:/a:wireshark:wireshark:1.8.4", "cpe:/o:opensuse:opensuse:12.2", "cpe:/a:wireshark:wireshark:1.8.3", "cpe:/a:wireshark:wireshark:1.8.5", "cpe:/o:debian:debian_linux:7.0", "cpe:/a:wireshark:wireshark:1.8.2", "cpe:/o:opensuse:opensuse:12.3"], "id": "CVE-2013-2486", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2486", "cvss": {"score": 6.1, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.8.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.8.0:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.8.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.8.2:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T06:06:51", "description": "The dissect_mpls_echo_tlv_dd_map function in epan/dissectors/packet-mpls-echo.c in the MPLS Echo dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via invalid Sub-tlv data.", "edition": 4, "cvss3": {}, "published": "2013-03-07T15:55:00", "title": "CVE-2013-2479", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2479"], "modified": "2018-10-30T16:27:00", "cpe": ["cpe:/o:opensuse:opensuse:12.1", "cpe:/a:wireshark:wireshark:1.8.0", "cpe:/a:wireshark:wireshark:1.8.1", "cpe:/o:opensuse:opensuse:11.4", "cpe:/a:wireshark:wireshark:1.8.4", "cpe:/o:opensuse:opensuse:12.2", "cpe:/a:wireshark:wireshark:1.8.3", "cpe:/a:wireshark:wireshark:1.8.5", "cpe:/a:wireshark:wireshark:1.8.2", "cpe:/o:opensuse:opensuse:12.3"], "id": "CVE-2013-2479", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2479", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.8.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.8.0:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.8.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.8.2:*:*:*:*:*:*:*"]}], "nessus": [{"lastseen": "2021-01-20T14:41:58", "description": "wireshark has been updated to 1.8.6 which fixes bugs and security\nissues :\n\nVulnerabilities fixed :\n\n - The TCP dissector could crash. wnpa-sec-2013-10.\n (CVE-2013-2475)\n\n - The HART/IP dissectory could go into an infinite loop.\n wnpa-sec-2013-11. (CVE-2013-2476)\n\n - The CSN.1 dissector could crash. wnpa-sec-2013-12.\n (CVE-2013-2477)\n\n - The MS-MMS dissector could crash. wnpa-sec-2013-13.\n (CVE-2013-2478)\n\n - The MPLS Echo dissector could go into an infinite loop.\n wnpa-sec-2013-14. (CVE-2013-2479)\n\n - The RTPS and RTPS2 dissectors could crash.\n wnpa-sec-2013-15. (CVE-2013-2480)\n\n - The Mount dissector could crash. wnpa-sec-2013-16.\n (CVE-2013-2481)\n\n - The AMPQ dissector could go into an infinite loop.\n wnpa-sec-2013-17. (CVE-2013-2482)\n\n - The ACN dissector could attempt to divide by zero.\n wnpa-sec-2013-18. (CVE-2013-2483)\n\n - The CIMD dissector could crash. wnpa-sec-2013-19.\n (CVE-2013-2484)\n\n - The FCSP dissector could go into an infinite loop.\n wnpa-sec-2013-20. (CVE-2013-2485)\n\n - The RELOAD dissector could go into an infinite loop.\n wnpa-sec-2013-21. (CVE-2013-2486 / CVE-2013-2487)\n\n - The DTLS dissector could crash. wnpa-sec-2013-22\n (CVE-2013-2488) More information about further bug fixes\n and updated protocol support are listed here:\n http://www.wireshark.org/docs/relnotes/wireshark-1.8.6.h\n tml", "edition": 17, "published": "2013-04-29T00:00:00", "title": "SuSE 11.2 Security Update : wireshark (SAT Patch Number 7490)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2483", "CVE-2013-2484", "CVE-2013-2477", "CVE-2013-2478", "CVE-2013-2475", "CVE-2013-2476", "CVE-2013-2481", "CVE-2013-2479", "CVE-2013-2488", "CVE-2013-2482", "CVE-2013-2487", "CVE-2013-2486", "CVE-2013-2480", "CVE-2013-2485"], "modified": "2013-04-29T00:00:00", "cpe": ["cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:11:wireshark"], "id": "SUSE_11_WIRESHARK-130312.NASL", "href": "https://www.tenable.com/plugins/nessus/66254", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(66254);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-2475\", \"CVE-2013-2476\", \"CVE-2013-2477\", \"CVE-2013-2478\", \"CVE-2013-2479\", \"CVE-2013-2480\", \"CVE-2013-2481\", \"CVE-2013-2482\", \"CVE-2013-2483\", \"CVE-2013-2484\", \"CVE-2013-2485\", \"CVE-2013-2486\", \"CVE-2013-2487\", \"CVE-2013-2488\");\n\n script_name(english:\"SuSE 11.2 Security Update : wireshark (SAT Patch Number 7490)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"wireshark has been updated to 1.8.6 which fixes bugs and security\nissues :\n\nVulnerabilities fixed :\n\n - The TCP dissector could crash. wnpa-sec-2013-10.\n (CVE-2013-2475)\n\n - The HART/IP dissectory could go into an infinite loop.\n wnpa-sec-2013-11. (CVE-2013-2476)\n\n - The CSN.1 dissector could crash. wnpa-sec-2013-12.\n (CVE-2013-2477)\n\n - The MS-MMS dissector could crash. wnpa-sec-2013-13.\n (CVE-2013-2478)\n\n - The MPLS Echo dissector could go into an infinite loop.\n wnpa-sec-2013-14. (CVE-2013-2479)\n\n - The RTPS and RTPS2 dissectors could crash.\n wnpa-sec-2013-15. (CVE-2013-2480)\n\n - The Mount dissector could crash. wnpa-sec-2013-16.\n (CVE-2013-2481)\n\n - The AMPQ dissector could go into an infinite loop.\n wnpa-sec-2013-17. (CVE-2013-2482)\n\n - The ACN dissector could attempt to divide by zero.\n wnpa-sec-2013-18. (CVE-2013-2483)\n\n - The CIMD dissector could crash. wnpa-sec-2013-19.\n (CVE-2013-2484)\n\n - The FCSP dissector could go into an infinite loop.\n wnpa-sec-2013-20. (CVE-2013-2485)\n\n - The RELOAD dissector could go into an infinite loop.\n wnpa-sec-2013-21. (CVE-2013-2486 / CVE-2013-2487)\n\n - The DTLS dissector could crash. wnpa-sec-2013-22\n (CVE-2013-2488) More information about further bug fixes\n and updated protocol support are listed here:\n http://www.wireshark.org/docs/relnotes/wireshark-1.8.6.h\n tml\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=807942\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2475.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2476.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2477.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2478.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2479.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2480.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2481.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2482.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2483.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2484.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2485.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2486.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2487.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2488.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 7490.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 2) audit(AUDIT_OS_NOT, \"SuSE 11.2\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"wireshark-1.8.6-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"wireshark-1.8.6-0.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"wireshark-1.8.6-0.2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-20T12:26:24", "description": "wireshark was updated to 1.8.6 [bnc#807942]\n\n + vulnerabilities fixed :\n\n - The TCP dissector could crash. wnpa-sec-2013-10\n CVE-2013-2475\n\n - The HART/IP dissectory could go into an infinite loop.\n wnpa-sec-2013-11 CVE-2013-2476\n\n - The CSN.1 dissector could crash. wnpa-sec-2013-12\n CVE-2013-2477\n\n - The MS-MMS dissector could crash. wnpa-sec-2013-13\n CVE-2013-2478\n\n - The MPLS Echo dissector could go into an infinite loop.\n wnpa-sec-2013-14 CVE-2013-2479\n\n - The RTPS and RTPS2 dissectors could crash.\n wnpa-sec-2013-15 CVE-2013-2480\n\n - The Mount dissector could crash. wnpa-sec-2013-16\n CVE-2013-2481\n\n - The AMPQ dissector could go into an infinite loop.\n wnpa-sec-2013-17 CVE-2013-2482\n\n - The ACN dissector could attempt to divide by zero.\n wnpa-sec-2013-18 CVE-2013-2483\n\n - The CIMD dissector could crash. wnpa-sec-2013-19\n CVE-2013-2484\n\n - The FCSP dissector could go into an infinite loop.\n wnpa-sec-2013-20 CVE-2013-2485\n\n - The RELOAD dissector could go into an infinite loop.\n wnpa-sec-2013-21 CVE-2013-2486 CVE-2013-2487\n\n - The DTLS dissector could crash. wnpa-sec-2013-22\n CVE-2013-2488 \n\n + Further bug fixes and updated protocol support as listed\n in:\n http://www.wireshark.org/docs/relnotes/wireshark-1.8.6.h\n tml", "edition": 19, "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : wireshark (openSUSE-SU-2013:0494-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2483", "CVE-2013-2484", "CVE-2013-2477", "CVE-2013-2478", "CVE-2013-2475", "CVE-2013-2476", "CVE-2013-2481", "CVE-2013-2479", "CVE-2013-2488", "CVE-2013-2482", "CVE-2013-2487", "CVE-2013-2486", "CVE-2013-2480", "CVE-2013-2485"], "modified": "2014-06-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:wireshark", "cpe:/o:novell:opensuse:12.3", "p-cpe:/a:novell:opensuse:wireshark-devel", "cpe:/o:novell:opensuse:12.1", "p-cpe:/a:novell:opensuse:wireshark-debugsource", "p-cpe:/a:novell:opensuse:wireshark-debuginfo", "cpe:/o:novell:opensuse:12.2"], "id": "OPENSUSE-2013-223.NASL", "href": "https://www.tenable.com/plugins/nessus/74930", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-223.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74930);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-2475\", \"CVE-2013-2476\", \"CVE-2013-2477\", \"CVE-2013-2478\", \"CVE-2013-2479\", \"CVE-2013-2480\", \"CVE-2013-2481\", \"CVE-2013-2482\", \"CVE-2013-2483\", \"CVE-2013-2484\", \"CVE-2013-2485\", \"CVE-2013-2486\", \"CVE-2013-2487\", \"CVE-2013-2488\");\n\n script_name(english:\"openSUSE Security Update : wireshark (openSUSE-SU-2013:0494-1)\");\n script_summary(english:\"Check for the openSUSE-2013-223 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"wireshark was updated to 1.8.6 [bnc#807942]\n\n + vulnerabilities fixed :\n\n - The TCP dissector could crash. wnpa-sec-2013-10\n CVE-2013-2475\n\n - The HART/IP dissectory could go into an infinite loop.\n wnpa-sec-2013-11 CVE-2013-2476\n\n - The CSN.1 dissector could crash. wnpa-sec-2013-12\n CVE-2013-2477\n\n - The MS-MMS dissector could crash. wnpa-sec-2013-13\n CVE-2013-2478\n\n - The MPLS Echo dissector could go into an infinite loop.\n wnpa-sec-2013-14 CVE-2013-2479\n\n - The RTPS and RTPS2 dissectors could crash.\n wnpa-sec-2013-15 CVE-2013-2480\n\n - The Mount dissector could crash. wnpa-sec-2013-16\n CVE-2013-2481\n\n - The AMPQ dissector could go into an infinite loop.\n wnpa-sec-2013-17 CVE-2013-2482\n\n - The ACN dissector could attempt to divide by zero.\n wnpa-sec-2013-18 CVE-2013-2483\n\n - The CIMD dissector could crash. wnpa-sec-2013-19\n CVE-2013-2484\n\n - The FCSP dissector could go into an infinite loop.\n wnpa-sec-2013-20 CVE-2013-2485\n\n - The RELOAD dissector could go into an infinite loop.\n wnpa-sec-2013-21 CVE-2013-2486 CVE-2013-2487\n\n - The DTLS dissector could crash. wnpa-sec-2013-22\n CVE-2013-2488 \n\n + Further bug fixes and updated protocol support as listed\n in:\n http://www.wireshark.org/docs/relnotes/wireshark-1.8.6.h\n tml\"\n );\n # http://www.wireshark.org/docs/relnotes/wireshark-1.8.6.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.8.6.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=807942\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-03/msg00065.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.1|SUSE12\\.2|SUSE12\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.1 / 12.2 / 12.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.1\", reference:\"wireshark-1.8.6-3.41.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"wireshark-debuginfo-1.8.6-3.41.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"wireshark-debugsource-1.8.6-3.41.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"wireshark-devel-1.8.6-3.41.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"wireshark-1.8.6-1.23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"wireshark-debuginfo-1.8.6-1.23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"wireshark-debugsource-1.8.6-1.23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"wireshark-devel-1.8.6-1.23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"wireshark-1.8.6-1.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"wireshark-debuginfo-1.8.6-1.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"wireshark-debugsource-1.8.6-1.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"wireshark-devel-1.8.6-1.4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-03-01T07:50:10", "description": "The installed version of Wireshark 1.8 is earlier than 1.8.6. It is,\ntherefore, affected by the following vulnerabilities :\n\n - Errors exist in the CSN.1, CIMD, DTLS, Mount, MS-MMS,\n RTPS, RTPS2, and TCP dissectors that could allow them \n to crash. (Bugs 8274, 8332, 8335, 8346, 8380, 8382)\n\n - Errors exist in the AMPQ, FCSP, HART/IP, MPLS Echo,\n and RELOAD dissectors that could lead to an infinite\n loop, resulting in a denial of service. (Bugs 8039, \n 8337, 8359, 8360, 8364)\n\n - The ACN dissector can attempt a divide by zero\n operation that could lead to an application crash.\n (Bug 8340)", "edition": 26, "published": "2013-03-13T00:00:00", "title": "Wireshark 1.8.x < 1.8.6 Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2483", "CVE-2013-2484", "CVE-2013-2477", "CVE-2013-2478", "CVE-2013-2475", "CVE-2013-2476", "CVE-2013-2481", "CVE-2013-2479", "CVE-2013-2488", "CVE-2013-2482", "CVE-2013-2487", "CVE-2013-2486", "CVE-2013-2480", "CVE-2013-2485"], "modified": "2021-03-02T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "WIRESHARK_1_8_6.NASL", "href": "https://www.tenable.com/plugins/nessus/65254", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(65254);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/11/15 20:50:29\");\n\n script_cve_id(\n \"CVE-2013-2475\",\n \"CVE-2013-2476\",\n \"CVE-2013-2477\",\n \"CVE-2013-2478\",\n \"CVE-2013-2479\",\n \"CVE-2013-2480\",\n \"CVE-2013-2481\",\n \"CVE-2013-2482\",\n \"CVE-2013-2483\",\n \"CVE-2013-2484\",\n \"CVE-2013-2485\",\n \"CVE-2013-2486\",\n \"CVE-2013-2487\",\n \"CVE-2013-2488\"\n );\n script_bugtraq_id(\n 58340,\n 58349,\n 58350,\n 58351,\n 58353,\n 58354,\n 58355,\n 58356,\n 58357,\n 58358,\n 58362,\n 58363,\n 58364,\n 58365\n );\n\n script_name(english:\"Wireshark 1.8.x < 1.8.6 Multiple Vulnerabilities\");\n script_summary(english:\"Does a version check\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains an application that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The installed version of Wireshark 1.8 is earlier than 1.8.6. It is,\ntherefore, affected by the following vulnerabilities :\n\n - Errors exist in the CSN.1, CIMD, DTLS, Mount, MS-MMS,\n RTPS, RTPS2, and TCP dissectors that could allow them \n to crash. (Bugs 8274, 8332, 8335, 8346, 8380, 8382)\n\n - Errors exist in the AMPQ, FCSP, HART/IP, MPLS Echo,\n and RELOAD dissectors that could lead to an infinite\n loop, resulting in a denial of service. (Bugs 8039, \n 8337, 8359, 8360, 8364)\n\n - The ACN dissector can attempt a divide by zero\n operation that could lead to an application crash.\n (Bug 8340)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-10.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-11.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-12.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-13.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-14.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-15.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-16.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-17.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-18.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-19.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-21.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-22.html\");\n\n script_set_attribute(attribute:\"see_also\", value:\"http://www.wireshark.org/docs/relnotes/wireshark-1.8.6.html\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Wireshark version 1.8.6 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/03/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"wireshark_installed.nasl\");\n script_require_keys(\"SMB/Wireshark/Installed\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n# Check each install.\ninstalls = get_kb_list_or_exit(\"SMB/Wireshark/*\");\n\ninfo = '';\ninfo2 = '';\n\nforeach install(keys(installs))\n{\n if (\"/Installed\" >< install) continue;\n\n version = install - \"SMB/Wireshark/\";\n\n if (version =~ \"^1\\.8\\.[0-5]($|[^0-9])\")\n info +=\n '\\n Path : ' + installs[install] +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 1.8.6\\n';\n else\n info2 += 'Version ' + version + ', under ' + installs[install] + ' ';\n}\n\n# Remove trailing space on info2\nif (strlen(info2) > 1)\n info2 = substr(info2, 0, strlen(info2) -2);\n\n# Report if any were found to be vulnerable\nif (info)\n{\n port = get_kb_item(\"SMB/transport\");\n if (!port) port = 445;\n\n if (report_verbosity > 0)\n {\n if (max_index(split(info)) > 4) s = \"s of Wireshark are\";\n else s = \" of Wireshark is\";\n\n report =\n '\\n' + 'The following vulnerable instance' + s + ' installed :' +\n '\\n' + \n info;\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nif (info2) exit(0, \"The following installed instance(s) of Wireshark are not affected : \" + info2 + \".\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-20T12:26:39", "description": "This update of wireshark includes several security and bug fixes.\n[bnc#820566]\n\n + vulnerabilities fixed :\n\n - The RELOAD dissector could go into an infinite loop.\n wnpa-sec-2013-23 CVE-2013-2486 CVE-2013-2487\n\n - The GTPv2 dissector could crash. wnpa-sec-2013-24\n\n - The ASN.1 BER dissector could crash. wnpa-sec-2013-25\n\n - The PPP CCP dissector could crash. wnpa-sec-2013-26\n\n - The DCP ETSI dissector could crash. wnpa-sec-2013-27\n\n - The MPEG DSM-CC dissector could crash. wnpa-sec-2013-28\n\n - The Websocket dissector could crash. wnpa-sec-2013-29\n\n - The MySQL dissector could go into an infinite loop.\n wnpa-sec-2013-30\n\n - The ETCH dissector could go into a large loop.\n wnpa-sec-2013-31\n\n + Further bug fixes and updated protocol support as listed\n in:\n https://www.wireshark.org/docs/relnotes/wireshark-1.8.7.\n html", "edition": 19, "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : wireshark (openSUSE-SU-2013:0947-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2487", "CVE-2013-2486"], "modified": "2014-06-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:wireshark", "cpe:/o:novell:opensuse:12.3", "p-cpe:/a:novell:opensuse:wireshark-devel", "cpe:/o:novell:opensuse:12.1", "p-cpe:/a:novell:opensuse:wireshark-debugsource", "p-cpe:/a:novell:opensuse:wireshark-debuginfo", "cpe:/o:novell:opensuse:12.2"], "id": "OPENSUSE-2013-453.NASL", "href": "https://www.tenable.com/plugins/nessus/75017", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-453.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75017);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-2486\", \"CVE-2013-2487\");\n\n script_name(english:\"openSUSE Security Update : wireshark (openSUSE-SU-2013:0947-1)\");\n script_summary(english:\"Check for the openSUSE-2013-453 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of wireshark includes several security and bug fixes.\n[bnc#820566]\n\n + vulnerabilities fixed :\n\n - The RELOAD dissector could go into an infinite loop.\n wnpa-sec-2013-23 CVE-2013-2486 CVE-2013-2487\n\n - The GTPv2 dissector could crash. wnpa-sec-2013-24\n\n - The ASN.1 BER dissector could crash. wnpa-sec-2013-25\n\n - The PPP CCP dissector could crash. wnpa-sec-2013-26\n\n - The DCP ETSI dissector could crash. wnpa-sec-2013-27\n\n - The MPEG DSM-CC dissector could crash. wnpa-sec-2013-28\n\n - The Websocket dissector could crash. wnpa-sec-2013-29\n\n - The MySQL dissector could go into an infinite loop.\n wnpa-sec-2013-30\n\n - The ETCH dissector could go into a large loop.\n wnpa-sec-2013-31\n\n + Further bug fixes and updated protocol support as listed\n in:\n https://www.wireshark.org/docs/relnotes/wireshark-1.8.7.\n html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=820566\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-05/msg00040.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-06/msg00083.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.8.7.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.1|SUSE12\\.2|SUSE12\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.1 / 12.2 / 12.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.1\", reference:\"wireshark-1.8.7-3.45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"wireshark-debuginfo-1.8.7-3.45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"wireshark-debugsource-1.8.7-3.45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"wireshark-devel-1.8.7-3.45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"wireshark-1.8.7-1.27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"wireshark-debuginfo-1.8.7-1.27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"wireshark-debugsource-1.8.7-1.27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"wireshark-devel-1.8.7-1.27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"wireshark-1.8.7-1.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"wireshark-debuginfo-1.8.7-1.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"wireshark-debugsource-1.8.7-1.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"wireshark-devel-1.8.7-1.8.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark / wireshark-debuginfo / wireshark-debugsource / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-20T15:18:09", "description": "wireshark has been updated to 1.6.14 to fix bugs and security issues :\n\nVulnerabilities fixed :\n\n - The sFlow dissector could go into an infinite loop.\n wnpa-sec-2012-32 CVE-2012-6054: * The SCTP dissector\n could go into an infinite loop. wnpa-sec-2012-33\n CVE-2012-6056: * The MS-MMS dissector could crash.\n wnpa-sec-2013-13 CVE-2013-2478\n\n - The RTPS and RTPS2 dissectors could crash.\n wnpa-sec-2013-15 CVE-2013-2480: * The Mount dissector\n could crash. wnpa-sec-2013-16 CVE-2013-2481\n\n - The AMPQ dissector could go into an infinite loop.\n wnpa-sec-2013-17 CVE-2013-2482: * The ACN dissector\n could attempt to divide by zero. wnpa-sec-2013-18\n CVE-2013-2483: * The CIMD dissector could crash.\n wnpa-sec-2013-19 CVE-2013-2484\n\n - The FCSP dissector could go into an infinite loop.\n wnpa-sec-2013-20 CVE-2013-2485: * The DTLS dissector\n could crash. wnpa-sec-2013-22 CVE-2013-2488\n\nFurther bug fixes and updated protocol support are listed in :\n\nhttp://www.wireshark.org/docs/relnotes/wireshark-1.6.14.html", "edition": 17, "published": "2013-04-29T00:00:00", "title": "SuSE 10 Security Update : wireshark (ZYPP Patch Number 8500)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2483", "CVE-2013-2484", "CVE-2012-6054", "CVE-2013-2477", "CVE-2013-2478", "CVE-2013-2475", "CVE-2013-2476", "CVE-2013-2481", "CVE-2013-2479", "CVE-2013-2488", "CVE-2012-6056", "CVE-2013-2482", "CVE-2013-2487", "CVE-2013-2486", "CVE-2013-2480", "CVE-2013-2485"], "modified": "2013-04-29T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_WIRESHARK-8500.NASL", "href": "https://www.tenable.com/plugins/nessus/66255", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(66255);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-6054\", \"CVE-2012-6056\", \"CVE-2013-2475\", \"CVE-2013-2476\", \"CVE-2013-2477\", \"CVE-2013-2478\", \"CVE-2013-2479\", \"CVE-2013-2480\", \"CVE-2013-2481\", \"CVE-2013-2482\", \"CVE-2013-2483\", \"CVE-2013-2484\", \"CVE-2013-2485\", \"CVE-2013-2486\", \"CVE-2013-2487\", \"CVE-2013-2488\");\n\n script_name(english:\"SuSE 10 Security Update : wireshark (ZYPP Patch Number 8500)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"wireshark has been updated to 1.6.14 to fix bugs and security issues :\n\nVulnerabilities fixed :\n\n - The sFlow dissector could go into an infinite loop.\n wnpa-sec-2012-32 CVE-2012-6054: * The SCTP dissector\n could go into an infinite loop. wnpa-sec-2012-33\n CVE-2012-6056: * The MS-MMS dissector could crash.\n wnpa-sec-2013-13 CVE-2013-2478\n\n - The RTPS and RTPS2 dissectors could crash.\n wnpa-sec-2013-15 CVE-2013-2480: * The Mount dissector\n could crash. wnpa-sec-2013-16 CVE-2013-2481\n\n - The AMPQ dissector could go into an infinite loop.\n wnpa-sec-2013-17 CVE-2013-2482: * The ACN dissector\n could attempt to divide by zero. wnpa-sec-2013-18\n CVE-2013-2483: * The CIMD dissector could crash.\n wnpa-sec-2013-19 CVE-2013-2484\n\n - The FCSP dissector could go into an infinite loop.\n wnpa-sec-2013-20 CVE-2013-2485: * The DTLS dissector\n could crash. wnpa-sec-2013-22 CVE-2013-2488\n\nFurther bug fixes and updated protocol support are listed in :\n\nhttp://www.wireshark.org/docs/relnotes/wireshark-1.6.14.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-6054.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-6056.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2475.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2476.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2477.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2478.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2479.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2480.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2481.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2482.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2483.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2484.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2485.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2486.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2487.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2488.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 8500.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/12/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"wireshark-1.6.14-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"wireshark-1.6.14-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"wireshark-devel-1.6.14-0.5.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-03-01T07:50:10", "description": "The installed version of Wireshark 1.8 is earlier than 1.8.7. It is,\ntherefore, affected by the following vulnerabilities :\n\n - Errors exist in the ETCH, MySQL, and RELOAD dissectors\n that could lead to an infinite loop, resulting in a\n denial of service. (Bugs 8546, 8458, 8464)\n\n - Errors exist in the ASN.1 BER, DCP ETSI, GTPv2, MPEG\n DSM-CC, PPP CCP, and Websocket dissectors that could\n allow them to crash. (Bugs 8231, 8448, 8499, 8481,\n 8493, 8540, 8541, 8599, 8638)", "edition": 26, "published": "2013-05-22T00:00:00", "title": "Wireshark 1.8.x < 1.8.7 Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-3561", "CVE-2013-3562", "CVE-2013-3559", "CVE-2013-3558", "CVE-2013-3556", "CVE-2013-3555", "CVE-2013-3560", "CVE-2013-2487", "CVE-2013-2486", "CVE-2013-3557"], "modified": "2021-03-02T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "WIRESHARK_1_8_7.NASL", "href": "https://www.tenable.com/plugins/nessus/66544", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(66544);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/11/15 20:50:29\");\n\n script_cve_id(\n \"CVE-2013-2486\",\n \"CVE-2013-2487\",\n \"CVE-2013-3555\",\n \"CVE-2013-3556\",\n \"CVE-2013-3557\",\n \"CVE-2013-3558\",\n \"CVE-2013-3559\",\n \"CVE-2013-3560\",\n \"CVE-2013-3561\",\n \"CVE-2013-3562\"\n );\n script_bugtraq_id(\n 58363,\n 58364,\n 59992,\n 59994,\n 59995,\n 59996,\n 59998,\n 59999,\n 60001,\n 60002,\n 60021\n );\n script_name(english:\"Wireshark 1.8.x < 1.8.7 Multiple Vulnerabilities\");\n script_summary(english:\"Does a version check\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains an application that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The installed version of Wireshark 1.8 is earlier than 1.8.7. It is,\ntherefore, affected by the following vulnerabilities :\n\n - Errors exist in the ETCH, MySQL, and RELOAD dissectors\n that could lead to an infinite loop, resulting in a\n denial of service. (Bugs 8546, 8458, 8464)\n\n - Errors exist in the ASN.1 BER, DCP ETSI, GTPv2, MPEG\n DSM-CC, PPP CCP, and Websocket dissectors that could\n allow them to crash. (Bugs 8231, 8448, 8499, 8481,\n 8493, 8540, 8541, 8599, 8638)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-23.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-24.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-25.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-26.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-27.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-28.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-29.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-30.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-31.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.8.7.html\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Wireshark version 1.8.7 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/03/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/05/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/05/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"wireshark_installed.nasl\");\n script_require_keys(\"SMB/Wireshark/Installed\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n# Check each install.\ninstalls = get_kb_list_or_exit(\"SMB/Wireshark/*\");\n\ninfo = '';\ninfo2 = '';\n\nforeach install(keys(installs))\n{\n if (\"/Installed\" >< install) continue;\n\n version = install - \"SMB/Wireshark/\";\n\n if (version =~ \"^1\\.8\\.[0-6]($|[^0-9])\")\n info +=\n '\\n Path : ' + installs[install] +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 1.8.7\\n';\n else\n info2 += 'Version ' + version + ', under ' + installs[install] + ' ';\n}\n\n# Remove trailing space on info2\nif (strlen(info2) > 1)\n info2 = substr(info2, 0, strlen(info2) -2);\n\n# Report if any were found to be vulnerable\nif (info)\n{\n port = get_kb_item(\"SMB/transport\");\n if (!port) port = 445;\n\n if (report_verbosity > 0)\n {\n if (max_index(split(info)) > 4) s = \"s of Wireshark are\";\n else s = \" of Wireshark is\";\n\n report =\n '\\n' + 'The following vulnerable instance' + s + ' installed :' +\n '\\n' +\n info;\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nif (info2) exit(0, \"The following installed instance(s) of Wireshark are not affected : \" + info2 + \".\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-17T14:01:19", "description": "The remote Solaris system is missing necessary patches to address\nsecurity updates :\n\n - The dissect_diagnosticrequest function in\n epan/dissectors/packet-reload.c in the REsource LOcation\n And Discovery (aka RELOAD) dissector in Wireshark 1.8.x\n before 1.8.6 uses an incorrect integer data type, which\n allows remote attackers to cause a denial of service\n (infinite loop) via crafted integer values in a packet.\n (CVE-2013-2486)\n\n - epan/dissectors/packet-reload.c in the REsource LOcation\n And Discovery (aka RELOAD) dissector in Wireshark 1.8.x\n before 1.8.6 uses incorrect integer data types, which\n allows remote attackers to cause a denial of service\n (infinite loop) via crafted integer values in a packet,\n related to the (1) dissect_icecandidates, (2)\n dissect_kinddata, (3) dissect_nodeid_list, (4)\n dissect_storeans, (5) dissect_storereq, (6)\n dissect_storeddataspecifier, (7) dissect_fetchreq, (8)\n dissect_findans, (9) dissect_diagnosticinfo, (10)\n dissect_diagnosticresponse, (11)\n dissect_reload_messagecontents, and (12)\n dissect_reload_message functions, a different\n vulnerability than CVE-2013-2486. (CVE-2013-2487)\n\n - epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in\n Wireshark 1.8.x before 1.8.7 calls incorrect functions\n in certain contexts related to ciphers, which allows\n remote attackers to cause a denial of service\n (application crash) via a malformed packet.\n (CVE-2013-3555)\n\n - The fragment_add_seq_common function in\n epan/reassemble.c in the ASN.1 BER dissector in\n Wireshark before r48943 has an incorrect pointer\n dereference during a comparison, which allows remote\n attackers to cause a denial of service (application\n crash) via a malformed packet. (CVE-2013-3556)\n\n - The dissect_ber_choice function in\n epan/dissectors/packet-ber.c in the ASN.1 BER dissector\n in Wireshark 1.6.x before 1.6.15 and 1.8.x before 1.8.7\n does not properly initialize a certain variable, which\n allows remote attackers to cause a denial of service\n (application crash) via a malformed packet.\n (CVE-2013-3557)\n\n - The dissect_ccp_bsdcomp_opt function in\n epan/dissectors/packet-ppp.c in the PPP CCP dissector in\n Wireshark 1.8.x before 1.8.7 does not terminate a\n bit-field list, which allows remote attackers to cause a\n denial of service (application crash) via a malformed\n packet. (CVE-2013-3558)\n\n - epan/dissectors/packet-dcp-etsi.c in the DCP ETSI\n dissector in Wireshark 1.8.x before 1.8.7 uses incorrect\n integer data types, which allows remote attackers to\n cause a denial of service (integer overflow, and heap\n memory corruption or NULL pointer dereference, and\n application crash) via a malformed packet.\n (CVE-2013-3559)\n\n - The dissect_dsmcc_un_download function in\n epan/dissectors/packet-mpeg-dsmcc.c in the MPEG DSM-CC\n dissector in Wireshark 1.8.x before 1.8.7 uses an\n incorrect format string, which allows remote attackers\n to cause a denial of service (application crash) via a\n malformed packet. (CVE-2013-3560)\n\n - Multiple integer overflows in Wireshark 1.8.x before\n 1.8.7 allow remote attackers to cause a denial of\n service (loop or application crash) via a malformed\n packet, related to a crash of the Websocket dissector,\n an infinite loop in the MySQL dissector, and a large\n loop in the ETCH dissector. (CVE-2013-3561)\n\n - Multiple integer signedness errors in the tvb_unmasked\n function in epan/ dissectors/packet-websocket.c in the\n Websocket dissector in Wireshark 1.8.x before 1.8.7\n allow remote attackers to cause a denial of service\n (application crash) via a malformed packet.\n (CVE-2013-3562)\n\n - The dissect_pft function in\n epan/dissectors/packet-dcp-etsi.c in the DCP ETSI\n dissector in Wireshark 1.6.x before 1.6.16, 1.8.x before\n 1.8.8, and 1.10.0 does not validate a certain fragment\n length value, which allows remote attackers to cause a\n denial of service (application crash) via a crafted\n packet. (CVE-2013-4083)", "edition": 24, "published": "2015-01-19T00:00:00", "title": "Oracle Solaris Third-Party Patch Update : wireshark (multiple_vulnerabilities_in_wireshark5)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-3561", "CVE-2013-3562", "CVE-2013-3559", "CVE-2013-3558", "CVE-2013-3556", "CVE-2013-3555", "CVE-2013-3560", "CVE-2013-4083", "CVE-2013-2487", "CVE-2013-2486", "CVE-2013-3557"], "modified": "2015-01-19T00:00:00", "cpe": ["cpe:/o:oracle:solaris:11.1", "p-cpe:/a:oracle:solaris:wireshark"], "id": "SOLARIS11_WIRESHARK_20130924.NASL", "href": "https://www.tenable.com/plugins/nessus/80807", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Oracle Third Party software advisories.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80807);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2013-2486\", \"CVE-2013-2487\", \"CVE-2013-3555\", \"CVE-2013-3556\", \"CVE-2013-3557\", \"CVE-2013-3558\", \"CVE-2013-3559\", \"CVE-2013-3560\", \"CVE-2013-3561\", \"CVE-2013-3562\", \"CVE-2013-4083\");\n\n script_name(english:\"Oracle Solaris Third-Party Patch Update : wireshark (multiple_vulnerabilities_in_wireshark5)\");\n script_summary(english:\"Check for the 'entire' version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Solaris system is missing a security patch for third-party\nsoftware.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote Solaris system is missing necessary patches to address\nsecurity updates :\n\n - The dissect_diagnosticrequest function in\n epan/dissectors/packet-reload.c in the REsource LOcation\n And Discovery (aka RELOAD) dissector in Wireshark 1.8.x\n before 1.8.6 uses an incorrect integer data type, which\n allows remote attackers to cause a denial of service\n (infinite loop) via crafted integer values in a packet.\n (CVE-2013-2486)\n\n - epan/dissectors/packet-reload.c in the REsource LOcation\n And Discovery (aka RELOAD) dissector in Wireshark 1.8.x\n before 1.8.6 uses incorrect integer data types, which\n allows remote attackers to cause a denial of service\n (infinite loop) via crafted integer values in a packet,\n related to the (1) dissect_icecandidates, (2)\n dissect_kinddata, (3) dissect_nodeid_list, (4)\n dissect_storeans, (5) dissect_storereq, (6)\n dissect_storeddataspecifier, (7) dissect_fetchreq, (8)\n dissect_findans, (9) dissect_diagnosticinfo, (10)\n dissect_diagnosticresponse, (11)\n dissect_reload_messagecontents, and (12)\n dissect_reload_message functions, a different\n vulnerability than CVE-2013-2486. (CVE-2013-2487)\n\n - epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in\n Wireshark 1.8.x before 1.8.7 calls incorrect functions\n in certain contexts related to ciphers, which allows\n remote attackers to cause a denial of service\n (application crash) via a malformed packet.\n (CVE-2013-3555)\n\n - The fragment_add_seq_common function in\n epan/reassemble.c in the ASN.1 BER dissector in\n Wireshark before r48943 has an incorrect pointer\n dereference during a comparison, which allows remote\n attackers to cause a denial of service (application\n crash) via a malformed packet. (CVE-2013-3556)\n\n - The dissect_ber_choice function in\n epan/dissectors/packet-ber.c in the ASN.1 BER dissector\n in Wireshark 1.6.x before 1.6.15 and 1.8.x before 1.8.7\n does not properly initialize a certain variable, which\n allows remote attackers to cause a denial of service\n (application crash) via a malformed packet.\n (CVE-2013-3557)\n\n - The dissect_ccp_bsdcomp_opt function in\n epan/dissectors/packet-ppp.c in the PPP CCP dissector in\n Wireshark 1.8.x before 1.8.7 does not terminate a\n bit-field list, which allows remote attackers to cause a\n denial of service (application crash) via a malformed\n packet. (CVE-2013-3558)\n\n - epan/dissectors/packet-dcp-etsi.c in the DCP ETSI\n dissector in Wireshark 1.8.x before 1.8.7 uses incorrect\n integer data types, which allows remote attackers to\n cause a denial of service (integer overflow, and heap\n memory corruption or NULL pointer dereference, and\n application crash) via a malformed packet.\n (CVE-2013-3559)\n\n - The dissect_dsmcc_un_download function in\n epan/dissectors/packet-mpeg-dsmcc.c in the MPEG DSM-CC\n dissector in Wireshark 1.8.x before 1.8.7 uses an\n incorrect format string, which allows remote attackers\n to cause a denial of service (application crash) via a\n malformed packet. (CVE-2013-3560)\n\n - Multiple integer overflows in Wireshark 1.8.x before\n 1.8.7 allow remote attackers to cause a denial of\n service (loop or application crash) via a malformed\n packet, related to a crash of the Websocket dissector,\n an infinite loop in the MySQL dissector, and a large\n loop in the ETCH dissector. (CVE-2013-3561)\n\n - Multiple integer signedness errors in the tvb_unmasked\n function in epan/ dissectors/packet-websocket.c in the\n Websocket dissector in Wireshark 1.8.x before 1.8.7\n allow remote attackers to cause a denial of service\n (application crash) via a malformed packet.\n (CVE-2013-3562)\n\n - The dissect_pft function in\n epan/dissectors/packet-dcp-etsi.c in the DCP ETSI\n dissector in Wireshark 1.6.x before 1.6.16, 1.8.x before\n 1.8.8, and 1.10.0 does not validate a certain fragment\n length value, which allows remote attackers to cause a\n denial of service (application crash) via a crafted\n packet. (CVE-2013-4083)\"\n );\n # https://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4a913f44\"\n );\n # https://blogs.oracle.com/sunsecurity/multiple-vulnerabilities-in-wireshark\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6ccbc2d4\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Solaris 11.1.10.5.0.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:11.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:wireshark\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris11/release\", \"Host/Solaris11/pkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Solaris11/release\");\nif (isnull(release)) audit(AUDIT_OS_NOT, \"Solaris11\");\npkg_list = solaris_pkg_list_leaves();\nif (isnull (pkg_list)) audit(AUDIT_PACKAGE_LIST_MISSING, \"Solaris pkg-list packages\");\n\nif (empty_or_null(egrep(string:pkg_list, pattern:\"^wireshark$\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n\nflag = 0;\n\nif (solaris_check_release(release:\"0.5.11-0.175.1.10.0.5.0\", sru:\"SRU 11.1.10.5.0\") > 0) flag++;\n\nif (flag)\n{\n error_extra = 'Affected package : wireshark\\n' + solaris_get_report2();\n error_extra = ereg_replace(pattern:\"version\", replace:\"OS version\", string:error_extra);\n if (report_verbosity > 0) security_hole(port:0, extra:error_extra);\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_PACKAGE_NOT_AFFECTED, \"wireshark\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-12T09:43:49", "description": "Multiple vulnerabilities were discovered in the dissectors/parsers for\nPKTC, IAX2, GSM CBCH and NCP which could result in denial of service.\n\nThis update also fixes many older less important issues by updating\nthe package to the version found in Debian 8 also known as Jessie.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n1.12.1+g01b65bf-4+deb8u6~deb7u1.\n\nWe recommend that you upgrade your wireshark packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.", "edition": 17, "cvss3": {"score": 5.9, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2016-06-01T00:00:00", "title": "Debian DLA-497-1 : wireshark security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1576", "CVE-2016-4082", "CVE-2012-6054", "CVE-2013-6339", "CVE-2013-4079", "CVE-2013-4931", "CVE-2013-1580", "CVE-2016-4081", "CVE-2013-1574", "CVE-2013-2476", "CVE-2013-1581", "CVE-2012-6057", "CVE-2012-6053", "CVE-2013-2479", "CVE-2013-4927", "CVE-2013-1573", "CVE-2013-7112", "CVE-2012-6060", "CVE-2016-4079", "CVE-2015-6243", "CVE-2015-6246", "CVE-2013-1577", "CVE-2016-4085", "CVE-2012-6055", "CVE-2012-6058", "CVE-2013-1572", "CVE-2012-6056", "CVE-2013-2482", "CVE-2013-1578", "CVE-2012-6052", "CVE-2012-6061", "CVE-2013-2487", "CVE-2012-6062", "CVE-2013-2486", "CVE-2013-4929", "CVE-2013-2485", "CVE-2013-5719", "CVE-2016-4006", "CVE-2015-6248", "CVE-2016-4080", "CVE-2013-1579", "CVE-2013-4080", "CVE-2012-6059", "CVE-2013-1575", "CVE-2013-5721"], "modified": "2016-06-01T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:wireshark-doc", "p-cpe:/a:debian:debian_linux:libwireshark-dev", "p-cpe:/a:debian:debian_linux:wireshark", "p-cpe:/a:debian:debian_linux:libwireshark-data", "p-cpe:/a:debian:debian_linux:libwiretap-dev", "p-cpe:/a:debian:debian_linux:libwsutil-dev", "p-cpe:/a:debian:debian_linux:wireshark-dbg", "cpe:/o:debian:debian_linux:7.0", "p-cpe:/a:debian:debian_linux:libwsutil2", "p-cpe:/a:debian:debian_linux:libwireshark2", "p-cpe:/a:debian:debian_linux:libwiretap2", "p-cpe:/a:debian:debian_linux:wireshark-common", "p-cpe:/a:debian:debian_linux:wireshark-dev", "p-cpe:/a:debian:debian_linux:tshark"], "id": "DEBIAN_DLA-497.NASL", "href": "https://www.tenable.com/plugins/nessus/91395", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-497-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(91395);\n script_version(\"2.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-6052\", \"CVE-2012-6053\", \"CVE-2012-6054\", \"CVE-2012-6055\", \"CVE-2012-6056\", \"CVE-2012-6057\", \"CVE-2012-6058\", \"CVE-2012-6059\", \"CVE-2012-6060\", \"CVE-2012-6061\", \"CVE-2012-6062\", \"CVE-2013-1572\", \"CVE-2013-1573\", \"CVE-2013-1574\", \"CVE-2013-1575\", \"CVE-2013-1576\", \"CVE-2013-1577\", \"CVE-2013-1578\", \"CVE-2013-1579\", \"CVE-2013-1580\", \"CVE-2013-1581\", \"CVE-2013-2476\", \"CVE-2013-2479\", \"CVE-2013-2482\", \"CVE-2013-2485\", \"CVE-2013-2486\", \"CVE-2013-2487\", \"CVE-2013-4079\", \"CVE-2013-4080\", \"CVE-2013-4927\", \"CVE-2013-4929\", \"CVE-2013-4931\", \"CVE-2013-5719\", \"CVE-2013-5721\", \"CVE-2013-6339\", \"CVE-2013-7112\", \"CVE-2015-6243\", \"CVE-2015-6246\", \"CVE-2015-6248\", \"CVE-2016-4006\", \"CVE-2016-4079\", \"CVE-2016-4080\", \"CVE-2016-4081\", \"CVE-2016-4082\", \"CVE-2016-4085\");\n script_bugtraq_id(56729, 57616, 58350, 58353, 58358, 58362, 58363, 58364, 60448, 60498, 60503, 61471, 62318, 62320, 63501, 64411);\n\n script_name(english:\"Debian DLA-497-1 : wireshark security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities were discovered in the dissectors/parsers for\nPKTC, IAX2, GSM CBCH and NCP which could result in denial of service.\n\nThis update also fixes many older less important issues by updating\nthe package to the version found in Debian 8 also known as Jessie.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n1.12.1+g01b65bf-4+deb8u6~deb7u1.\n\nWe recommend that you upgrade your wireshark packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2016/05/msg00051.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/wireshark\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwireshark-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwireshark-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwireshark2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwiretap-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwiretap2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwsutil-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwsutil2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/12/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/06/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"libwireshark-data\", reference:\"1.12.1+g01b65bf-4+deb8u6~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libwireshark-dev\", reference:\"1.12.1+g01b65bf-4+deb8u6~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libwireshark2\", reference:\"1.12.1+g01b65bf-4+deb8u6~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libwiretap-dev\", reference:\"1.12.1+g01b65bf-4+deb8u6~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libwiretap2\", reference:\"1.12.1+g01b65bf-4+deb8u6~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libwsutil-dev\", reference:\"1.12.1+g01b65bf-4+deb8u6~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libwsutil2\", reference:\"1.12.1+g01b65bf-4+deb8u6~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"tshark\", reference:\"1.12.1+g01b65bf-4+deb8u6~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"wireshark\", reference:\"1.12.1+g01b65bf-4+deb8u6~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"wireshark-common\", reference:\"1.12.1+g01b65bf-4+deb8u6~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"wireshark-dbg\", reference:\"1.12.1+g01b65bf-4+deb8u6~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"wireshark-dev\", reference:\"1.12.1+g01b65bf-4+deb8u6~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"wireshark-doc\", reference:\"1.12.1+g01b65bf-4+deb8u6~deb7u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-20T14:41:59", "description": "This wireshark version update to 1.8.8 includes several security and\ngeneral bug fixes.\n\nVersion update to 1.8.8 [bnc#824900] :\n\n - vulnerabilities fixed :\n\n - The CAPWAP dissector could crash. wnpa-sec-2013-32.\n (CVE-2013-4074)\n\n - The GMR-1 BCCH dissector could crash. wnpa-sec-2013-33.\n (CVE-2013-4075)\n\n - The PPP dissector could crash. wnpa-sec-2013-34.\n (CVE-2013-4076)\n\n - The NBAP dissector could crash. wnpa-sec-2013-35.\n (CVE-2013-4077)\n\n - The RDP dissector could crash. wnpa-sec-2013-36.\n (CVE-2013-4078)\n\n - The GSM CBCH dissector could crash. wnpa-sec-2013-37.\n (CVE-2013-4079)\n\n - The Assa Abloy R3 dissector could consume excessive\n memory and CPU. wnpa-sec-2013-38. (CVE-2013-4080)\n\n - The HTTP dissector could overrun the stack.\n wnpa-sec-2013-39. (CVE-2013-4081)\n\n - The Ixia IxVeriWave file parser could overflow the heap.\n wnpa-sec-2013-40. (CVE-2013-4082)\n\n - The DCP ETSI dissector could crash. wnpa-sec-2013-41.\n (CVE-2013-4083)\n\n - Further bug fixes and updated protocol support as listed\n in:\n https://www.wireshark.org/docs/relnotes/wireshark-1.8.8.\n html Version update to 1.8.7 [bnc#813217, bnc#820973] :\n\n - vulnerabilities fixed :\n\n - The RELOAD dissector could go into an infinite loop.\n wnpa-sec-2013-23. (CVE-2013-2486 / CVE-2013-2487)\n\n - The GTPv2 dissector could crash. wnpa-sec-2013-24\n\n - The ASN.1 BER dissector could crash. wnpa-sec-2013-25\n\n - The PPP CCP dissector could crash. wnpa-sec-2013-26\n\n - The DCP ETSI dissector could crash. wnpa-sec-2013-27\n\n - The MPEG DSM-CC dissector could crash. wnpa-sec-2013-28\n\n - The Websocket dissector could crash. wnpa-sec-2013-29\n\n - The MySQL dissector could go into an infinite loop.\n wnpa-sec-2013-30\n\n - The ETCH dissector could go into a large loop.\n wnpa-sec-2013-31\n\n - Further bug fixes and updated protocol support as listed\n in:\n https://www.wireshark.org/docs/relnotes/wireshark-1.8.7.\n html Ohter bug fixes :\n\n - 'Save As' Nokia libpcap corrupting the file.\n (bnc#816517)\n\n - wireshark crashed in 'SCTP' -> 'Prepare Filter for this\n Association'. (bnc#816887)", "edition": 18, "published": "2013-07-28T00:00:00", "title": "SuSE 11.2 / 11.3 Security Update : wireshark (SAT Patch Numbers 8044 / 8045)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-3561", "CVE-2013-4079", "CVE-2013-4076", "CVE-2013-3562", "CVE-2013-4078", "CVE-2013-3559", "CVE-2013-3558", "CVE-2013-3556", "CVE-2013-3555", "CVE-2013-4075", "CVE-2013-3560", "CVE-2013-4083", "CVE-2013-2487", "CVE-2013-2486", "CVE-2013-4081", "CVE-2013-4082", "CVE-2013-3557", "CVE-2013-4080", "CVE-2013-4074", "CVE-2013-4077"], "modified": "2013-07-28T00:00:00", "cpe": ["cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:11:wireshark"], "id": "SUSE_11_WIRESHARK-130711.NASL", "href": "https://www.tenable.com/plugins/nessus/69091", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(69091);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-2486\", \"CVE-2013-2487\", \"CVE-2013-3555\", \"CVE-2013-3556\", \"CVE-2013-3557\", \"CVE-2013-3558\", \"CVE-2013-3559\", \"CVE-2013-3560\", \"CVE-2013-3561\", \"CVE-2013-3562\", \"CVE-2013-4074\", \"CVE-2013-4075\", \"CVE-2013-4076\", \"CVE-2013-4077\", \"CVE-2013-4078\", \"CVE-2013-4079\", \"CVE-2013-4080\", \"CVE-2013-4081\", \"CVE-2013-4082\", \"CVE-2013-4083\");\n\n script_name(english:\"SuSE 11.2 / 11.3 Security Update : wireshark (SAT Patch Numbers 8044 / 8045)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This wireshark version update to 1.8.8 includes several security and\ngeneral bug fixes.\n\nVersion update to 1.8.8 [bnc#824900] :\n\n - vulnerabilities fixed :\n\n - The CAPWAP dissector could crash. wnpa-sec-2013-32.\n (CVE-2013-4074)\n\n - The GMR-1 BCCH dissector could crash. wnpa-sec-2013-33.\n (CVE-2013-4075)\n\n - The PPP dissector could crash. wnpa-sec-2013-34.\n (CVE-2013-4076)\n\n - The NBAP dissector could crash. wnpa-sec-2013-35.\n (CVE-2013-4077)\n\n - The RDP dissector could crash. wnpa-sec-2013-36.\n (CVE-2013-4078)\n\n - The GSM CBCH dissector could crash. wnpa-sec-2013-37.\n (CVE-2013-4079)\n\n - The Assa Abloy R3 dissector could consume excessive\n memory and CPU. wnpa-sec-2013-38. (CVE-2013-4080)\n\n - The HTTP dissector could overrun the stack.\n wnpa-sec-2013-39. (CVE-2013-4081)\n\n - The Ixia IxVeriWave file parser could overflow the heap.\n wnpa-sec-2013-40. (CVE-2013-4082)\n\n - The DCP ETSI dissector could crash. wnpa-sec-2013-41.\n (CVE-2013-4083)\n\n - Further bug fixes and updated protocol support as listed\n in:\n https://www.wireshark.org/docs/relnotes/wireshark-1.8.8.\n html Version update to 1.8.7 [bnc#813217, bnc#820973] :\n\n - vulnerabilities fixed :\n\n - The RELOAD dissector could go into an infinite loop.\n wnpa-sec-2013-23. (CVE-2013-2486 / CVE-2013-2487)\n\n - The GTPv2 dissector could crash. wnpa-sec-2013-24\n\n - The ASN.1 BER dissector could crash. wnpa-sec-2013-25\n\n - The PPP CCP dissector could crash. wnpa-sec-2013-26\n\n - The DCP ETSI dissector could crash. wnpa-sec-2013-27\n\n - The MPEG DSM-CC dissector could crash. wnpa-sec-2013-28\n\n - The Websocket dissector could crash. wnpa-sec-2013-29\n\n - The MySQL dissector could go into an infinite loop.\n wnpa-sec-2013-30\n\n - The ETCH dissector could go into a large loop.\n wnpa-sec-2013-31\n\n - Further bug fixes and updated protocol support as listed\n in:\n https://www.wireshark.org/docs/relnotes/wireshark-1.8.7.\n html Ohter bug fixes :\n\n - 'Save As' Nokia libpcap corrupting the file.\n (bnc#816517)\n\n - wireshark crashed in 'SCTP' -> 'Prepare Filter for this\n Association'. (bnc#816887)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=813217\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=816517\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=816887\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=820973\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=824900\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2486.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2487.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-3555.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-3556.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-3557.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-3558.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-3559.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-3560.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-3561.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-3562.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-4074.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-4075.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-4076.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-4077.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-4078.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-4079.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-4080.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-4081.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-4082.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-4083.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Apply SAT patch number 8044 / 8045 as appropriate.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/07/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"wireshark-1.8.8-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"wireshark-1.8.8-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"wireshark-1.8.8-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"wireshark-1.8.8-0.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"wireshark-1.8.8-0.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"wireshark-1.8.8-0.2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-20T14:43:08", "description": "This wireshark version update to 1.6.16 includes several security and\ngeneral bug fixes.\n\nhttp://www.wireshark.org/docs/relnotes/wireshark-1.6.16.html\n\n - The CAPWAP dissector could crash. Discovered by Laurent\n Butti. (CVE-2013-4074)\n\n - The HTTP dissector could overrun the stack. Discovered\n by David Keeler. (CVE-2013-4081)\n\n - The DCP ETSI dissector could crash. (CVE-2013-4083)\n\nhttp://www.wireshark.org/docs/relnotes/wireshark-1.6.15.html\n\n - The ASN.1 BER dissector could crash. ( CVE-2013-3556\n CVE-2013-3557 )\n\nThe releases also fix various non-security issues.\n\nAdditionally, a crash in processing SCTP filters has been fixed.\n(bug#816887)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 17, "published": "2015-05-20T00:00:00", "title": "SUSE SLED10 / SLES10 Security Update : wireshark (SUSE-SU-2013:1276-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-3561", "CVE-2013-4079", "CVE-2013-4076", "CVE-2013-3562", "CVE-2013-4078", "CVE-2013-3559", "CVE-2013-3558", "CVE-2013-3556", "CVE-2013-3555", "CVE-2013-4075", "CVE-2013-3560", "CVE-2013-4083", "CVE-2013-2487", "CVE-2013-2486", "CVE-2013-4081", "CVE-2013-4082", "CVE-2013-3557", "CVE-2013-4080", "CVE-2013-4074", "CVE-2013-4077"], "modified": "2015-05-20T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:wireshark-devel", "cpe:/o:novell:suse_linux:10", "p-cpe:/a:novell:suse_linux:wireshark"], "id": "SUSE_SU-2013-1276-1.NASL", "href": "https://www.tenable.com/plugins/nessus/83596", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2013:1276-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83596);\n script_version(\"2.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-2486\", \"CVE-2013-2487\", \"CVE-2013-3555\", \"CVE-2013-3556\", \"CVE-2013-3557\", \"CVE-2013-3558\", \"CVE-2013-3559\", \"CVE-2013-3560\", \"CVE-2013-3561\", \"CVE-2013-3562\", \"CVE-2013-4074\", \"CVE-2013-4075\", \"CVE-2013-4076\", \"CVE-2013-4077\", \"CVE-2013-4078\", \"CVE-2013-4079\", \"CVE-2013-4080\", \"CVE-2013-4081\", \"CVE-2013-4082\", \"CVE-2013-4083\");\n script_bugtraq_id(58363, 58364, 59992, 59994, 59995, 59996, 59997, 59998, 59999, 60000, 60001, 60002, 60003, 60021, 60448, 60495, 60498, 60499, 60500, 60501, 60502, 60503, 60504, 60505, 60506);\n\n script_name(english:\"SUSE SLED10 / SLES10 Security Update : wireshark (SUSE-SU-2013:1276-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This wireshark version update to 1.6.16 includes several security and\ngeneral bug fixes.\n\nhttp://www.wireshark.org/docs/relnotes/wireshark-1.6.16.html\n\n - The CAPWAP dissector could crash. Discovered by Laurent\n Butti. (CVE-2013-4074)\n\n - The HTTP dissector could overrun the stack. Discovered\n by David Keeler. (CVE-2013-4081)\n\n - The DCP ETSI dissector could crash. (CVE-2013-4083)\n\nhttp://www.wireshark.org/docs/relnotes/wireshark-1.6.15.html\n\n - The ASN.1 BER dissector could crash. ( CVE-2013-3556\n CVE-2013-3557 )\n\nThe releases also fix various non-security issues.\n\nAdditionally, a crash in processing SCTP filters has been fixed.\n(bug#816887)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://download.suse.com/patch/finder/?keywords=cb4504a53f9b3d0625f514d688e2c947\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?023b8157\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2486.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2487.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-3555.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-3556.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-3557.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-3558.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-3559.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-3560.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-3561.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-3562.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-4074.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-4075.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-4076.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-4077.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-4078.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-4079.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-4080.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-4081.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-4082.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-4083.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.wireshark.org/docs/relnotes/wireshark-1.6.15.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.wireshark.org/docs/relnotes/wireshark-1.6.16.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/816887\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/820973\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/824900\"\n );\n # https://www.suse.com/support/update/announcement/2013/suse-su-20131276-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4e71c4a9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark packages\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/07/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLED10|SLES10)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED10 / SLES10\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLED10\" && (! ereg(pattern:\"^4$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED10 SP4\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLES10\" && (! ereg(pattern:\"^4$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES10 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:\"4\", cpu:\"x86_64\", reference:\"wireshark-1.6.16-0.5.5\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:\"4\", cpu:\"i586\", reference:\"wireshark-1.6.16-0.5.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", reference:\"wireshark-1.6.16-0.5.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", reference:\"wireshark-devel-1.6.16-0.5.5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "kitploit": [{"lastseen": "2019-06-26T13:23:21", "bulletinFamily": "tools", "cvelist": ["CVE-2013-2487", "CVE-2013-2486"], "description": "[  ](<https://1.bp.blogspot.com/-ZkbExV-ycYo/UVop6DgYb3I/AAAAAAAAAZA/eTLtt4HFnHo/s1600/An%25C3%25A1lisis-de-tr%25C3%25A1fico-con-Wireshark.png>) ** Wireshark ** is the world\u2019s foremost network protocol analyzer. It lets you capture and interactively browse the traffic running on a computer network. It is the de facto (and often de jure) standard across many industries and educational institutions. \n\n\n \n\n\n** Wireshark ** development thrives thanks to the contributions of networking experts across the globe. It is the continuation of a project that started in 1998. \n\n \n \n\n\n### Changelog v1.8.7 \n\n** What\u2019s New **\n\n** Bug Fixes **\n\nThe following vulnerabilities have been fixed. \n\n * [ wnpa-sec-2013-23 ](<https://www.wireshark.org/security/wnpa-sec-2013-23.html>) The RELOAD dissector could go into an infinite loop. Discovered by Evan Jensen. ( [ Bug 8364 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8364>) , ( [ Bug 8546 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8546>) ) Versions affected: 1.8.0 to 1.8.6. \n\n[ CVE-2013-2486 ](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2486>)\n\n[ ](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2486>) [ CVE-2013-2487 ](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2486>)\n\n * [ wnpa-sec-2013-24 ](<https://www.wireshark.org/security/wnpa-sec-2013-24.html>) The GTPv2 dissector could crash. ( [ Bug 8493 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8493>) ) Versions affected: 1.8.0 to 1.8.6. \n * [ wnpa-sec-2013-25 ](<https://www.wireshark.org/security/wnpa-sec-2013-25.html>) The ASN.1 BER dissector could crash. ( [ Bug 8599 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8599>) ) Versions affected: 1.8.0 to 1.8.6, 1.6.0 to 1.6.14. \n * [ wnpa-sec-2013-26 ](<https://www.wireshark.org/security/wnpa-sec-2013-26.html>) The PPP CCP dissector could crash. ( [ Bug 8638 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8638>) ) Versions affected: 1.8.0 to 1.8.6. \n * [ wnpa-sec-2013-27 ](<https://www.wireshark.org/security/wnpa-sec-2013-27.html>) The DCP ETSI dissector could crash. Discovered by Evan Jensen. ( [ Bug 8231 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8231>) , [ bug 8540 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8540>) , [ bug 8541 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8541>) ) Versions affected: 1.8.0 to 1.8.6. \n * [ wnpa-sec-2013-28 ](<https://www.wireshark.org/security/wnpa-sec-2013-28.html>) The MPEG DSM-CC dissector could crash. ( [ Bug 8481 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8481>) ) Versions affected: 1.8.0 to 1.8.6. \n * [ wnpa-sec-2013-29 ](<https://www.wireshark.org/security/wnpa-sec-2013-29.html>) The Websocket dissector could crash. Discovered by Moshe Kaplan. ( [ Bug 8448 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8448>) , [ Bug 8499 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8499>) ) Versions affected: 1.8.0 to 1.8.6. \n * [ wnpa-sec-2013-30 ](<https://www.wireshark.org/security/wnpa-sec-2013-30.html>) The MySQL dissector could go into an infinite loop. Discovered by Moshe Kaplan. ( [ Bug 8458 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8458>) ) Versions affected: 1.8.0 to 1.8.6. \n * [ wnpa-sec-2013-31 ](<https://www.wireshark.org/security/wnpa-sec-2013-31.html>) The ETCH dissector could go into a large loop. Discovered by Moshe Kaplan. ( [ Bug 8464 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8464>) ) Versions affected: 1.8.0 to 1.8.6. \n\nThe following bugs have been fixed: \n\n * The Windows installer and uninstaller does a better job of detecting running executables. \n * Library mismatch when compiling on a system with an older Wireshark version. ( [ Bug 6011 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6011>) ) \n * SNMP dissector bug: STATUS_INTEGER_DIVIDE_BY_ZERO. ( [ Bug 7359 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7359>) ) \n * A console window is never opened. ( [ Bug 7755 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7755>) ) \n * GSM_MAP show malformed Packets when two IMSI. ( [ Bug 7882 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7882>) ) \n * Fix include and libs search path when cross compiling. ( [ Bug 7926 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7926>) ) \n * PER dissector crash. ( [ Bug 8197 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8197>) ) \n * pcap-ng: name resolution block is not written to file on save. ( [ Bug 8317 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8317>) ) \n * Incorrect RTP statistics (Lost Packets indication not ok). ( [ Bug 8321 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8321>) ) \n * Decoding of GSM MAP E164 Digits. ( [ Bug 8450 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8450>) ) \n * Silent installer and uninstaller not silent. ( [ Bug 8451 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8451>) ) \n * Replace use of INCLUDES with AM_CPPFLAGS in all Makefiles to placate recent autotools. ( [ Bug 8452 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8452>) ) \n * Wifi details are not stored in the Decryption Key Management dialog (post 1.8.x). ( [ Bug 8446 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8446>) ) \n * IO Graph should not be limited to 100k points (NUM_IO_ITEMS). ( [ Bug 8460 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8460>) ) \n * geographical_description: hf_gsm_a_geo_loc_deg_of_long 24 bit field truncated to 23 bits. ( [ Bug 8532 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8532>) ) \n * IRC message with multiple params causes malformed packet exception. ( [ Bug 8548 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8548>) ) \n * Part of Ping Reply Message in ICMPv6 Reply Message is marked as \u201cMalformed Packet\u201d. ( [ Bug 8554 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8554>) ) \n * MP2T wiretap heuristic overriding ERF. ( [ Bug 8556 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8556>) ) \n * Cannot read content of Ran Information Application Error Rim Container. ( [ Bug 8559 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8559>) ) \n * Endian error and IP:Port error when decoding BT-DHT response message. ( [ Bug 8572 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8572>) ) \n * \u201cACE4_ADD_FILE/ACE4_ADD_SUBDIRECTORY\u201d should be \u201cACE4_APPEND_DATA / ACE4_ADD_SUBDIRECTORY\u201d. ( [ Bug 8575 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8575>) ) \n * wireshark crashes while displaying I/O Graph. ( [ Bug 8583 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8583>) ) \n * GTPv2 MM Context (UMTS Key, Quad, and Quint Decoded) incorrectly. ( [ Bug 8596 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8596>) ) \n * DTLS 1.2 uses wrong PRF. ( [ Bug 8608 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8608>) ) \n * RTP DTMF digits are no longer displayed in VoIP graph analysis. ( [ Bug 8610 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8610>) ) \n * Universal port not accepted in RSA Keys List window. ( [ Bug 8618 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8618>) ) \n * Wireshark Dissector bug with HSRP Version 2. ( [ Bug 8622 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8622>) ) \n * LISP control packet incorrectly identified as LISP data based when UDP source port is 4341. ( [ Bug 8627 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8627>) ) \n * Bad tcp checksum not detected. ( [ Bug 8629 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8629>) ) \n * AMR Frame Type uses wrong Value String. ( [ Bug 8681 ](<https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8681>) ) \n\n \n\n\n** New and Updated Features **\n\nThere are no new features in this release. \n\n** New Protocol Support **\n\nThere are no new protocols in this release. \n\n** Updated Protocol Support **\n\nAMR, ASN.1 BER, BAT, Bluetooth DHT, BSSGP, DTLS, E.164, Ericsson A-bis OML, GSM A, GSM MAP, HDFSDATA, ICMP, ICMPv6, ixveriwave, IRC, KDSP, LISP Data, MMS, NFS, OpenWire, PPP, RELOAD, RTP, SASP, SIP, SSL/TLS, TCP, UA3G \n\n** New and Updated Capture File Support **\n\nEndace ERF, NetScreen snoop. \n\nFull Changelog: [ here ](<https://www.wireshark.org/docs/relnotes/wireshark-1.8.7.html>) \n \n\n\n** [ Download Wireshark v1.8.7 ](<https://www.wireshark.org/download.html>) **\n", "edition": 14, "modified": "2013-05-20T23:29:50", "published": "2013-05-20T23:29:50", "id": "KITPLOIT:9011798985544138654", "href": "http://www.kitploit.com/2013/05/wireshark-v187-worlds-foremost-network.html", "title": "[Wireshark v1.8.7] The world\u2019s foremost network protocol analyzer", "type": "kitploit", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "debian": [{"lastseen": "2019-05-30T02:22:27", "bulletinFamily": "unix", "cvelist": ["CVE-2013-1576", "CVE-2016-4082", "CVE-2012-6054", "CVE-2013-6339", "CVE-2013-4079", "CVE-2013-4931", "CVE-2013-1580", "CVE-2016-4081", "CVE-2013-1574", "CVE-2013-2476", "CVE-2013-1581", "CVE-2012-6057", "CVE-2012-6053", "CVE-2013-2479", "CVE-2013-4927", "CVE-2013-1573", "CVE-2013-7112", "CVE-2012-6060", "CVE-2016-4079", "CVE-2015-6243", "CVE-2015-6246", "CVE-2013-1577", "CVE-2016-4085", "CVE-2012-6055", "CVE-2012-6058", "CVE-2013-1572", "CVE-2012-6056", "CVE-2013-2482", "CVE-2013-1578", "CVE-2012-6052", "CVE-2012-6061", "CVE-2013-2487", "CVE-2012-6062", "CVE-2013-2486", "CVE-2013-4929", "CVE-2013-2485", "CVE-2013-5719", "CVE-2016-4006", "CVE-2015-6248", "CVE-2016-4080", "CVE-2013-1579", "CVE-2013-4080", "CVE-2012-6059", "CVE-2013-1575", "CVE-2013-5721"], "description": "Package : wireshark\nVersion : 1.12.1+g01b65bf-4+deb8u6~deb7u1\nCVE ID : CVE-2012-6052 CVE-2012-6053 CVE-2012-6054 CVE-2012-6055\n CVE-2012-6056 CVE-2012-6057 CVE-2012-6058 CVE-2012-6059\n CVE-2012-6060 CVE-2012-6061 CVE-2012-6062 CVE-2013-1572\n CVE-2013-1573 CVE-2013-1574 CVE-2013-1575 CVE-2013-1576\n CVE-2013-1577 CVE-2013-1578 CVE-2013-1579 CVE-2013-1580\n CVE-2013-1581 CVE-2013-2476 CVE-2013-2479 CVE-2013-2482\n CVE-2013-2485 CVE-2013-2486 CVE-2013-2487 CVE-2013-4079\n CVE-2013-4080 CVE-2013-4927 CVE-2013-4929 CVE-2013-4931\n CVE-2013-5719 CVE-2013-5721 CVE-2013-6339 CVE-2013-7112\n CVE-2015-6243 CVE-2015-6246 CVE-2015-6248 CVE-2016-4006\n CVE-2016-4079 CVE-2016-4080 CVE-2016-4081 CVE-2016-4082\n CVE-2016-4085\n\nMultiple vulnerabilities were discovered in the dissectors/parsers for\nPKTC, IAX2, GSM CBCH and NCP which could result in denial of service.\n\nThis update also fixes many older less important issues by updating the\npackage to the version found in Debian 8 also known as Jessie.\n\nFor Debian 7 &quot;Wheezy&quot;, these problems have been fixed in version\n1.12.1+g01b65bf-4+deb8u6~deb7u1.\n\nWe recommend that you upgrade your wireshark packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 3, "modified": "2016-05-31T10:22:50", "published": "2016-05-31T10:22:50", "id": "DEBIAN:DLA-497-1:1FD56", "href": "https://lists.debian.org/debian-lts-announce/2016/debian-lts-announce-201605/msg00051.html", "title": "[SECURITY] [DLA 497-1] wireshark security update", "type": "debian", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}]}