{"id": "OPENVAS:880945", "type": "openvas", "bulletinFamily": "scanner", "title": "CentOS Update for wireshark CESA-2009:0313 centos4 i386", "description": "Check for the Version of wireshark", "published": "2011-08-09T00:00:00", "modified": "2017-07-10T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=880945", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["2009:0313", "http://lists.centos.org/pipermail/centos-announce/2009-April/015801.html"], "cvelist": ["CVE-2008-4680", "CVE-2008-4681", "CVE-2008-5285", "CVE-2009-0599", "CVE-2009-0600", "CVE-2008-4683", "CVE-2008-4684", "CVE-2008-4685", "CVE-2008-4682"], "lastseen": "2017-07-25T10:55:41", "viewCount": 0, "enchantments": {"score": {"value": 6.7, "vector": "NONE", "modified": "2017-07-25T10:55:41", "rev": 2}, "dependencies": {"references": [{"type": "nessus", "idList": ["ORACLELINUX_ELSA-2009-0313.NASL", "SUSE_11_0_WIRESHARK-081220.NASL", "SUSE_WIRESHARK-5886.NASL", "FEDORA_2009-1798.NASL", "CENTOS_RHSA-2009-0313.NASL", "GENTOO_GLSA-200906-05.NASL", "MANDRIVA_MDVSA-2008-215.NASL", "REDHAT-RHSA-2009-0313.NASL", "SUSE_WIRESHARK-5783.NASL", "SL_20090304_WIRESHARK_ON_SL3_X.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:880671", "OPENVAS:800040", "OPENVAS:830417", "OPENVAS:1361412562310880945", "OPENVAS:136141256231063569", "OPENVAS:136141256231063474", "OPENVAS:63474", "OPENVAS:1361412562310122515", "OPENVAS:63569", "OPENVAS:1361412562310880671"]}, {"type": "centos", "idList": ["CESA-2009:0313"]}, {"type": "redhat", "idList": ["RHSA-2009:0313"]}, {"type": "oraclelinux", "idList": ["ELSA-2009-0313"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:21031", "SECURITYVULNS:VULN:9451", "SECURITYVULNS:VULN:9702", "SECURITYVULNS:VULN:9391", "SECURITYVULNS:DOC:20776", "SECURITYVULNS:DOC:21402"]}, {"type": "cve", "idList": ["CVE-2008-5285", "CVE-2008-4682", "CVE-2009-0599", "CVE-2008-4684", "CVE-2008-4680", "CVE-2008-4683", "CVE-2008-4685", "CVE-2008-4681", "CVE-2009-0600", "CVE-2009-0313"]}, {"type": "gentoo", "idList": ["GLSA-200906-05"]}, {"type": "fedora", "idList": ["FEDORA:0ABA5208770", "FEDORA:4A462208545"]}, {"type": "freebsd", "idList": ["F6F19735-9245-4918-8A60-87948EBB4907", "BAECE347-C489-11DD-A721-0030843D3802"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1673-1:71D41"]}, {"type": "exploitdb", "idList": ["EDB-ID:6622"]}], "modified": "2017-07-25T10:55:41", "rev": 2}, "vulnersScore": 6.7}, "pluginID": "880945", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for wireshark CESA-2009:0313 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a program for monitoring network traffic. Wireshark was\n previously known as Ethereal.\n\n Multiple buffer overflow flaws were found in Wireshark. If Wireshark read\n a malformed packet off a network or opened a malformed dump file, it could\n crash or, possibly, execute arbitrary code as the user running Wireshark.\n (CVE-2008-4683, CVE-2009-0599)\n \n Several denial of service flaws were found in Wireshark. Wireshark could\n crash or stop responding if it read a malformed packet off a network, or\n opened a malformed dump file. (CVE-2008-4680, CVE-2008-4681, CVE-2008-4682,\n CVE-2008-4684, CVE-2008-4685, CVE-2008-5285, CVE-2009-0600)\n \n Users of wireshark should upgrade to these updated packages, which contain\n Wireshark version 1.0.6, and resolve these issues. All running instances of\n Wireshark must be restarted for the update to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on CentOS 4\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-April/015801.html\");\n script_id(880945);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2009:0313\");\n script_cve_id(\"CVE-2008-4680\", \"CVE-2008-4681\", \"CVE-2008-4682\", \"CVE-2008-4683\",\n \"CVE-2008-4684\", \"CVE-2008-4685\", \"CVE-2008-5285\", \"CVE-2009-0599\",\n \"CVE-2009-0600\");\n script_name(\"CentOS Update for wireshark CESA-2009:0313 centos4 i386\");\n\n script_summary(\"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.6~2.el4_7\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.6~2.el4_7\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "naslFamily": "CentOS Local Security Checks", "immutableFields": []}

{"nessus": [{"lastseen": "2021-01-17T13:44:08", "description": "Multiple buffer overflow flaws were found in Wireshark. If Wireshark\nread a malformed packet off a network or opened a malformed dump file,\nit could crash or, possibly, execute arbitrary code as the user\nrunning Wireshark. (CVE-2008-4683, CVE-2009-0599)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark\ncould crash or stop responding if it read a malformed packet off a\nnetwork, or opened a malformed dump file. (CVE-2008-4680,\nCVE-2008-4681, CVE-2008-4682,CVE-2008-4684, CVE-2008-4685,\nCVE-2008-5285, CVE-2009-0600)\n\nAll running instances of Wireshark must be restarted for the update to\ntake effect.", "edition": 25, "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : wireshark on SL3.x, SL4.x, SL5.x i386/x86_64", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4680", "CVE-2008-4681", "CVE-2008-5285", "CVE-2009-0599", "CVE-2009-0600", "CVE-2008-4683", "CVE-2008-4684", "CVE-2008-4685", "CVE-2008-4682"], "modified": "2012-08-01T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20090304_WIRESHARK_ON_SL3_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60541", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60541);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-4680\", \"CVE-2008-4681\", \"CVE-2008-4682\", \"CVE-2008-4683\", \"CVE-2008-4684\", \"CVE-2008-4685\", \"CVE-2008-5285\", \"CVE-2009-0599\", \"CVE-2009-0600\");\n\n script_name(english:\"Scientific Linux Security Update : wireshark on SL3.x, SL4.x, SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple buffer overflow flaws were found in Wireshark. If Wireshark\nread a malformed packet off a network or opened a malformed dump file,\nit could crash or, possibly, execute arbitrary code as the user\nrunning Wireshark. (CVE-2008-4683, CVE-2009-0599)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark\ncould crash or stop responding if it read a malformed packet off a\nnetwork, or opened a malformed dump file. (CVE-2008-4680,\nCVE-2008-4681, CVE-2008-4682,CVE-2008-4684, CVE-2008-4685,\nCVE-2008-5285, CVE-2009-0600)\n\nAll running instances of Wireshark must be restarted for the update to\ntake effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0903&L=scientific-linux-errata&T=0&P=326\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fcc831f3\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark and / or wireshark-gnome packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cwe_id(20, 119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/10/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL3\", reference:\"wireshark-1.0.6-EL3.3\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"wireshark-gnome-1.0.6-EL3.3\")) flag++;\n\nif (rpm_check(release:\"SL4\", reference:\"wireshark-1.0.6-2.el4_7\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"wireshark-gnome-1.0.6-2.el4_7\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"wireshark-1.0.6-2.el5_3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"wireshark-gnome-1.0.6-2.el5_3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T13:06:31", "description": "Updated wireshark packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 3, 4, and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nWireshark is a program for monitoring network traffic. Wireshark was\npreviously known as Ethereal.\n\nMultiple buffer overflow flaws were found in Wireshark. If Wireshark\nread a malformed packet off a network or opened a malformed dump file,\nit could crash or, possibly, execute arbitrary code as the user\nrunning Wireshark. (CVE-2008-4683, CVE-2009-0599)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark\ncould crash or stop responding if it read a malformed packet off a\nnetwork, or opened a malformed dump file. (CVE-2008-4680,\nCVE-2008-4681, CVE-2008-4682, CVE-2008-4684, CVE-2008-4685,\nCVE-2008-5285, CVE-2009-0600)\n\nUsers of wireshark should upgrade to these updated packages, which\ncontain Wireshark version 1.0.6, and resolve these issues. All running\ninstances of Wireshark must be restarted for the update to take\neffect.", "edition": 27, "published": "2009-03-05T00:00:00", "title": "RHEL 3 / 4 / 5 : wireshark (RHSA-2009:0313)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4680", "CVE-2008-4681", "CVE-2008-6472", "CVE-2008-5285", "CVE-2009-0599", "CVE-2009-0600", "CVE-2008-4683", "CVE-2008-4684", "CVE-2008-4685", "CVE-2008-4682"], "modified": "2009-03-05T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.3", "p-cpe:/a:redhat:enterprise_linux:wireshark", "p-cpe:/a:redhat:enterprise_linux:wireshark-gnome", "cpe:/o:redhat:enterprise_linux:4.7"], "id": "REDHAT-RHSA-2009-0313.NASL", "href": "https://www.tenable.com/plugins/nessus/35772", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0313. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35772);\n script_version(\"1.26\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-4680\", \"CVE-2008-4681\", \"CVE-2008-4682\", \"CVE-2008-4683\", \"CVE-2008-4684\", \"CVE-2008-4685\", \"CVE-2008-5285\", \"CVE-2008-6472\", \"CVE-2009-0599\", \"CVE-2009-0600\");\n script_bugtraq_id(31838, 32422);\n script_xref(name:\"RHSA\", value:\"2009:0313\");\n\n script_name(english:\"RHEL 3 / 4 / 5 : wireshark (RHSA-2009:0313)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated wireshark packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 3, 4, and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nWireshark is a program for monitoring network traffic. Wireshark was\npreviously known as Ethereal.\n\nMultiple buffer overflow flaws were found in Wireshark. If Wireshark\nread a malformed packet off a network or opened a malformed dump file,\nit could crash or, possibly, execute arbitrary code as the user\nrunning Wireshark. (CVE-2008-4683, CVE-2009-0599)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark\ncould crash or stop responding if it read a malformed packet off a\nnetwork, or opened a malformed dump file. (CVE-2008-4680,\nCVE-2008-4681, CVE-2008-4682, CVE-2008-4684, CVE-2008-4685,\nCVE-2008-5285, CVE-2009-0600)\n\nUsers of wireshark should upgrade to these updated packages, which\ncontain Wireshark version 1.0.6, and resolve these issues. All running\ninstances of Wireshark must be restarted for the update to take\neffect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-4680\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-4681\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-4682\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-4683\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-4684\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-4685\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-5285\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-6472\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0599\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0600\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:0313\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark and / or wireshark-gnome packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:wireshark-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/10/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/03/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x / 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:0313\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", reference:\"wireshark-1.0.6-EL3.3\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"wireshark-gnome-1.0.6-EL3.3\")) flag++;\n\n\n if (rpm_check(release:\"RHEL4\", reference:\"wireshark-1.0.6-2.el4_7\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"wireshark-gnome-1.0.6-2.el4_7\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"wireshark-1.0.6-2.el5_3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"wireshark-1.0.6-2.el5_3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"wireshark-1.0.6-2.el5_3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"wireshark-gnome-1.0.6-2.el5_3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"wireshark-gnome-1.0.6-2.el5_3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"wireshark-gnome-1.0.6-2.el5_3\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark / wireshark-gnome\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-06T09:25:32", "description": "Updated wireshark packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 3, 4, and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nWireshark is a program for monitoring network traffic. Wireshark was\npreviously known as Ethereal.\n\nMultiple buffer overflow flaws were found in Wireshark. If Wireshark\nread a malformed packet off a network or opened a malformed dump file,\nit could crash or, possibly, execute arbitrary code as the user\nrunning Wireshark. (CVE-2008-4683, CVE-2009-0599)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark\ncould crash or stop responding if it read a malformed packet off a\nnetwork, or opened a malformed dump file. (CVE-2008-4680,\nCVE-2008-4681, CVE-2008-4682, CVE-2008-4684, CVE-2008-4685,\nCVE-2008-5285, CVE-2009-0600)\n\nUsers of wireshark should upgrade to these updated packages, which\ncontain Wireshark version 1.0.6, and resolve these issues. All running\ninstances of Wireshark must be restarted for the update to take\neffect.", "edition": 27, "published": "2009-03-05T00:00:00", "title": "CentOS 3 / 4 : wireshark (CESA-2009:0313)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4680", "CVE-2008-4681", "CVE-2008-6472", "CVE-2008-5285", "CVE-2009-0599", "CVE-2009-0600", "CVE-2008-4683", "CVE-2008-4684", "CVE-2008-4685", "CVE-2008-4682"], "modified": "2009-03-05T00:00:00", "cpe": ["p-cpe:/a:centos:centos:wireshark", "cpe:/o:centos:centos:4", "p-cpe:/a:centos:centos:wireshark-gnome", "cpe:/o:centos:centos:3"], "id": "CENTOS_RHSA-2009-0313.NASL", "href": "https://www.tenable.com/plugins/nessus/35767", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0313 and \n# CentOS Errata and Security Advisory 2009:0313 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35767);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-4680\", \"CVE-2008-4681\", \"CVE-2008-4682\", \"CVE-2008-4683\", \"CVE-2008-4684\", \"CVE-2008-4685\", \"CVE-2008-5285\", \"CVE-2008-6472\", \"CVE-2009-0599\", \"CVE-2009-0600\");\n script_bugtraq_id(31838, 32422);\n script_xref(name:\"RHSA\", value:\"2009:0313\");\n\n script_name(english:\"CentOS 3 / 4 : wireshark (CESA-2009:0313)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated wireshark packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 3, 4, and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nWireshark is a program for monitoring network traffic. Wireshark was\npreviously known as Ethereal.\n\nMultiple buffer overflow flaws were found in Wireshark. If Wireshark\nread a malformed packet off a network or opened a malformed dump file,\nit could crash or, possibly, execute arbitrary code as the user\nrunning Wireshark. (CVE-2008-4683, CVE-2009-0599)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark\ncould crash or stop responding if it read a malformed packet off a\nnetwork, or opened a malformed dump file. (CVE-2008-4680,\nCVE-2008-4681, CVE-2008-4682, CVE-2008-4684, CVE-2008-4685,\nCVE-2008-5285, CVE-2009-0600)\n\nUsers of wireshark should upgrade to these updated packages, which\ncontain Wireshark version 1.0.6, and resolve these issues. All running\ninstances of Wireshark must be restarted for the update to take\neffect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-April/015800.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?08f2711c\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-April/015801.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?18722f83\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-March/015651.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8e0ec61c\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-March/015652.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?368d19bc\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-March/015656.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d5878e1f\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-March/015659.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?65ab81d3\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:wireshark-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/10/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/03/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 3.x / 4.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", reference:\"wireshark-1.0.6-EL3.3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"wireshark-gnome-1.0.6-EL3.3\")) flag++;\n\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"wireshark-1.0.6-2.el4_7\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"wireshark-1.0.6-2.c4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"wireshark-1.0.6-2.el4_7\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"wireshark-gnome-1.0.6-2.el4_7\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"wireshark-gnome-1.0.6-2.c4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"wireshark-gnome-1.0.6-2.el4_7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark / wireshark-gnome\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T12:44:22", "description": "From Red Hat Security Advisory 2009:0313 :\n\nUpdated wireshark packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 3, 4, and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nWireshark is a program for monitoring network traffic. Wireshark was\npreviously known as Ethereal.\n\nMultiple buffer overflow flaws were found in Wireshark. If Wireshark\nread a malformed packet off a network or opened a malformed dump file,\nit could crash or, possibly, execute arbitrary code as the user\nrunning Wireshark. (CVE-2008-4683, CVE-2009-0599)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark\ncould crash or stop responding if it read a malformed packet off a\nnetwork, or opened a malformed dump file. (CVE-2008-4680,\nCVE-2008-4681, CVE-2008-4682, CVE-2008-4684, CVE-2008-4685,\nCVE-2008-5285, CVE-2009-0600)\n\nUsers of wireshark should upgrade to these updated packages, which\ncontain Wireshark version 1.0.6, and resolve these issues. All running\ninstances of Wireshark must be restarted for the update to take\neffect.", "edition": 25, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 3 / 4 / 5 : wireshark (ELSA-2009-0313)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4680", "CVE-2008-4681", "CVE-2008-6472", "CVE-2008-5285", "CVE-2009-0599", "CVE-2009-0600", "CVE-2008-4683", "CVE-2008-4684", "CVE-2008-4685", "CVE-2008-4682"], "modified": "2013-07-12T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:wireshark-gnome", "cpe:/o:oracle:linux:5", "cpe:/o:oracle:linux:3", "p-cpe:/a:oracle:linux:wireshark", "cpe:/o:oracle:linux:4"], "id": "ORACLELINUX_ELSA-2009-0313.NASL", "href": "https://www.tenable.com/plugins/nessus/67809", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:0313 and \n# Oracle Linux Security Advisory ELSA-2009-0313 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67809);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-4680\", \"CVE-2008-4681\", \"CVE-2008-4682\", \"CVE-2008-4683\", \"CVE-2008-4684\", \"CVE-2008-4685\", \"CVE-2008-5285\", \"CVE-2008-6472\", \"CVE-2009-0599\", \"CVE-2009-0600\");\n script_bugtraq_id(31838, 32422);\n script_xref(name:\"RHSA\", value:\"2009:0313\");\n\n script_name(english:\"Oracle Linux 3 / 4 / 5 : wireshark (ELSA-2009-0313)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:0313 :\n\nUpdated wireshark packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 3, 4, and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nWireshark is a program for monitoring network traffic. Wireshark was\npreviously known as Ethereal.\n\nMultiple buffer overflow flaws were found in Wireshark. If Wireshark\nread a malformed packet off a network or opened a malformed dump file,\nit could crash or, possibly, execute arbitrary code as the user\nrunning Wireshark. (CVE-2008-4683, CVE-2009-0599)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark\ncould crash or stop responding if it read a malformed packet off a\nnetwork, or opened a malformed dump file. (CVE-2008-4680,\nCVE-2008-4681, CVE-2008-4682, CVE-2008-4684, CVE-2008-4685,\nCVE-2008-5285, CVE-2009-0600)\n\nUsers of wireshark should upgrade to these updated packages, which\ncontain Wireshark version 1.0.6, and resolve these issues. All running\ninstances of Wireshark must be restarted for the update to take\neffect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-March/000900.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-March/000902.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-March/000905.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:wireshark-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/10/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 3 / 4 / 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"wireshark-1.0.6-0.1.EL3.3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"wireshark-1.0.6-0.1.EL3.3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"wireshark-gnome-1.0.6-0.1.EL3.3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"wireshark-gnome-1.0.6-0.1.EL3.3\")) flag++;\n\nif (rpm_check(release:\"EL4\", reference:\"wireshark-1.0.6-2.0.1.el4_7\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"wireshark-gnome-1.0.6-2.0.1.el4_7\")) flag++;\n\nif (rpm_check(release:\"EL5\", reference:\"wireshark-1.0.6-2.0.1.el5_3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"wireshark-gnome-1.0.6-2.0.1.el5_3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark / wireshark-gnome\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T11:51:57", "description": "A number of vulnerabilities were discovered in Wireshark that could\ncause it to crash or abort while processing malicious packets\n(CVE-2008-4680, CVE-2008-4681, CVE-2008-4682, CVE-2008-4683,\nCVE-2008-4684, CVE-2008-4685).\n\nThis update provides Wireshark 1.0.4, which is not vulnerable to these\nissues.", "edition": 26, "published": "2009-04-23T00:00:00", "title": "Mandriva Linux Security Advisory : wireshark (MDVSA-2008:215)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4680", "CVE-2008-4681", "CVE-2008-4683", "CVE-2008-4684", "CVE-2008-4685", "CVE-2008-4682"], "modified": "2009-04-23T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:libwireshark-devel", "p-cpe:/a:mandriva:linux:dumpcap", "p-cpe:/a:mandriva:linux:libwireshark0", "cpe:/o:mandriva:linux:2009.0", "p-cpe:/a:mandriva:linux:rawshark", "p-cpe:/a:mandriva:linux:lib64wireshark0", "cpe:/o:mandriva:linux:2008.1", "p-cpe:/a:mandriva:linux:tshark", "p-cpe:/a:mandriva:linux:lib64wireshark-devel", "p-cpe:/a:mandriva:linux:wireshark-tools", "p-cpe:/a:mandriva:linux:wireshark"], "id": "MANDRIVA_MDVSA-2008-215.NASL", "href": "https://www.tenable.com/plugins/nessus/36750", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2008:215. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(36750);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-4680\", \"CVE-2008-4681\", \"CVE-2008-4682\", \"CVE-2008-4683\", \"CVE-2008-4684\", \"CVE-2008-4685\");\n script_xref(name:\"MDVSA\", value:\"2008:215\");\n\n script_name(english:\"Mandriva Linux Security Advisory : wireshark (MDVSA-2008:215)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A number of vulnerabilities were discovered in Wireshark that could\ncause it to crash or abort while processing malicious packets\n(CVE-2008-4680, CVE-2008-4681, CVE-2008-4682, CVE-2008-4683,\nCVE-2008-4684, CVE-2008-4685).\n\nThis update provides Wireshark 1.0.4, which is not vulnerable to these\nissues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/security/wnpa-sec-2008-06.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cwe_id(20, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dumpcap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64wireshark0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libwireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libwireshark0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rawshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:wireshark-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.1\", reference:\"dumpcap-1.0.4-0.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64wireshark-devel-1.0.4-0.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64wireshark0-1.0.4-0.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libwireshark-devel-1.0.4-0.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libwireshark0-1.0.4-0.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"rawshark-1.0.4-0.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tshark-1.0.4-0.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"wireshark-1.0.4-0.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"wireshark-tools-1.0.4-0.1mdv2008.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.0\", reference:\"dumpcap-1.0.4-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64wireshark-devel-1.0.4-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64wireshark0-1.0.4-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libwireshark-devel-1.0.4-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libwireshark0-1.0.4-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rawshark-1.0.4-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tshark-1.0.4-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"wireshark-1.0.4-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"wireshark-tools-1.0.4-0.1mdv2009.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T14:03:46", "description": "This update fixes problems that could crash wireshark when processing\ncompressed data and when processing rf5 files (CVE-2008-3933,\nCVE-2008-3934) as well as CVE-2008-4680 (USB dissector crash),\nCVE-2008-4681 (Bluetooth RFCOMM dissector crash), CVE-2008-4682 (Tamos\nCommView dissector crash), CVE-2008-4683 (Bluetooth ACL dissector\ncrash), CVE-2008-4684 (PRP and MATE dissector crash) and CVE-2008-4685\n(Q.931 dissector crash). CVE-2008-5285 (SMTP dissector infinite loop)\nand an infinite loop problem in the WLCCP dissector", "edition": 24, "published": "2009-07-21T00:00:00", "title": "openSUSE Security Update : wireshark (wireshark-387)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3934", "CVE-2008-3933", "CVE-2008-4680", "CVE-2008-4681", "CVE-2008-5285", "CVE-2008-4683", "CVE-2008-4684", "CVE-2008-4685", "CVE-2008-4682"], "modified": "2009-07-21T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:wireshark", "p-cpe:/a:novell:opensuse:wireshark-devel", "cpe:/o:novell:opensuse:11.0"], "id": "SUSE_11_0_WIRESHARK-081220.NASL", "href": "https://www.tenable.com/plugins/nessus/40152", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update wireshark-387.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40152);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-3933\", \"CVE-2008-3934\", \"CVE-2008-4680\", \"CVE-2008-4681\", \"CVE-2008-4682\", \"CVE-2008-4683\", \"CVE-2008-4684\", \"CVE-2008-4685\", \"CVE-2008-5285\");\n\n script_name(english:\"openSUSE Security Update : wireshark (wireshark-387)\");\n script_summary(english:\"Check for the wireshark-387 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes problems that could crash wireshark when processing\ncompressed data and when processing rf5 files (CVE-2008-3933,\nCVE-2008-3934) as well as CVE-2008-4680 (USB dissector crash),\nCVE-2008-4681 (Bluetooth RFCOMM dissector crash), CVE-2008-4682 (Tamos\nCommView dissector crash), CVE-2008-4683 (Bluetooth ACL dissector\ncrash), CVE-2008-4684 (PRP and MATE dissector crash) and CVE-2008-4685\n(Q.931 dissector crash). CVE-2008-5285 (SMTP dissector infinite loop)\nand an infinite loop problem in the WLCCP dissector\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=422948\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=457525\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cwe_id(20, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"wireshark-1.0.0-17.7\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"wireshark-devel-1.0.0-17.7\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark / wireshark-devel\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T14:47:16", "description": "This update fixes problems that could crash wireshark when processing\ncompressed data and when processing rf5 files (CVE-2008-3933,\nCVE-2008-3934) as well as CVE-2008-4680 (USB dissector crash),\nCVE-2008-4681 (Bluetooth RFCOMM dissector crash), CVE-2008-4683\n(Bluetooth ACL dissector crash), CVE-2008-4684 (PRP and MATE dissector\ncrash) and CVE-2008-4685 (Q.931 dissector crash). CVE-2008-5285 (SMTP\ndissector infinite loop)", "edition": 24, "published": "2008-12-26T00:00:00", "title": "openSUSE 10 Security Update : wireshark (wireshark-5886)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3934", "CVE-2008-3933", "CVE-2008-4680", "CVE-2008-4681", "CVE-2008-5285", "CVE-2008-4683", "CVE-2008-4684", "CVE-2008-4685"], "modified": "2008-12-26T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:wireshark", "cpe:/o:novell:opensuse:10.3", "p-cpe:/a:novell:opensuse:wireshark-devel"], "id": "SUSE_WIRESHARK-5886.NASL", "href": "https://www.tenable.com/plugins/nessus/35272", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update wireshark-5886.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35272);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-3933\", \"CVE-2008-3934\", \"CVE-2008-4680\", \"CVE-2008-4681\", \"CVE-2008-4683\", \"CVE-2008-4684\", \"CVE-2008-4685\", \"CVE-2008-5285\");\n\n script_name(english:\"openSUSE 10 Security Update : wireshark (wireshark-5886)\");\n script_summary(english:\"Check for the wireshark-5886 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes problems that could crash wireshark when processing\ncompressed data and when processing rf5 files (CVE-2008-3933,\nCVE-2008-3934) as well as CVE-2008-4680 (USB dissector crash),\nCVE-2008-4681 (Bluetooth RFCOMM dissector crash), CVE-2008-4683\n(Bluetooth ACL dissector crash), CVE-2008-4684 (PRP and MATE dissector\ncrash) and CVE-2008-4685 (Q.931 dissector crash). CVE-2008-5285 (SMTP\ndissector infinite loop)\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cwe_id(20, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/12/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.3\", reference:\"wireshark-0.99.6-31.13\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"wireshark-devel-0.99.6-31.13\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark / wireshark-devel\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T14:47:16", "description": "This update fixes problems that could crash wireshark when processing\ncompressed data (CVE-2008-3933) as well as CVE-2008-4680 (USB\ndissector crash), CVE-2008-4681 (Bluetooth RFCOMM dissector crash),\nCVE-2008-4683 (Bluetooth ACL dissector crash), CVE-2008-4684 (PRP and\nMATE dissector crash) and CVE-2008-4685 (Q.931 dissector crash).", "edition": 25, "published": "2008-12-01T00:00:00", "title": "openSUSE 10 Security Update : wireshark (wireshark-5783)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3933", "CVE-2008-4680", "CVE-2008-4681", "CVE-2008-4683", "CVE-2008-4684", "CVE-2008-4685"], "modified": "2008-12-01T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:wireshark", "cpe:/o:novell:opensuse:10.2", "p-cpe:/a:novell:opensuse:wireshark-devel"], "id": "SUSE_WIRESHARK-5783.NASL", "href": "https://www.tenable.com/plugins/nessus/34990", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update wireshark-5783.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34990);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-3933\", \"CVE-2008-4680\", \"CVE-2008-4681\", \"CVE-2008-4683\", \"CVE-2008-4684\", \"CVE-2008-4685\");\n\n script_name(english:\"openSUSE 10 Security Update : wireshark (wireshark-5783)\");\n script_summary(english:\"Check for the wireshark-5783 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes problems that could crash wireshark when processing\ncompressed data (CVE-2008-3933) as well as CVE-2008-4680 (USB\ndissector crash), CVE-2008-4681 (Bluetooth RFCOMM dissector crash),\nCVE-2008-4683 (Bluetooth ACL dissector crash), CVE-2008-4684 (PRP and\nMATE dissector crash) and CVE-2008-4685 (Q.931 dissector crash).\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cwe_id(20, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/11/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/12/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.2\", reference:\"wireshark-0.99.5-5.15\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"wireshark-devel-0.99.5-5.15\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T10:52:32", "description": "The remote host is affected by the vulnerability described in GLSA-200906-05\n(Wireshark: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Wireshark:\n David Maciejak discovered a vulnerability in packet-usb.c in the USB\n dissector via a malformed USB Request Block (URB) (CVE-2008-4680).\n Florent Drouin and David Maciejak reported an unspecified vulnerability\n in the Bluetooth RFCOMM dissector (CVE-2008-4681).\n A malformed Tamos CommView capture file (aka .ncf file) with an\n 'unknown/unexpected packet type' triggers a failed assertion in wtap.c\n (CVE-2008-4682).\n An unchecked packet length parameter in the dissect_btacl() function in\n packet-bthci_acl.c in the Bluetooth ACL dissector causes an erroneous\n tvb_memcpy() call (CVE-2008-4683).\n A vulnerability where packet-frame does not properly handle exceptions\n thrown by post dissectors caused by a certain series of packets\n (CVE-2008-4684).\n Mike Davies reported a use-after-free vulnerability in the\n dissect_q931_cause_ie() function in packet-q931.c in the Q.931\n dissector via certain packets that trigger an exception\n (CVE-2008-4685).\n The Security Vulnerability Research Team of Bkis reported that the SMTP\n dissector could consume excessive amounts of CPU and memory\n (CVE-2008-5285).\n The vendor reported that the WLCCP dissector could go into an infinite\n loop (CVE-2008-6472).\n babi discovered a buffer overflow in wiretap/netscreen.c via a\n malformed NetScreen snoop file (CVE-2009-0599).\n A specially crafted Tektronix K12 text capture file can cause an\n application crash (CVE-2009-0600).\n A format string vulnerability via format string specifiers in the HOME\n environment variable (CVE-2009-0601).\n THCX Labs reported a format string vulnerability in the\n PROFINET/DCP (PN-DCP) dissector via a PN-DCP packet with format string\n specifiers in the station name (CVE-2009-1210).\n An unspecified vulnerability with unknown impact and attack vectors\n (CVE-2009-1266).\n Marty Adkins and Chris Maynard discovered a parsing error in the\n dissector for the Check Point High-Availability Protocol (CPHAP)\n (CVE-2009-1268).\n Magnus Homann discovered a parsing error when loading a Tektronix .rf5\n file (CVE-2009-1269).\n The vendor reported that the PCNFSD dissector could crash\n (CVE-2009-1829).\n \nImpact :\n\n A remote attacker could exploit these vulnerabilities by sending\n specially crafted packets on a network being monitored by Wireshark or\n by enticing a user to read a malformed packet trace file which can\n trigger a Denial of Service (application crash or excessive CPU and\n memory usage) and possibly allow for the execution of arbitrary code\n with the privileges of the user running Wireshark.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 26, "published": "2009-07-01T00:00:00", "title": "GLSA-200906-05 : Wireshark: Multiple vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4680", "CVE-2008-4681", "CVE-2009-1268", "CVE-2009-1266", "CVE-2009-1210", "CVE-2008-6472", "CVE-2008-5285", "CVE-2009-1829", "CVE-2009-1269", "CVE-2009-0599", "CVE-2009-0600", "CVE-2008-4683", "CVE-2009-0601", "CVE-2008-4684", "CVE-2008-4685", "CVE-2008-4682"], "modified": "2009-07-01T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:wireshark"], "id": "GENTOO_GLSA-200906-05.NASL", "href": "https://www.tenable.com/plugins/nessus/39580", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200906-05.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(39580);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-4680\", \"CVE-2008-4681\", \"CVE-2008-4682\", \"CVE-2008-4683\", \"CVE-2008-4684\", \"CVE-2008-4685\", \"CVE-2008-5285\", \"CVE-2008-6472\", \"CVE-2009-0599\", \"CVE-2009-0600\", \"CVE-2009-0601\", \"CVE-2009-1210\", \"CVE-2009-1266\", \"CVE-2009-1268\", \"CVE-2009-1269\", \"CVE-2009-1829\");\n script_bugtraq_id(31838, 32422, 34291, 34457, 35081);\n script_xref(name:\"GLSA\", value:\"200906-05\");\n\n script_name(english:\"GLSA-200906-05 : Wireshark: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200906-05\n(Wireshark: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Wireshark:\n David Maciejak discovered a vulnerability in packet-usb.c in the USB\n dissector via a malformed USB Request Block (URB) (CVE-2008-4680).\n Florent Drouin and David Maciejak reported an unspecified vulnerability\n in the Bluetooth RFCOMM dissector (CVE-2008-4681).\n A malformed Tamos CommView capture file (aka .ncf file) with an\n 'unknown/unexpected packet type' triggers a failed assertion in wtap.c\n (CVE-2008-4682).\n An unchecked packet length parameter in the dissect_btacl() function in\n packet-bthci_acl.c in the Bluetooth ACL dissector causes an erroneous\n tvb_memcpy() call (CVE-2008-4683).\n A vulnerability where packet-frame does not properly handle exceptions\n thrown by post dissectors caused by a certain series of packets\n (CVE-2008-4684).\n Mike Davies reported a use-after-free vulnerability in the\n dissect_q931_cause_ie() function in packet-q931.c in the Q.931\n dissector via certain packets that trigger an exception\n (CVE-2008-4685).\n The Security Vulnerability Research Team of Bkis reported that the SMTP\n dissector could consume excessive amounts of CPU and memory\n (CVE-2008-5285).\n The vendor reported that the WLCCP dissector could go into an infinite\n loop (CVE-2008-6472).\n babi discovered a buffer overflow in wiretap/netscreen.c via a\n malformed NetScreen snoop file (CVE-2009-0599).\n A specially crafted Tektronix K12 text capture file can cause an\n application crash (CVE-2009-0600).\n A format string vulnerability via format string specifiers in the HOME\n environment variable (CVE-2009-0601).\n THCX Labs reported a format string vulnerability in the\n PROFINET/DCP (PN-DCP) dissector via a PN-DCP packet with format string\n specifiers in the station name (CVE-2009-1210).\n An unspecified vulnerability with unknown impact and attack vectors\n (CVE-2009-1266).\n Marty Adkins and Chris Maynard discovered a parsing error in the\n dissector for the Check Point High-Availability Protocol (CPHAP)\n (CVE-2009-1268).\n Magnus Homann discovered a parsing error when loading a Tektronix .rf5\n file (CVE-2009-1269).\n The vendor reported that the PCNFSD dissector could crash\n (CVE-2009-1829).\n \nImpact :\n\n A remote attacker could exploit these vulnerabilities by sending\n specially crafted packets on a network being monitored by Wireshark or\n by enticing a user to read a malformed packet trace file which can\n trigger a Denial of Service (application crash or excessive CPU and\n memory usage) and possibly allow for the execution of arbitrary code\n with the privileges of the user running Wireshark.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200906-05\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Wireshark users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-analyzer/wireshark-1.0.8'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(20, 119, 134, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-analyzer/wireshark\", unaffected:make_list(\"ge 1.0.8\"), vulnerable:make_list(\"lt 1.0.8\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Wireshark\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:07:07", "description": "Few minor security issues were fixed in new version of wireshark.\nSecurity- related bugs in the Tektronix K12 and NetScreen file formats\nhave been fixed.\nhttp://www.wireshark.org/security/wnpa-sec-2009-01.html NFSv4.1: Add\nsupport for backchannel decoding - Dynamically registers a callback\ndissector based on the CREATE_SESSION args. - Supports the decoding of\nCB_SEQUENCE, CB_RECALL, CB_LAYOUTRECALL operations\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "published": "2009-04-23T00:00:00", "title": "Fedora 10 : wireshark-1.0.6-1.fc10 (2009-1798)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0599", "CVE-2009-0600"], "modified": "2009-04-23T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:10", "p-cpe:/a:fedoraproject:fedora:wireshark"], "id": "FEDORA_2009-1798.NASL", "href": "https://www.tenable.com/plugins/nessus/37388", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-1798.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(37388);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-0599\", \"CVE-2009-0600\");\n script_xref(name:\"FEDORA\", value:\"2009-1798\");\n\n script_name(english:\"Fedora 10 : wireshark-1.0.6-1.fc10 (2009-1798)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Few minor security issues were fixed in new version of wireshark.\nSecurity- related bugs in the Tektronix K12 and NetScreen file formats\nhave been fixed.\nhttp://www.wireshark.org/security/wnpa-sec-2009-01.html NFSv4.1: Add\nsupport for backchannel decoding - Dynamically registers a callback\ndissector based on the CREATE_SESSION args. - Supports the decoding of\nCB_SEQUENCE, CB_RECALL, CB_LAYOUTRECALL operations\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.wireshark.org/security/wnpa-sec-2009-01.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/security/wnpa-sec-2009-01.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=485888\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=485889\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-March/020980.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8baebabd\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cwe_id(20, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/02/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"wireshark-1.0.6-1.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "openvas": [{"lastseen": "2017-07-27T10:55:35", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4680", "CVE-2008-4681", "CVE-2008-5285", "CVE-2009-0599", "CVE-2009-0600", "CVE-2008-4683", "CVE-2008-4684", "CVE-2008-4685", "CVE-2008-4682"], "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:0313.\n\nWireshark is a program for monitoring network traffic. Wireshark was\npreviously known as Ethereal.\n\nMultiple buffer overflow flaws were found in Wireshark. If Wireshark read\na malformed packet off a network or opened a malformed dump file, it could\ncrash or, possibly, execute arbitrary code as the user running Wireshark.\n(CVE-2008-4683, CVE-2009-0599)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark could\ncrash or stop responding if it read a malformed packet off a network, or\nopened a malformed dump file. (CVE-2008-4680, CVE-2008-4681, CVE-2008-4682,\nCVE-2008-4684, CVE-2008-4685, CVE-2008-5285, CVE-2009-0600)\n\nUsers of wireshark should upgrade to these updated packages, which contain\nWireshark version 1.0.6, and resolve these issues. All running instances of\nWireshark must be restarted for the update to take effect.", "modified": "2017-07-12T00:00:00", "published": "2009-03-07T00:00:00", "id": "OPENVAS:63474", "href": "http://plugins.openvas.org/nasl.php?oid=63474", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:0313", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_0313.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:0313 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:0313.\n\nWireshark is a program for monitoring network traffic. Wireshark was\npreviously known as Ethereal.\n\nMultiple buffer overflow flaws were found in Wireshark. If Wireshark read\na malformed packet off a network or opened a malformed dump file, it could\ncrash or, possibly, execute arbitrary code as the user running Wireshark.\n(CVE-2008-4683, CVE-2009-0599)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark could\ncrash or stop responding if it read a malformed packet off a network, or\nopened a malformed dump file. (CVE-2008-4680, CVE-2008-4681, CVE-2008-4682,\nCVE-2008-4684, CVE-2008-4685, CVE-2008-5285, CVE-2009-0600)\n\nUsers of wireshark should upgrade to these updated packages, which contain\nWireshark version 1.0.6, and resolve these issues. All running instances of\nWireshark must be restarted for the update to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_id(63474);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-07 21:47:03 +0100 (Sat, 07 Mar 2009)\");\n script_cve_id(\"CVE-2008-4680\", \"CVE-2008-4681\", \"CVE-2008-4682\", \"CVE-2008-4683\", \"CVE-2008-4684\", \"CVE-2008-4685\", \"CVE-2008-5285\", \"CVE-2009-0599\", \"CVE-2009-0600\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"RedHat Security Advisory RHSA-2009:0313\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-0313.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#important\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.6~EL3.3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~1.0.6~EL3.3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.6~EL3.3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.6~2.el4_7\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~1.0.6~2.el4_7\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.6~2.el4_7\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.6~2.el5_3\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~1.0.6~2.el5_3\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.6~2.el5_3\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:45", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4680", "CVE-2008-4681", "CVE-2008-5285", "CVE-2009-0599", "CVE-2009-0600", "CVE-2008-4683", "CVE-2008-4684", "CVE-2008-4685", "CVE-2008-4682"], "description": "The remote host is missing updates to wireshark announced in\nadvisory CESA-2009:0313.", "modified": "2017-07-10T00:00:00", "published": "2009-03-13T00:00:00", "id": "OPENVAS:63569", "href": "http://plugins.openvas.org/nasl.php?oid=63569", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:0313 (wireshark)", "sourceData": "#CESA-2009:0313 63569 8\n# $Id: ovcesa2009_0313.nasl 6650 2017-07-10 11:43:12Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:0313 (wireshark)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:0313\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:0313\nhttps://rhn.redhat.com/errata/RHSA-2009-0313.html\";\ntag_summary = \"The remote host is missing updates to wireshark announced in\nadvisory CESA-2009:0313.\";\n\n\n\nif(description)\n{\n script_id(63569);\n script_version(\"$Revision: 6650 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:43:12 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-13 19:24:56 +0100 (Fri, 13 Mar 2009)\");\n script_cve_id(\"CVE-2008-4680\", \"CVE-2008-4681\", \"CVE-2008-4682\", \"CVE-2008-4683\", \"CVE-2008-4684\", \"CVE-2008-4685\", \"CVE-2008-5285\", \"CVE-2009-0599\", \"CVE-2009-0600\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"CentOS Security Advisory CESA-2009:0313 (wireshark)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.6~EL3.3\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.6~EL3.3\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.6~2.el4_7\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.6~2.el4_7\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:29", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4680", "CVE-2008-4681", "CVE-2008-5285", "CVE-2009-0599", "CVE-2009-0600", "CVE-2008-4683", "CVE-2008-4684", "CVE-2008-4685", "CVE-2008-4682"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2011-08-09T00:00:00", "id": "OPENVAS:1361412562310880671", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880671", "type": "openvas", "title": "CentOS Update for wireshark CESA-2009:0313 centos3 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for wireshark CESA-2009:0313 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2009-March/015651.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880671\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"CESA\", value:\"2009:0313\");\n script_cve_id(\"CVE-2008-4680\", \"CVE-2008-4681\", \"CVE-2008-4682\", \"CVE-2008-4683\",\n \"CVE-2008-4684\", \"CVE-2008-4685\", \"CVE-2008-5285\", \"CVE-2009-0599\",\n \"CVE-2009-0600\");\n script_name(\"CentOS Update for wireshark CESA-2009:0313 centos3 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS3\");\n script_tag(name:\"affected\", value:\"wireshark on CentOS 3\");\n script_tag(name:\"insight\", value:\"Wireshark is a program for monitoring network traffic. Wireshark was\n previously known as Ethereal.\n\n Multiple buffer overflow flaws were found in Wireshark. If Wireshark read\n a malformed packet off a network or opened a malformed dump file, it could\n crash or, possibly, execute arbitrary code as the user running Wireshark.\n (CVE-2008-4683, CVE-2009-0599)\n\n Several denial of service flaws were found in Wireshark. Wireshark could\n crash or stop responding if it read a malformed packet off a network, or\n opened a malformed dump file. (CVE-2008-4680, CVE-2008-4681, CVE-2008-4682,\n CVE-2008-4684, CVE-2008-4685, CVE-2008-5285, CVE-2009-0600)\n\n Users of wireshark should upgrade to these updated packages, which contain\n Wireshark version 1.0.6, and resolve these issues. All running instances of\n Wireshark must be restarted for the update to take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.6~EL3.3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.6~EL3.3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2018-04-06T11:37:06", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4680", "CVE-2008-4681", "CVE-2008-5285", "CVE-2009-0599", "CVE-2009-0600", "CVE-2008-4683", "CVE-2008-4684", "CVE-2008-4685", "CVE-2008-4682"], "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:0313.\n\nWireshark is a program for monitoring network traffic. Wireshark was\npreviously known as Ethereal.\n\nMultiple buffer overflow flaws were found in Wireshark. If Wireshark read\na malformed packet off a network or opened a malformed dump file, it could\ncrash or, possibly, execute arbitrary code as the user running Wireshark.\n(CVE-2008-4683, CVE-2009-0599)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark could\ncrash or stop responding if it read a malformed packet off a network, or\nopened a malformed dump file. (CVE-2008-4680, CVE-2008-4681, CVE-2008-4682,\nCVE-2008-4684, CVE-2008-4685, CVE-2008-5285, CVE-2009-0600)\n\nUsers of wireshark should upgrade to these updated packages, which contain\nWireshark version 1.0.6, and resolve these issues. All running instances of\nWireshark must be restarted for the update to take effect.", "modified": "2018-04-06T00:00:00", "published": "2009-03-07T00:00:00", "id": "OPENVAS:136141256231063474", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063474", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:0313", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_0313.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:0313 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:0313.\n\nWireshark is a program for monitoring network traffic. Wireshark was\npreviously known as Ethereal.\n\nMultiple buffer overflow flaws were found in Wireshark. If Wireshark read\na malformed packet off a network or opened a malformed dump file, it could\ncrash or, possibly, execute arbitrary code as the user running Wireshark.\n(CVE-2008-4683, CVE-2009-0599)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark could\ncrash or stop responding if it read a malformed packet off a network, or\nopened a malformed dump file. (CVE-2008-4680, CVE-2008-4681, CVE-2008-4682,\nCVE-2008-4684, CVE-2008-4685, CVE-2008-5285, CVE-2009-0600)\n\nUsers of wireshark should upgrade to these updated packages, which contain\nWireshark version 1.0.6, and resolve these issues. All running instances of\nWireshark must be restarted for the update to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63474\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-07 21:47:03 +0100 (Sat, 07 Mar 2009)\");\n script_cve_id(\"CVE-2008-4680\", \"CVE-2008-4681\", \"CVE-2008-4682\", \"CVE-2008-4683\", \"CVE-2008-4684\", \"CVE-2008-4685\", \"CVE-2008-5285\", \"CVE-2009-0599\", \"CVE-2009-0600\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"RedHat Security Advisory RHSA-2009:0313\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-0313.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#important\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.6~EL3.3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~1.0.6~EL3.3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.6~EL3.3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.6~2.el4_7\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~1.0.6~2.el4_7\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.6~2.el4_7\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.6~2.el5_3\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark-debuginfo\", rpm:\"wireshark-debuginfo~1.0.6~2.el5_3\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.6~2.el5_3\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:40", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4680", "CVE-2008-4681", "CVE-2008-5285", "CVE-2009-0599", "CVE-2009-0600", "CVE-2008-4683", "CVE-2008-4684", "CVE-2008-4685", "CVE-2008-4682"], "description": "Check for the Version of wireshark", "modified": "2017-07-10T00:00:00", "published": "2011-08-09T00:00:00", "id": "OPENVAS:880671", "href": "http://plugins.openvas.org/nasl.php?oid=880671", "type": "openvas", "title": "CentOS Update for wireshark CESA-2009:0313 centos3 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for wireshark CESA-2009:0313 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Wireshark is a program for monitoring network traffic. Wireshark was\n previously known as Ethereal.\n\n Multiple buffer overflow flaws were found in Wireshark. If Wireshark read\n a malformed packet off a network or opened a malformed dump file, it could\n crash or, possibly, execute arbitrary code as the user running Wireshark.\n (CVE-2008-4683, CVE-2009-0599)\n \n Several denial of service flaws were found in Wireshark. Wireshark could\n crash or stop responding if it read a malformed packet off a network, or\n opened a malformed dump file. (CVE-2008-4680, CVE-2008-4681, CVE-2008-4682,\n CVE-2008-4684, CVE-2008-4685, CVE-2008-5285, CVE-2009-0600)\n \n Users of wireshark should upgrade to these updated packages, which contain\n Wireshark version 1.0.6, and resolve these issues. All running instances of\n Wireshark must be restarted for the update to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"wireshark on CentOS 3\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-March/015651.html\");\n script_id(880671);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2009:0313\");\n script_cve_id(\"CVE-2008-4680\", \"CVE-2008-4681\", \"CVE-2008-4682\", \"CVE-2008-4683\", \n \"CVE-2008-4684\", \"CVE-2008-4685\", \"CVE-2008-5285\", \"CVE-2009-0599\", \n \"CVE-2009-0600\");\n script_name(\"CentOS Update for wireshark CESA-2009:0313 centos3 i386\");\n\n script_summary(\"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.6~EL3.3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.6~EL3.3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:39:18", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4680", "CVE-2008-4681", "CVE-2008-5285", "CVE-2009-0599", "CVE-2009-0600", "CVE-2008-4683", "CVE-2008-4684", "CVE-2008-4685", "CVE-2008-4682"], "description": "The remote host is missing updates to wireshark announced in\nadvisory CESA-2009:0313.", "modified": "2018-04-06T00:00:00", "published": "2009-03-13T00:00:00", "id": "OPENVAS:136141256231063569", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063569", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:0313 (wireshark)", "sourceData": "#CESA-2009:0313 63569 8\n# $Id: ovcesa2009_0313.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:0313 (wireshark)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:0313\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:0313\nhttps://rhn.redhat.com/errata/RHSA-2009-0313.html\";\ntag_summary = \"The remote host is missing updates to wireshark announced in\nadvisory CESA-2009:0313.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63569\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-13 19:24:56 +0100 (Fri, 13 Mar 2009)\");\n script_cve_id(\"CVE-2008-4680\", \"CVE-2008-4681\", \"CVE-2008-4682\", \"CVE-2008-4683\", \"CVE-2008-4684\", \"CVE-2008-4685\", \"CVE-2008-5285\", \"CVE-2009-0599\", \"CVE-2009-0600\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"CentOS Security Advisory CESA-2009:0313 (wireshark)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.6~EL3.3\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.6~EL3.3\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.6~2.el4_7\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.6~2.el4_7\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:47", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4680", "CVE-2008-4681", "CVE-2008-5285", "CVE-2009-0599", "CVE-2009-0600", "CVE-2008-4683", "CVE-2008-4684", "CVE-2008-4685", "CVE-2008-4682"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2011-08-09T00:00:00", "id": "OPENVAS:1361412562310880945", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880945", "type": "openvas", "title": "CentOS Update for wireshark CESA-2009:0313 centos4 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for wireshark CESA-2009:0313 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2009-April/015801.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880945\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"CESA\", value:\"2009:0313\");\n script_cve_id(\"CVE-2008-4680\", \"CVE-2008-4681\", \"CVE-2008-4682\", \"CVE-2008-4683\",\n \"CVE-2008-4684\", \"CVE-2008-4685\", \"CVE-2008-5285\", \"CVE-2009-0599\",\n \"CVE-2009-0600\");\n script_name(\"CentOS Update for wireshark CESA-2009:0313 centos4 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wireshark'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS4\");\n script_tag(name:\"affected\", value:\"wireshark on CentOS 4\");\n script_tag(name:\"insight\", value:\"Wireshark is a program for monitoring network traffic. Wireshark was\n previously known as Ethereal.\n\n Multiple buffer overflow flaws were found in Wireshark. If Wireshark read\n a malformed packet off a network or opened a malformed dump file, it could\n crash or, possibly, execute arbitrary code as the user running Wireshark.\n (CVE-2008-4683, CVE-2009-0599)\n\n Several denial of service flaws were found in Wireshark. Wireshark could\n crash or stop responding if it read a malformed packet off a network, or\n opened a malformed dump file. (CVE-2008-4680, CVE-2008-4681, CVE-2008-4682,\n CVE-2008-4684, CVE-2008-4685, CVE-2008-5285, CVE-2009-0600)\n\n Users of wireshark should upgrade to these updated packages, which contain\n Wireshark version 1.0.6, and resolve these issues. All running instances of\n Wireshark must be restarted for the update to take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.6~2.el4_7\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.6~2.el4_7\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:45", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4680", "CVE-2008-4681", "CVE-2008-6472", "CVE-2008-5285", "CVE-2009-0599", "CVE-2009-0600", "CVE-2008-4683", "CVE-2008-4684", "CVE-2008-4685", "CVE-2008-4682"], "description": "Oracle Linux Local Security Checks ELSA-2009-0313", "modified": "2018-09-28T00:00:00", "published": "2015-10-08T00:00:00", "id": "OPENVAS:1361412562310122515", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122515", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2009-0313", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2009-0313.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122515\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-08 14:47:05 +0300 (Thu, 08 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2009-0313\");\n script_tag(name:\"insight\", value:\"ELSA-2009-0313 - wireshark security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2009-0313\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2009-0313.html\");\n script_cve_id(\"CVE-2008-4680\", \"CVE-2008-4681\", \"CVE-2008-4682\", \"CVE-2008-4683\", \"CVE-2008-4684\", \"CVE-2008-4685\", \"CVE-2008-5285\", \"CVE-2008-6472\", \"CVE-2009-0599\", \"CVE-2009-0600\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.6~2.0.1.el5_3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"wireshark-gnome\", rpm:\"wireshark-gnome~1.0.6~2.0.1.el5_3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-19T10:49:53", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4680", "CVE-2008-4681", "CVE-2008-4683", "CVE-2008-4684", "CVE-2008-4685", "CVE-2008-4682"], "description": "The Remote host is installed with Wireshark, and is prone to\n multiple security vulnerabilities.", "modified": "2017-07-04T00:00:00", "published": "2008-10-24T00:00:00", "id": "OPENVAS:800040", "href": "http://plugins.openvas.org/nasl.php?oid=800040", "type": "openvas", "title": "Wireshark Multiple Vulnerabilities - Oct08 (Windows)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_wireshark_mult_vuln_oct08_win.nasl 6519 2017-07-04 14:08:14Z cfischer $\n#\n# Wireshark Multiple Vulnerabilities - Oct08 (Windows)\n#\n# Authors:\n# Chandan S <schandan@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2008 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful attacks may cause the application to crash via specially\n crafted packets.\n Impact Level: Application\";\ntag_affected = \"Wireshark versions prior to 1.0.4 on Windows\";\ntag_insight = \"Multiple flaws are due to,\n a. an error within the Bluetooth ACL dissector, PRP or MATE post dissector.\n Versions 0.99.2 through 1.0.3 are affected by this vulnerability.\n b. an error within the Q.931 dissector. Versions 0.10.3 through 1.0.3\n are affected by this vulnerability.\n c. an uninitialized data structures within the Bluetooth RFCOMM and USB\n Request Block (URB) dissector. Versions 0.99.7 through 1.0.3 are\n affected by this vulnerabiliy.\";\ntag_solution = \"Upgrade to Wireshark 1.0.4\n http://www.wireshark.org/download.html\";\ntag_summary = \"The Remote host is installed with Wireshark, and is prone to\n multiple security vulnerabilities.\";\n\nif(description)\n{\n script_id(800040);\n script_version(\"$Revision: 6519 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-04 16:08:14 +0200 (Tue, 04 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-10-24 15:11:55 +0200 (Fri, 24 Oct 2008)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2008-4680\", \"CVE-2008-4681\", \"CVE-2008-4682\",\n \"CVE-2008-4683\", \"CVE-2008-4684\", \"CVE-2008-4685\");\n script_bugtraq_id(31838);\n script_name(\"Wireshark Multiple Vulnerabilities - Oct08 (Windows)\");\n script_xref(name : \"URL\" , value : \"http://www.wireshark.org/security/wnpa-sec-2008-06.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2008 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nsharkVer = get_kb_item(\"Wireshark/Win/Ver\");\nif(!sharkVer){\n exit(0);\n}\n\nif(version_in_range(version:sharkVer, test_version:\"0.99.2\",\n test_version2:\"1.0.3\")){\n security_message(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:56:01", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4680", "CVE-2008-4681", "CVE-2008-4683", "CVE-2008-4684", "CVE-2008-4685", "CVE-2008-4682"], "description": "Check for the Version of wireshark", "modified": "2017-07-06T00:00:00", "published": "2009-04-09T00:00:00", "id": "OPENVAS:830417", "href": "http://plugins.openvas.org/nasl.php?oid=830417", "type": "openvas", "title": "Mandriva Update for wireshark MDVSA-2008:215 (wireshark)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for wireshark MDVSA-2008:215 (wireshark)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A number of vulnerabilities were discovered in Wireshark that could\n cause it to crash or abort while processing malicious packets\n (CVE-2008-4680, CVE-2008-4681, CVE-2008-4682, CVE-2008-4683,\n CVE-2008-4684, CVE-2008-4685).\n\n This update provides Wireshark 1.0.4, which is not vulnerable to\n these issues.\";\n\ntag_affected = \"wireshark on Mandriva Linux 2008.1,\n Mandriva Linux 2008.1/X86_64,\n Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-10/msg00040.php\");\n script_id(830417);\n script_version(\"$Revision: 6568 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:04:21 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:26:37 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"MDVSA\", value: \"2008:215\");\n script_cve_id(\"CVE-2008-4680\", \"CVE-2008-4681\", \"CVE-2008-4682\", \"CVE-2008-4683\", \"CVE-2008-4684\", \"CVE-2008-4685\");\n script_name( \"Mandriva Update for wireshark MDVSA-2008:215 (wireshark)\");\n\n script_summary(\"Check for the Version of wireshark\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2008.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.0.4~0.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.0.4~0.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.0.4~0.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.0.4~0.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.0.4~0.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.4~0.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.0.4~0.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.0.4~0.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.0.4~0.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"dumpcap\", rpm:\"dumpcap~1.0.4~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark0\", rpm:\"libwireshark0~1.0.4~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libwireshark-devel\", rpm:\"libwireshark-devel~1.0.4~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rawshark\", rpm:\"rawshark~1.0.4~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tshark\", rpm:\"tshark~1.0.4~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.4~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wireshark-tools\", rpm:\"wireshark-tools~1.0.4~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark0\", rpm:\"lib64wireshark0~1.0.4~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64wireshark-devel\", rpm:\"lib64wireshark-devel~1.0.4~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "centos": [{"lastseen": "2019-12-20T18:24:06", "bulletinFamily": "unix", "cvelist": ["CVE-2008-4680", "CVE-2008-4681", "CVE-2008-6472", "CVE-2008-5285", "CVE-2009-0599", "CVE-2009-0600", "CVE-2008-4683", "CVE-2008-4684", "CVE-2008-4685", "CVE-2008-4682"], "description": "**CentOS Errata and Security Advisory** CESA-2009:0313\n\n\nWireshark is a program for monitoring network traffic. Wireshark was\npreviously known as Ethereal.\n\nMultiple buffer overflow flaws were found in Wireshark. If Wireshark read\na malformed packet off a network or opened a malformed dump file, it could\ncrash or, possibly, execute arbitrary code as the user running Wireshark.\n(CVE-2008-4683, CVE-2009-0599)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark could\ncrash or stop responding if it read a malformed packet off a network, or\nopened a malformed dump file. (CVE-2008-4680, CVE-2008-4681, CVE-2008-4682,\nCVE-2008-4684, CVE-2008-4685, CVE-2008-5285, CVE-2009-0600)\n\nUsers of wireshark should upgrade to these updated packages, which contain\nWireshark version 1.0.6, and resolve these issues. All running instances of\nWireshark must be restarted for the update to take effect.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-April/027838.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-April/027839.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-March/027689.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-March/027690.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-March/027694.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-March/027697.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-March/027699.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-March/027702.html\n\n**Affected packages:**\nwireshark\nwireshark-gnome\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-0313.html", "edition": 6, "modified": "2009-04-20T16:01:27", "published": "2009-03-04T23:33:43", "href": "http://lists.centos.org/pipermail/centos-announce/2009-March/027689.html", "id": "CESA-2009:0313", "title": "wireshark security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "redhat": [{"lastseen": "2019-12-11T13:32:34", "bulletinFamily": "unix", "cvelist": ["CVE-2008-4680", "CVE-2008-4681", "CVE-2008-4682", "CVE-2008-4683", "CVE-2008-4684", "CVE-2008-4685", "CVE-2008-5285", "CVE-2008-6472", "CVE-2009-0599", "CVE-2009-0600"], "description": "Wireshark is a program for monitoring network traffic. Wireshark was\npreviously known as Ethereal.\n\nMultiple buffer overflow flaws were found in Wireshark. If Wireshark read\na malformed packet off a network or opened a malformed dump file, it could\ncrash or, possibly, execute arbitrary code as the user running Wireshark.\n(CVE-2008-4683, CVE-2009-0599)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark could\ncrash or stop responding if it read a malformed packet off a network, or\nopened a malformed dump file. (CVE-2008-4680, CVE-2008-4681, CVE-2008-4682,\nCVE-2008-4684, CVE-2008-4685, CVE-2008-5285, CVE-2009-0600)\n\nUsers of wireshark should upgrade to these updated packages, which contain\nWireshark version 1.0.6, and resolve these issues. All running instances of\nWireshark must be restarted for the update to take effect.", "modified": "2018-05-26T04:26:18", "published": "2009-03-04T05:00:00", "id": "RHSA-2009:0313", "href": "https://access.redhat.com/errata/RHSA-2009:0313", "type": "redhat", "title": "(RHSA-2009:0313) Moderate: wireshark security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:36:28", "bulletinFamily": "unix", "cvelist": ["CVE-2008-4680", "CVE-2008-4681", "CVE-2008-6472", "CVE-2008-5285", "CVE-2009-0599", "CVE-2009-0600", "CVE-2008-4683", "CVE-2008-4684", "CVE-2008-4685", "CVE-2008-4682"], "description": "[1.0.6-2.0.1.el5_3]\n- Add oracle-ocfs2-network.patch\n[1.0.6-2]\n- bring back pie\n- Resolves: #486551\n[1.0.6-1]\n- various security flaws fixed\n- upgrade to 1.0.6\n- Resolves: #486551", "edition": 4, "modified": "2009-03-04T00:00:00", "published": "2009-03-04T00:00:00", "id": "ELSA-2009-0313", "href": "http://linux.oracle.com/errata/ELSA-2009-0313.html", "title": "wireshark security update", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:28", "bulletinFamily": "software", "cvelist": ["CVE-2008-4680", "CVE-2008-4681", "CVE-2008-4683", "CVE-2008-4684", "CVE-2008-4685", "CVE-2008-4682"], "description": "\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2008:215\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : wireshark\r\n Date : October 27, 2008\r\n Affected: 2008.1, 2009.0, Corporate 4.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n A number of vulnerabilities were discovered in Wireshark that could\r\n cause it to crash or abort while processing malicious packets\r\n &#40;CVE-2008-4680, CVE-2008-4681, CVE-2008-4682, CVE-2008-4683,\r\n CVE-2008-4684, CVE-2008-4685&#41;.\r\n \r\n This update provides Wireshark 1.0.4, which is not vulnerable to\r\n these issues.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4680\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4681\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4682\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4683\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4684\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4685\r\n http://www.wireshark.org/security/wnpa-sec-2008-06.html\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Linux 2008.1:\r\n e22f4724405ce826d30052d6e052fe80 2008.1/i586/dumpcap-1.0.4-0.1mdv2008.1.i586.rpm\r\n f786b038c9d6a116fc6510db3b336ae2 2008.1/i586/libwireshark0-1.0.4-0.1mdv2008.1.i586.rpm\r\n 2f14262ab9cfb94f9f8b8896dba61cc7 2008.1/i586/libwireshark-devel-1.0.4-0.1mdv2008.1.i586.rpm\r\n e56d7c558854a2e1ef2ea91766b6be90 2008.1/i586/rawshark-1.0.4-0.1mdv2008.1.i586.rpm\r\n 09f56860799e124a5a242059ce5e3906 2008.1/i586/tshark-1.0.4-0.1mdv2008.1.i586.rpm\r\n c9cf1d4ca54215e17e8d7cdf1685ad17 2008.1/i586/wireshark-1.0.4-0.1mdv2008.1.i586.rpm\r\n c70dce2212f9aea72985778558146e10 2008.1/i586/wireshark-tools-1.0.4-0.1mdv2008.1.i586.rpm \r\n 5447226b9e6b32d7a6699782fd789508 2008.1/SRPMS/wireshark-1.0.4-0.1mdv2008.1.src.rpm\r\n\r\n Mandriva Linux 2008.1/X86_64:\r\n 01df6ee846ede6e7af2b14146121d002 2008.1/x86_64/dumpcap-1.0.4-0.1mdv2008.1.x86_64.rpm\r\n 4a81377783d769b5fb27a4d12b0e8540 2008.1/x86_64/lib64wireshark0-1.0.4-0.1mdv2008.1.x86_64.rpm\r\n 61458349625f3efa4e0b4512c0689881 2008.1/x86_64/lib64wireshark-devel-1.0.4-0.1mdv2008.1.x86_64.rpm\r\n de60e75c930e59358a578956d6624c05 2008.1/x86_64/rawshark-1.0.4-0.1mdv2008.1.x86_64.rpm\r\n 4cf0a2b2b7eeaf3edffa7e6362bbb3e3 2008.1/x86_64/tshark-1.0.4-0.1mdv2008.1.x86_64.rpm\r\n 3d085016598ac39425b4f2f54059256e 2008.1/x86_64/wireshark-1.0.4-0.1mdv2008.1.x86_64.rpm\r\n f277d73cd161359c1ebd2fecfac17dde 2008.1/x86_64/wireshark-tools-1.0.4-0.1mdv2008.1.x86_64.rpm \r\n 5447226b9e6b32d7a6699782fd789508 2008.1/SRPMS/wireshark-1.0.4-0.1mdv2008.1.src.rpm\r\n\r\n Mandriva Linux 2009.0:\r\n 3b078025b09b85e872b053abd37e4654 2009.0/i586/dumpcap-1.0.4-0.1mdv2009.0.i586.rpm\r\n 05a76f279cc0bf7fec5cae98ce610cf3 2009.0/i586/libwireshark0-1.0.4-0.1mdv2009.0.i586.rpm\r\n cf4d8be7e83dbfb07658196665f74b3a 2009.0/i586/libwireshark-devel-1.0.4-0.1mdv2009.0.i586.rpm\r\n 19934b524aafb76b52a6c00301e9741f 2009.0/i586/rawshark-1.0.4-0.1mdv2009.0.i586.rpm\r\n 9e7884192ee091b83473ecc325609673 2009.0/i586/tshark-1.0.4-0.1mdv2009.0.i586.rpm\r\n dc47e7d526ee28f790f47b48058f741a 2009.0/i586/wireshark-1.0.4-0.1mdv2009.0.i586.rpm\r\n 34d43760e4b896326792e4c9cab890a8 2009.0/i586/wireshark-tools-1.0.4-0.1mdv2009.0.i586.rpm \r\n 61c74b35d70f00511165ac521a98dde7 2009.0/SRPMS/wireshark-1.0.4-0.1mdv2009.0.src.rpm\r\n\r\n Mandriva Linux 2009.0/X86_64:\r\n 6b1f9c880d3fb896b38952b6b1e22806 2009.0/x86_64/dumpcap-1.0.4-0.1mdv2009.0.x86_64.rpm\r\n afb5bc614f48a7ee4c3ca20c5177a0d6 2009.0/x86_64/lib64wireshark0-1.0.4-0.1mdv2009.0.x86_64.rpm\r\n d1caa4d49f1a596c55052670c257aae4 2009.0/x86_64/lib64wireshark-devel-1.0.4-0.1mdv2009.0.x86_64.rpm\r\n 8800985eba2fc5d4a780ad296293af43 2009.0/x86_64/rawshark-1.0.4-0.1mdv2009.0.x86_64.rpm\r\n 99ef5b9b5398beeed94cf799d9d28f4a 2009.0/x86_64/tshark-1.0.4-0.1mdv2009.0.x86_64.rpm\r\n cb8f15f3e06620afb245ce8b8246173a 2009.0/x86_64/wireshark-1.0.4-0.1mdv2009.0.x86_64.rpm\r\n ea3b906fa428008dfd1f9520cc71ec33 2009.0/x86_64/wireshark-tools-1.0.4-0.1mdv2009.0.x86_64.rpm \r\n 61c74b35d70f00511165ac521a98dde7 2009.0/SRPMS/wireshark-1.0.4-0.1mdv2009.0.src.rpm\r\n\r\n Corporate 4.0:\r\n fe3c0ee6cec002478c8ddd3818df8f58 corporate/4.0/i586/dumpcap-1.0.4-0.1.20060mlcs4.i586.rpm\r\n aa1101fdb86ee3b9785dfd1ee36b49db corporate/4.0/i586/libwireshark0-1.0.4-0.1.20060mlcs4.i586.rpm\r\n 37767e7e662d8e4179fb7df3ba9df363 corporate/4.0/i586/libwireshark-devel-1.0.4-0.1.20060mlcs4.i586.rpm\r\n 33dc56d2f00eb1a9635c48b0006e2667 corporate/4.0/i586/rawshark-1.0.4-0.1.20060mlcs4.i586.rpm\r\n a2b4933ad53086ab8cb330451b651794 corporate/4.0/i586/tshark-1.0.4-0.1.20060mlcs4.i586.rpm\r\n 64b2d0fdd6d11dc5e47c302668417d93 corporate/4.0/i586/wireshark-1.0.4-0.1.20060mlcs4.i586.rpm\r\n bf55b9c94bbfa483176f2c0e32cf0081 corporate/4.0/i586/wireshark-tools-1.0.4-0.1.20060mlcs4.i586.rpm \r\n 0114242086297b135360297a51cb8ada corporate/4.0/SRPMS/wireshark-1.0.4-0.1.20060mlcs4.src.rpm\r\n\r\n Corporate 4.0/X86_64:\r\n 2327502106d5c8c11d8801f65502f708 corporate/4.0/x86_64/dumpcap-1.0.4-0.1.20060mlcs4.x86_64.rpm\r\n b2e80b25d44b2e7b9dc91a43978393f1 corporate/4.0/x86_64/lib64wireshark0-1.0.4-0.1.20060mlcs4.x86_64.rpm\r\n 804d41d8e9a551126f5ac9b80228da97 corporate/4.0/x86_64/lib64wireshark-devel-1.0.4-0.1.20060mlcs4.x86_64.rpm\r\n 75daf8f97a3ea9466bba86477aeb429b corporate/4.0/x86_64/rawshark-1.0.4-0.1.20060mlcs4.x86_64.rpm\r\n ef5b5422c855fea0c41d3f81bd0f2f60 corporate/4.0/x86_64/tshark-1.0.4-0.1.20060mlcs4.x86_64.rpm\r\n 37621c9c2bf74767574fb47f9695318e corporate/4.0/x86_64/wireshark-1.0.4-0.1.20060mlcs4.x86_64.rpm\r\n ad5f8bc8ac1ece328b86df0bdb60f44d corporate/4.0/x86_64/wireshark-tools-1.0.4-0.1.20060mlcs4.x86_64.rpm \r\n 0114242086297b135360297a51cb8ada corporate/4.0/SRPMS/wireshark-1.0.4-0.1.20060mlcs4.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_&#40;at&#41;_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n &lt;security*mandriva.com&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFJBc/dmqjQ0CJFipgRAibfAKDiwYdu7Voi+N6kJPDppBn3cVw5yACfToDT\r\nZ30Afr8IjRUaVaYht5/CeTc=\r\n=qMDs\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2008-10-29T00:00:00", "published": "2008-10-29T00:00:00", "id": "SECURITYVULNS:DOC:20776", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:20776", "title": "[ MDVSA-2008:215 ] wireshark", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:31", "bulletinFamily": "software", "cvelist": ["CVE-2008-4680", "CVE-2008-4681", "CVE-2008-4683", "CVE-2008-4684", "CVE-2008-4685", "CVE-2008-4682"], "description": "Multiple DoS conditions on different protocols parsing.", "edition": 1, "modified": "2008-10-29T00:00:00", "published": "2008-10-29T00:00:00", "id": "SECURITYVULNS:VULN:9391", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:9391", "title": "Wireshark sniffer multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:29", "bulletinFamily": "software", "cvelist": ["CVE-2009-0599", "CVE-2009-0600", "CVE-2009-0601"], "description": "\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2009:058\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : wireshark\r\n Date : February 26, 2009\r\n Affected: 2008.1, 2009.0, Corporate 4.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Buffer overflow in wiretap/netscreen.c in Wireshark 0.99.7 through\r\n 1.0.5 allows user-assisted remote attackers to cause a denial\r\n of service &#40;application crash&#41; via a malformed NetScreen snoop\r\n file. &#40;CVE-2009-0599&#41;\r\n \r\n Wireshark 0.99.6 through 1.0.5 allows user-assisted remote attackers to\r\n cause a denial of service &#40;application crash&#41; via a crafted Tektronix\r\n K12 text capture file, as demonstrated by a file with exactly one\r\n frame. &#40;CVE-2009-0600&#41;\r\n \r\n Format string vulnerability in Wireshark 0.99.8 through 1.0.5\r\n on non-Windows platforms allows local users to cause a denial of\r\n service &#40;application crash&#41; via format string specifiers in the HOME\r\n environment variable. &#40;CVE-2009-0601&#41;\r\n \r\n This update provides Wireshark 1.0.6, which is not vulnerable to\r\n these issues.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0599\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0600\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0601\r\n http://www.wireshark.org/security/wnpa-sec-2009-01.html\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Linux 2008.1:\r\n 2d591a5772317d3587434424b8dc4a1d 2008.1/i586/dumpcap-1.0.6-0.1mdv2008.1.i586.rpm\r\n bf65e163112b4dc5db4041c552823bcb 2008.1/i586/libwireshark0-1.0.6-0.1mdv2008.1.i586.rpm\r\n 80056b13d9146428645d6e67cb2ed8ea 2008.1/i586/libwireshark-devel-1.0.6-0.1mdv2008.1.i586.rpm\r\n 7923294ad925674ef116b6273835d8ef 2008.1/i586/rawshark-1.0.6-0.1mdv2008.1.i586.rpm\r\n bd5a15d402a367058d61fd8dd6a2dcf9 2008.1/i586/tshark-1.0.6-0.1mdv2008.1.i586.rpm\r\n 5c7b0422b12d2eade1ce997de3766c6c 2008.1/i586/wireshark-1.0.6-0.1mdv2008.1.i586.rpm\r\n d116f95d212119516dbca4bf1d353cf5 2008.1/i586/wireshark-tools-1.0.6-0.1mdv2008.1.i586.rpm \r\n 2a31aab490fe670da93830f464154a48 2008.1/SRPMS/wireshark-1.0.6-0.1mdv2008.1.src.rpm\r\n\r\n Mandriva Linux 2008.1/X86_64:\r\n b7213fd4bf53ad0cb41b5cc5ab1057df 2008.1/x86_64/dumpcap-1.0.6-0.1mdv2008.1.x86_64.rpm\r\n 4e3f14a549d66f199171d6f91aa28c68 2008.1/x86_64/lib64wireshark0-1.0.6-0.1mdv2008.1.x86_64.rpm\r\n aa39e29909ed34d5df2f0c85ac560c8f 2008.1/x86_64/lib64wireshark-devel-1.0.6-0.1mdv2008.1.x86_64.rpm\r\n ef92c97f74a2811daf7d874755dd7777 2008.1/x86_64/rawshark-1.0.6-0.1mdv2008.1.x86_64.rpm\r\n ea555917cd20aba1f0b4114730ad9924 2008.1/x86_64/tshark-1.0.6-0.1mdv2008.1.x86_64.rpm\r\n c74402d6323f6a72188f214d2d002ef2 2008.1/x86_64/wireshark-1.0.6-0.1mdv2008.1.x86_64.rpm\r\n fa5e55f0a5934c2bae263e9151a40b16 2008.1/x86_64/wireshark-tools-1.0.6-0.1mdv2008.1.x86_64.rpm \r\n 2a31aab490fe670da93830f464154a48 2008.1/SRPMS/wireshark-1.0.6-0.1mdv2008.1.src.rpm\r\n\r\n Mandriva Linux 2009.0:\r\n c661639631224e605d41a2985af43c93 2009.0/i586/dumpcap-1.0.6-0.1mdv2009.0.i586.rpm\r\n bb633c409ddb95d2e6f6826b6fd2be3d 2009.0/i586/libwireshark0-1.0.6-0.1mdv2009.0.i586.rpm\r\n 5d2f7434a1dd322259907d14caf90e11 2009.0/i586/libwireshark-devel-1.0.6-0.1mdv2009.0.i586.rpm\r\n d32a3de9e13b83d991a2d6c8577f50c2 2009.0/i586/rawshark-1.0.6-0.1mdv2009.0.i586.rpm\r\n bcdf64d0e05d0bb964c946c83bdd5353 2009.0/i586/tshark-1.0.6-0.1mdv2009.0.i586.rpm\r\n 3537cea11294e8d1dff87c15b933c622 2009.0/i586/wireshark-1.0.6-0.1mdv2009.0.i586.rpm\r\n c5ef95f5eb5255e10ccc12bcb0c6d77a 2009.0/i586/wireshark-tools-1.0.6-0.1mdv2009.0.i586.rpm \r\n 3efca295d42d9e1686b46ca1c020f8a2 2009.0/SRPMS/wireshark-1.0.6-0.1mdv2009.0.src.rpm\r\n\r\n Mandriva Linux 2009.0/X86_64:\r\n 90cffab44fe29d55f527ab4b76b0a0d6 2009.0/x86_64/dumpcap-1.0.6-0.1mdv2009.0.x86_64.rpm\r\n 838159ecdc95655df014d17d04434297 2009.0/x86_64/lib64wireshark0-1.0.6-0.1mdv2009.0.x86_64.rpm\r\n d3dba0b501696a634627540517693b62 2009.0/x86_64/lib64wireshark-devel-1.0.6-0.1mdv2009.0.x86_64.rpm\r\n bf51f59064d3ce3dd2dafd6aaaa889df 2009.0/x86_64/rawshark-1.0.6-0.1mdv2009.0.x86_64.rpm\r\n 3e33480b37b90293e1fd77c33934b9d2 2009.0/x86_64/tshark-1.0.6-0.1mdv2009.0.x86_64.rpm\r\n 6a22be605ea9e2357c8c5f38a1d6cc78 2009.0/x86_64/wireshark-1.0.6-0.1mdv2009.0.x86_64.rpm\r\n a73dd1ee57fee0b886beb0542bdd3baa 2009.0/x86_64/wireshark-tools-1.0.6-0.1mdv2009.0.x86_64.rpm \r\n 3efca295d42d9e1686b46ca1c020f8a2 2009.0/SRPMS/wireshark-1.0.6-0.1mdv2009.0.src.rpm\r\n\r\n Corporate 4.0:\r\n cd40c4762bd0c4b5ffafc5023809ac04 corporate/4.0/i586/dumpcap-1.0.6-0.1.20060mlcs4.i586.rpm\r\n 629aa56a60730449858656e1ea062b84 corporate/4.0/i586/libwireshark0-1.0.6-0.1.20060mlcs4.i586.rpm\r\n e7674da06cff0db774a65d40c8407ce1 corporate/4.0/i586/libwireshark-devel-1.0.6-0.1.20060mlcs4.i586.rpm\r\n 76530bd71bb120b5325f9a09c39a2929 corporate/4.0/i586/rawshark-1.0.6-0.1.20060mlcs4.i586.rpm\r\n baa49a07548d639f2cb19a73c5e0df2f corporate/4.0/i586/tshark-1.0.6-0.1.20060mlcs4.i586.rpm\r\n c08beac1b46a39cbc0a46f0d360ccc40 corporate/4.0/i586/wireshark-1.0.6-0.1.20060mlcs4.i586.rpm\r\n 9e1170ca14c27d0a9b9279eb317743ad corporate/4.0/i586/wireshark-tools-1.0.6-0.1.20060mlcs4.i586.rpm \r\n dccd63a7f0c24d1ccbf5adac0374a460 corporate/4.0/SRPMS/wireshark-1.0.6-0.1.20060mlcs4.src.rpm\r\n\r\n Corporate 4.0/X86_64:\r\n 7d416c1d4b061a7af12eb8ddff174685 corporate/4.0/x86_64/dumpcap-1.0.6-0.1.20060mlcs4.x86_64.rpm\r\n 2c08582bff18197181d7021f471235cc corporate/4.0/x86_64/lib64wireshark0-1.0.6-0.1.20060mlcs4.x86_64.rpm\r\n 7128168a02a6dd0065d051a23992cdbe corporate/4.0/x86_64/lib64wireshark-devel-1.0.6-0.1.20060mlcs4.x86_64.rpm\r\n fee1072986b3bbbcacbe84a5def3513d corporate/4.0/x86_64/rawshark-1.0.6-0.1.20060mlcs4.x86_64.rpm\r\n c5a1394098d7c20613c51948b613ea2c corporate/4.0/x86_64/tshark-1.0.6-0.1.20060mlcs4.x86_64.rpm\r\n 279ada1e7a929b5df0a2e0813ee37d38 corporate/4.0/x86_64/wireshark-1.0.6-0.1.20060mlcs4.x86_64.rpm\r\n f28beac01c20e5d108d3390c07583918 corporate/4.0/x86_64/wireshark-tools-1.0.6-0.1.20060mlcs4.x86_64.rpm \r\n dccd63a7f0c24d1ccbf5adac0374a460 corporate/4.0/SRPMS/wireshark-1.0.6-0.1.20060mlcs4.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_&#40;at&#41;_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n &lt;security*mandriva.com&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFJpxmTmqjQ0CJFipgRAvn+AKDefbliY7WKwLriDdVzrbgoh3FkFQCfUqov\r\n/+8NwA5cFnOJqNNg+MVuADw=\r\n=fAWE\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2009-03-02T00:00:00", "published": "2009-03-02T00:00:00", "id": "SECURITYVULNS:DOC:21402", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:21402", "title": "bugtraq@securityfocus.com", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:32", "bulletinFamily": "software", "cvelist": ["CVE-2009-0561", "CVE-2009-0560", "CVE-2009-0599", "CVE-2009-0600", "CVE-2009-0601"], "description": "Vulnerabilities on different capture files format parsing.", "edition": 1, "modified": "2009-03-02T00:00:00", "published": "2009-03-02T00:00:00", "id": "SECURITYVULNS:VULN:9702", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:9702", "title": "Wireshark multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:31", "bulletinFamily": "software", "cvelist": ["CVE-2008-5285"], "description": "CPU resource exhaustion on oversized SMTP request.", "edition": 1, "modified": "2008-11-24T00:00:00", "published": "2008-11-24T00:00:00", "id": "SECURITYVULNS:VULN:9451", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:9451", "title": "WireShark DoS", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:28", "bulletinFamily": "software", "cvelist": ["CVE-2008-5285"], "description": "\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2008:242\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : wireshark\r\n Date : December 15, 2008\r\n Affected: 2008.1, 2009.0, Corporate 4.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Two vulnerabilities were discovered in Wireshark. The first is a\r\n vulnerability in the SMTP dissector that could cause it to consume\r\n excessive CPU and memory via a long SMTP request &#40;CVE-2008-5285&#41;.\r\n \r\n The second is an issue with the WLCCP dissector that could cause it\r\n to go into an infinite loop.\r\n \r\n This update also provides a patch to fix a potential freeze during\r\n capture interface selection.\r\n \r\n This update provides Wireshark 1.0.5, which is not vulnerable to\r\n these issues.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5285\r\n http://www.wireshark.org/security/wnpa-sec-2008-07.html\r\n https://qa.mandriva.com/44407\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Linux 2008.1:\r\n ee21b90526edb3626f39512bcadd4b58 2008.1/i586/dumpcap-1.0.5-1.1mdv2008.1.i586.rpm\r\n 2788350610e69179510e744c9c6d44d3 2008.1/i586/libwireshark0-1.0.5-1.1mdv2008.1.i586.rpm\r\n b0fae54f6280ef00b259ba4ab59ed689 2008.1/i586/libwireshark-devel-1.0.5-1.1mdv2008.1.i586.rpm\r\n 2dcef7209ecd34ec62f685b26ff5e7b8 2008.1/i586/rawshark-1.0.5-1.1mdv2008.1.i586.rpm\r\n 87242648aa437bf168495188b2b3cfe9 2008.1/i586/tshark-1.0.5-1.1mdv2008.1.i586.rpm\r\n e064a6a10f1c3dbb2bcec6e538ff8455 2008.1/i586/wireshark-1.0.5-1.1mdv2008.1.i586.rpm\r\n 7ea0bc32d81dfc511533aaff94c9a00d 2008.1/i586/wireshark-tools-1.0.5-1.1mdv2008.1.i586.rpm \r\n a5e238380691ec78c89e20f2ce440684 2008.1/SRPMS/wireshark-1.0.5-1.1mdv2008.1.src.rpm\r\n\r\n Mandriva Linux 2008.1/X86_64:\r\n 02ca24744348f47851ea6e342cbffce8 2008.1/x86_64/dumpcap-1.0.5-1.1mdv2008.1.x86_64.rpm\r\n ac6f47a4cfc9bee7ea01f3b19cae2b06 2008.1/x86_64/lib64wireshark0-1.0.5-1.1mdv2008.1.x86_64.rpm\r\n db0f0796eab0bf717b57075452cb814c 2008.1/x86_64/lib64wireshark-devel-1.0.5-1.1mdv2008.1.x86_64.rpm\r\n 8a3c45d8565056e8998bb238680178b5 2008.1/x86_64/rawshark-1.0.5-1.1mdv2008.1.x86_64.rpm\r\n b704792a9d2158909f7222e5538ddf7b 2008.1/x86_64/tshark-1.0.5-1.1mdv2008.1.x86_64.rpm\r\n def113ca9d8d5ccd69f548a7bfce3f7d 2008.1/x86_64/wireshark-1.0.5-1.1mdv2008.1.x86_64.rpm\r\n 276ce72785d2d0dd29fa55a5718c8bf5 2008.1/x86_64/wireshark-tools-1.0.5-1.1mdv2008.1.x86_64.rpm \r\n a5e238380691ec78c89e20f2ce440684 2008.1/SRPMS/wireshark-1.0.5-1.1mdv2008.1.src.rpm\r\n\r\n Mandriva Linux 2009.0:\r\n c922d882d06c8b49a7bca56b332e1d67 2009.0/i586/dumpcap-1.0.5-1.1mdv2009.0.i586.rpm\r\n 03bc1a26cffda16f947efffdae20b83b 2009.0/i586/libwireshark0-1.0.5-1.1mdv2009.0.i586.rpm\r\n 13f39bdc3494afc9e9aaef7c454072aa 2009.0/i586/libwireshark-devel-1.0.5-1.1mdv2009.0.i586.rpm\r\n ac4b388cc2e4eca6df769833d0d8a7eb 2009.0/i586/rawshark-1.0.5-1.1mdv2009.0.i586.rpm\r\n 46772afd3d84625e295c80b0e4026932 2009.0/i586/tshark-1.0.5-1.1mdv2009.0.i586.rpm\r\n 7169a8af7ca927e15a7547dff812c105 2009.0/i586/wireshark-1.0.5-1.1mdv2009.0.i586.rpm\r\n 17ccf73059d3dbb8c0f99b9bd2abc0e4 2009.0/i586/wireshark-tools-1.0.5-1.1mdv2009.0.i586.rpm \r\n c71152c5c4bff536a11128e75dd13c92 2009.0/SRPMS/wireshark-1.0.5-1.1mdv2009.0.src.rpm\r\n\r\n Mandriva Linux 2009.0/X86_64:\r\n 3697148e23529dda7a5aee8e9898bce9 2009.0/x86_64/dumpcap-1.0.5-1.1mdv2009.0.x86_64.rpm\r\n f6980f80e5519ee4624888740b29c870 2009.0/x86_64/lib64wireshark0-1.0.5-1.1mdv2009.0.x86_64.rpm\r\n ec9e28e41989f50f338ebe625f8e9818 2009.0/x86_64/lib64wireshark-devel-1.0.5-1.1mdv2009.0.x86_64.rpm\r\n a334536da447a497ebea8ac863ef32f0 2009.0/x86_64/rawshark-1.0.5-1.1mdv2009.0.x86_64.rpm\r\n 4ca66a0135d14400891b4fd00068bbfe 2009.0/x86_64/tshark-1.0.5-1.1mdv2009.0.x86_64.rpm\r\n 4889d93276a579e81e2b2c8a7a3effbd 2009.0/x86_64/wireshark-1.0.5-1.1mdv2009.0.x86_64.rpm\r\n 0ba76f3efc469133fffe11b3b430ee39 2009.0/x86_64/wireshark-tools-1.0.5-1.1mdv2009.0.x86_64.rpm \r\n c71152c5c4bff536a11128e75dd13c92 2009.0/SRPMS/wireshark-1.0.5-1.1mdv2009.0.src.rpm\r\n\r\n Corporate 4.0:\r\n a69574cf8e157f82db7786e4ce1219ac corporate/4.0/i586/dumpcap-1.0.5-0.1.20060mlcs4.i586.rpm\r\n eab1454eee4ed9037d84a1aed6da9352 corporate/4.0/i586/libwireshark0-1.0.5-0.1.20060mlcs4.i586.rpm\r\n 880f0019417492c1344b5d97843347fa \r\ncorporate/4.0/i586/libwireshark-devel-1.0.5-0.1.20060mlcs4.i586.rpm\r\n a4b0f4bb293eecc7107ae74c880d983d corporate/4.0/i586/rawshark-1.0.5-0.1.20060mlcs4.i586.rpm\r\n c297cfc31379f16a0723e5d73c84f94d corporate/4.0/i586/tshark-1.0.5-0.1.20060mlcs4.i586.rpm\r\n fa4a6b36f127efa72a95a7c159f6cbd3 corporate/4.0/i586/wireshark-1.0.5-0.1.20060mlcs4.i586.rpm\r\n fbb18158d65ce919b6fe92d113d1483a \r\ncorporate/4.0/i586/wireshark-tools-1.0.5-0.1.20060mlcs4.i586.rpm \r\n 3c0afb7fe530a8e843c470915e729f34 corporate/4.0/SRPMS/wireshark-1.0.5-0.1.20060mlcs4.src.rpm\r\n\r\n Corporate 4.0/X86_64:\r\n 1f7dda7b50a03c874587ca67808887bf corporate/4.0/x86_64/dumpcap-1.0.5-0.1.20060mlcs4.x86_64.rpm\r\n c7898683617051f5db956e227002e30a \r\ncorporate/4.0/x86_64/lib64wireshark0-1.0.5-0.1.20060mlcs4.x86_64.rpm\r\n fa1655b6a5ccb8ab06f74985d837d478 \r\ncorporate/4.0/x86_64/lib64wireshark-devel-1.0.5-0.1.20060mlcs4.x86_64.rpm\r\n bacc09bce747b5a8101d5bedb3d64ff5 corporate/4.0/x86_64/rawshark-1.0.5-0.1.20060mlcs4.x86_64.rpm\r\n 9ae5a12772778bb3c2dcaf748509e453 corporate/4.0/x86_64/tshark-1.0.5-0.1.20060mlcs4.x86_64.rpm\r\n c565d766e1f39f9128bd1f87756d9244 corporate/4.0/x86_64/wireshark-1.0.5-0.1.20060mlcs4.x86_64.rpm\r\n 22b6db89db3856df29a1956fcf9410f5 \r\ncorporate/4.0/x86_64/wireshark-tools-1.0.5-0.1.20060mlcs4.x86_64.rpm \r\n 3c0afb7fe530a8e843c470915e729f34 corporate/4.0/SRPMS/wireshark-1.0.5-0.1.20060mlcs4.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_&#40;at&#41;_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n &lt;security*mandriva.com&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFJRqCGmqjQ0CJFipgRAn8uAJ0ZxlMMRXvx/hBd7O/UT8mcrfZ14wCg0xHe\r\n53qADEgVe3Gv5Jf9EAk9JFc=\r\n=dHjo\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2008-12-16T00:00:00", "published": "2008-12-16T00:00:00", "id": "SECURITYVULNS:DOC:21031", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:21031", "title": "[ MDVSA-2008:242 ] wireshark", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "cve": [{"lastseen": "2021-02-02T05:35:18", "description": "Wireshark 1.0.4 and earlier allows remote attackers to cause a denial of service via a long SMTP request, which triggers an infinite loop.", "edition": 6, "cvss3": {}, "published": "2008-12-01T15:30:00", "title": "CVE-2008-5285", "type": "cve", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-5285"], "modified": "2018-10-11T20:54:00", "cpe": ["cpe:/a:wireshark:wireshark:0.99.3", "cpe:/a:wireshark:wireshark:0.10.5", "cpe:/a:wireshark:wireshark:0.99.6a", "cpe:/a:wireshark:wireshark:0.10.6", "cpe:/a:wireshark:wireshark:0.7.9", "cpe:/a:wireshark:wireshark:1.0.0", "cpe:/a:wireshark:wireshark:0.99.5", "cpe:/a:wireshark:wireshark:0.10.2", "cpe:/a:wireshark:wireshark:0.6", "cpe:/a:wireshark:wireshark:0.10.1", "cpe:/a:wireshark:wireshark:0.9.10", "cpe:/a:wireshark:wireshark:0.10.11", "cpe:/a:wireshark:wireshark:1.0.2", "cpe:/a:wireshark:wireshark:0.8.19", "cpe:/a:wireshark:wireshark:0.99", "cpe:/a:wireshark:wireshark:0.9.8", "cpe:/a:wireshark:wireshark:0.10.9", "cpe:/a:wireshark:wireshark:0.10.12", "cpe:/a:wireshark:wireshark:0.99.6", "cpe:/a:wireshark:wireshark:0.10.10", "cpe:/a:wireshark:wireshark:0.10.13", "cpe:/a:wireshark:wireshark:1.0.4", "cpe:/a:wireshark:wireshark:1.0.1", "cpe:/a:wireshark:wireshark:0.99.8", "cpe:/a:wireshark:wireshark:0.9.5", "cpe:/a:wireshark:wireshark:0.10.7", "cpe:/a:wireshark:wireshark:0.10.14", "cpe:/a:wireshark:wireshark:0.10.8", "cpe:/a:wireshark:wireshark:0.99.2", "cpe:/a:wireshark:wireshark:0.99.0", "cpe:/a:wireshark:wireshark:1.0", "cpe:/a:wireshark:wireshark:0.99.4", "cpe:/a:wireshark:wireshark:0.10.4", "cpe:/a:wireshark:wireshark:0.9.7", "cpe:/a:wireshark:wireshark:0.9.14", "cpe:/a:wireshark:wireshark:0.99.1", "cpe:/a:wireshark:wireshark:0.99.7", "cpe:/a:wireshark:wireshark:0.8.16", "cpe:/a:wireshark:wireshark:1.0.3", "cpe:/a:wireshark:wireshark:0.10", "cpe:/a:wireshark:wireshark:0.10.3"], "id": "CVE-2008-5285", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5285", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.9:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.9.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.14:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.8.19:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.11:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.6a:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.9.14:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.13:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.9.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.8.16:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.7.9:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.9.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.9.10:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.10:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.12:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.6:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:35:17", "description": "The dissect_btacl function in packet-bthci_acl.c in the Bluetooth ACL dissector in Wireshark 0.99.2 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via a packet with an invalid length, related to an erroneous tvb_memcpy call.", "edition": 4, "cvss3": {}, "published": "2008-10-22T18:00:00", "title": "CVE-2008-4683", "type": "cve", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-4683"], "modified": "2018-10-11T20:52:00", "cpe": ["cpe:/a:wireshark:wireshark:0.99.3", "cpe:/a:wireshark:wireshark:0.99.6a", "cpe:/a:wireshark:wireshark:1.0.0", "cpe:/a:wireshark:wireshark:0.99.5", "cpe:/a:wireshark:wireshark:1.0.2", "cpe:/a:wireshark:wireshark:0.99.6", "cpe:/a:wireshark:wireshark:1.0.1", "cpe:/a:wireshark:wireshark:0.99.8", "cpe:/a:wireshark:wireshark:0.99.2", "cpe:/a:wireshark:wireshark:1.0", "cpe:/a:wireshark:wireshark:0.99.4", "cpe:/a:wireshark:wireshark:0.99.7", "cpe:/a:wireshark:wireshark:1.0.3"], "id": "CVE-2008-4683", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4683", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.6a:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.3:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:35:17", "description": "packet-usb.c in the USB dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via a malformed USB Request Block (URB).", "edition": 4, "cvss3": {}, "published": "2008-10-22T18:00:00", "title": "CVE-2008-4680", "type": "cve", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-4680"], "modified": "2018-10-11T20:52:00", "cpe": ["cpe:/a:wireshark:wireshark:1.0.0", "cpe:/a:wireshark:wireshark:1.0.2", "cpe:/a:wireshark:wireshark:1.0.1", "cpe:/a:wireshark:wireshark:0.99.8", "cpe:/a:wireshark:wireshark:1.0", "cpe:/a:wireshark:wireshark:0.99.7", "cpe:/a:wireshark:wireshark:1.0.3"], "id": "CVE-2008-4680", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4680", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:35:17", "description": "packet-frame in Wireshark 0.99.2 through 1.0.3 does not properly handle exceptions thrown by post dissectors, which allows remote attackers to cause a denial of service (application crash) via a certain series of packets, as demonstrated by enabling the (1) PRP or (2) MATE post dissector.", "edition": 4, "cvss3": {}, "published": "2008-10-22T18:00:00", "title": "CVE-2008-4684", "type": "cve", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-4684"], "modified": "2018-10-11T20:52:00", "cpe": ["cpe:/a:wireshark:wireshark:0.99.3", "cpe:/a:wireshark:wireshark:0.99.6a", "cpe:/a:wireshark:wireshark:1.0.0", "cpe:/a:wireshark:wireshark:0.99.5", "cpe:/a:wireshark:wireshark:1.0.2", "cpe:/a:wireshark:wireshark:0.99.6", "cpe:/a:wireshark:wireshark:1.0.1", "cpe:/a:wireshark:wireshark:0.99.8", "cpe:/a:wireshark:wireshark:0.99.2", "cpe:/a:wireshark:wireshark:1.0", "cpe:/a:wireshark:wireshark:0.99.4", "cpe:/a:wireshark:wireshark:0.99.7", "cpe:/a:wireshark:wireshark:1.0.3"], "id": "CVE-2008-4684", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4684", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.6a:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.3:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:35:17", "description": "wtap.c in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application abort) via a malformed Tamos CommView capture file (aka .ncf file) with an \"unknown/unexpected packet type\" that triggers a failed assertion.", "edition": 4, "cvss3": {}, "published": "2008-10-22T18:00:00", "title": "CVE-2008-4682", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-4682"], "modified": "2018-10-11T20:52:00", "cpe": ["cpe:/a:wireshark:wireshark:1.0.0", "cpe:/a:wireshark:wireshark:1.0.2", "cpe:/a:wireshark:wireshark:1.0.1", "cpe:/a:wireshark:wireshark:0.99.8", "cpe:/a:wireshark:wireshark:1.0", "cpe:/a:wireshark:wireshark:0.99.7", "cpe:/a:wireshark:wireshark:1.0.3"], "id": "CVE-2008-4682", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4682", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:35:17", "description": "Use-after-free vulnerability in the dissect_q931_cause_ie function in packet-q931.c in the Q.931 dissector in Wireshark 0.10.3 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via certain packets that trigger an exception.", "edition": 4, "cvss3": {}, "published": "2008-10-22T18:00:00", "title": "CVE-2008-4685", "type": "cve", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-4685"], "modified": "2018-10-11T20:52:00", "cpe": ["cpe:/a:wireshark:wireshark:0.99.3", "cpe:/a:wireshark:wireshark:0.10.5", "cpe:/a:wireshark:wireshark:0.99.6a", "cpe:/a:wireshark:wireshark:0.10.6", "cpe:/a:wireshark:wireshark:1.0.0", "cpe:/a:wireshark:wireshark:0.99.5", "cpe:/a:wireshark:wireshark:1.0.2", "cpe:/a:wireshark:wireshark:0.99", "cpe:/a:wireshark:wireshark:0.10.9", "cpe:/a:wireshark:wireshark:0.99.6", "cpe:/a:wireshark:wireshark:1.0.1", "cpe:/a:wireshark:wireshark:0.99.8", "cpe:/a:wireshark:wireshark:0.10.7", "cpe:/a:wireshark:wireshark:0.10.8", "cpe:/a:wireshark:wireshark:0.99.2", "cpe:/a:wireshark:wireshark:0.99.0", "cpe:/a:wireshark:wireshark:1.0", "cpe:/a:wireshark:wireshark:0.99.4", "cpe:/a:wireshark:wireshark:0.10.4", "cpe:/a:wireshark:wireshark:0.99.1", "cpe:/a:wireshark:wireshark:0.99.7", "cpe:/a:wireshark:wireshark:1.0.3", "cpe:/a:wireshark:wireshark:0.10.3"], "id": "CVE-2008-4685", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4685", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.9:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.6a:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.10.6:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:35:17", "description": "Unspecified vulnerability in the Bluetooth RFCOMM dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via unknown packets.", "edition": 4, "cvss3": {}, "published": "2008-10-22T18:00:00", "title": "CVE-2008-4681", "type": "cve", "cwe": ["CWE-399", "CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-4681"], "modified": "2018-10-11T20:52:00", "cpe": ["cpe:/a:wireshark:wireshark:0.99.3", "cpe:/a:wireshark:wireshark:0.99.6a", "cpe:/a:wireshark:wireshark:1.0.0", "cpe:/a:wireshark:wireshark:0.99.5", "cpe:/a:wireshark:wireshark:1.0.2", "cpe:/a:wireshark:wireshark:0.99.6", "cpe:/a:wireshark:wireshark:1.0.1", "cpe:/a:wireshark:wireshark:0.99.8", "cpe:/a:wireshark:wireshark:0.99.2", "cpe:/a:wireshark:wireshark:1.0", "cpe:/a:wireshark:wireshark:0.99.4", "cpe:/a:wireshark:wireshark:0.99.7"], "id": "CVE-2008-4681", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4681", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.6a:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.3:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:39:59", "description": "Wireshark 0.99.6 through 1.0.5 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted Tektronix K12 text capture file, as demonstrated by a file with exactly one frame.", "edition": 4, "cvss3": {}, "published": "2009-02-16T20:30:00", "title": "CVE-2009-0600", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0600"], "modified": "2018-10-10T19:29:00", "cpe": ["cpe:/a:wireshark:wireshark:0.99.6a", "cpe:/a:wireshark:wireshark:1.0.5", "cpe:/a:wireshark:wireshark:1.0.0", "cpe:/a:wireshark:wireshark:1.0.2", "cpe:/a:wireshark:wireshark:0.99.6", "cpe:/a:wireshark:wireshark:1.0.4", "cpe:/a:wireshark:wireshark:1.0.1", "cpe:/a:wireshark:wireshark:0.99.8", "cpe:/a:wireshark:wireshark:1.0", "cpe:/a:wireshark:wireshark:0.99.7", "cpe:/a:wireshark:wireshark:1.0.3"], "id": "CVE-2009-0600", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0600", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.6a:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:39:59", "description": "Buffer overflow in wiretap/netscreen.c in Wireshark 0.99.7 through 1.0.5 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed NetScreen snoop file.", "edition": 4, "cvss3": {}, "published": "2009-02-16T20:30:00", "title": "CVE-2009-0599", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0599"], "modified": "2018-10-10T19:29:00", "cpe": ["cpe:/a:wireshark:wireshark:1.0.5", "cpe:/a:wireshark:wireshark:1.0.0", "cpe:/a:wireshark:wireshark:1.0.2", "cpe:/a:wireshark:wireshark:1.0.4", "cpe:/a:wireshark:wireshark:1.0.1", "cpe:/a:wireshark:wireshark:0.99.8", "cpe:/a:wireshark:wireshark:1.0", "cpe:/a:wireshark:wireshark:0.99.7", "cpe:/a:wireshark:wireshark:1.0.3"], "id": "CVE-2009-0599", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0599", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:0.99.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:1.0:*:*:*:*:*:*:*"]}], "gentoo": [{"lastseen": "2016-09-06T19:46:28", "bulletinFamily": "unix", "cvelist": ["CVE-2008-4680", "CVE-2008-4681", "CVE-2009-1268", "CVE-2009-1266", "CVE-2009-1210", "CVE-2008-6472", "CVE-2008-5285", "CVE-2009-1829", "CVE-2009-1269", "CVE-2009-0599", "CVE-2009-0600", "CVE-2008-4683", "CVE-2009-0601", "CVE-2008-4684", "CVE-2008-4685", "CVE-2008-4682"], "edition": 1, "description": "### Background\n\nWireshark is a versatile network protocol analyzer. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Wireshark: \n\n * David Maciejak discovered a vulnerability in packet-usb.c in the USB dissector via a malformed USB Request Block (URB) (CVE-2008-4680). \n * Florent Drouin and David Maciejak reported an unspecified vulnerability in the Bluetooth RFCOMM dissector (CVE-2008-4681). \n * A malformed Tamos CommView capture file (aka .ncf file) with an \"unknown/unexpected packet type\" triggers a failed assertion in wtap.c (CVE-2008-4682). \n * An unchecked packet length parameter in the dissect_btacl() function in packet-bthci_acl.c in the Bluetooth ACL dissector causes an erroneous tvb_memcpy() call (CVE-2008-4683). \n * A vulnerability where packet-frame does not properly handle exceptions thrown by post dissectors caused by a certain series of packets (CVE-2008-4684). \n * Mike Davies reported a use-after-free vulnerability in the dissect_q931_cause_ie() function in packet-q931.c in the Q.931 dissector via certain packets that trigger an exception (CVE-2008-4685). \n * The Security Vulnerability Research Team of Bkis reported that the SMTP dissector could consume excessive amounts of CPU and memory (CVE-2008-5285). \n * The vendor reported that the WLCCP dissector could go into an infinite loop (CVE-2008-6472). \n * babi discovered a buffer overflow in wiretap/netscreen.c via a malformed NetScreen snoop file (CVE-2009-0599). \n * A specially crafted Tektronix K12 text capture file can cause an application crash (CVE-2009-0600). \n * A format string vulnerability via format string specifiers in the HOME environment variable (CVE-2009-0601). \n * THCX Labs reported a format string vulnerability in the PROFINET/DCP (PN-DCP) dissector via a PN-DCP packet with format string specifiers in the station name (CVE-2009-1210). \n * An unspecified vulnerability with unknown impact and attack vectors (CVE-2009-1266). \n * Marty Adkins and Chris Maynard discovered a parsing error in the dissector for the Check Point High-Availability Protocol (CPHAP) (CVE-2009-1268). \n * Magnus Homann discovered a parsing error when loading a Tektronix .rf5 file (CVE-2009-1269). \n * The vendor reported that the PCNFSD dissector could crash (CVE-2009-1829).\n\n### Impact\n\nA remote attacker could exploit these vulnerabilities by sending specially crafted packets on a network being monitored by Wireshark or by enticing a user to read a malformed packet trace file which can trigger a Denial of Service (application crash or excessive CPU and memory usage) and possibly allow for the execution of arbitrary code with the privileges of the user running Wireshark. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Wireshark users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-analyzer/wireshark-1.0.8\"", "modified": "2009-06-30T00:00:00", "published": "2009-06-30T00:00:00", "id": "GLSA-200906-05", "href": "https://security.gentoo.org/glsa/200906-05", "type": "gentoo", "title": "Wireshark: Multiple vulnerabilities", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "fedora": [{"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2009-0599", "CVE-2009-0600"], "description": "Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. ", "modified": "2009-03-05T16:35:39", "published": "2009-03-05T16:35:39", "id": "FEDORA:4A462208545", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 10 Update: wireshark-1.0.6-1.fc10", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2009-0599", "CVE-2009-0600"], "description": "Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. ", "modified": "2009-03-16T19:54:08", "published": "2009-03-16T19:54:08", "id": "FEDORA:0ABA5208770", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 9 Update: wireshark-1.0.6-1.fc9", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "freebsd": [{"lastseen": "2019-05-29T18:34:16", "bulletinFamily": "unix", "cvelist": ["CVE-2009-0599", "CVE-2009-0600", "CVE-2009-0601"], "description": "\nVendor reports:\n\nOn non-Windows systems Wireshark could crash if the HOME\n\t environment variable contained sprintf-style string formatting\n\t characters. Wireshark could crash while reading a malformed\n\t NetScreen snoop file. Wireshark could crash while reading a\n\t Tektronix K12 text capture file.\n\n", "edition": 4, "modified": "2010-05-02T00:00:00", "published": "2009-02-06T00:00:00", "id": "F6F19735-9245-4918-8A60-87948EBB4907", "href": "https://vuxml.freebsd.org/freebsd/f6f19735-9245-4918-8a60-87948ebb4907.html", "title": "wireshark -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:34:20", "bulletinFamily": "unix", "cvelist": ["CVE-2008-5285"], "description": "\nSecunia reports:\n\nA vulnerability has been reported in Wireshark, which can be\n\t exploited by malicious people to cause a DoS.\nThe vulnerability is caused due to an error in the SMTP dissector\n\t and can be exploited to trigger the execution of an infinite loop via\n\t a large SMTP packet.\n\n", "edition": 4, "modified": "2008-11-24T00:00:00", "published": "2008-11-24T00:00:00", "id": "BAECE347-C489-11DD-A721-0030843D3802", "href": "https://vuxml.freebsd.org/freebsd/baece347-c489-11dd-a721-0030843d3802.html", "title": "wireshark -- SMTP Processing Denial of Service Vulnerability", "type": "freebsd", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "debian": [{"lastseen": "2020-11-11T13:28:15", "bulletinFamily": "unix", "cvelist": ["CVE-2008-3138", "CVE-2008-3933", "CVE-2008-3145", "CVE-2008-3137", "CVE-2008-3141", "CVE-2008-4683", "CVE-2008-4684", "CVE-2008-4685"], "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1673-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nNovember 29, 2008 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : wireshark\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2008-3137 CVE-2008-3138 CVE-2008-3141 CVE-2008-3145 CVE-2008-3933 CVE-2008-4683 CVE-2008-4684 CVE-2008-4685\n\nSeveral remote vulnerabilities have been discovered network traffic\nanalyzer Wireshark. The Common Vulnerabilities and Exposures project\nidentifies the following problems:\n\nCVE-2008-3137\n\n The GSM SMS dissector is vulnerable to denial of service.\n\nCVE-2008-3138\n\n The PANA and KISMET dissectors are vulnerable to denial of service.\n\nCVE-2008-3141\n\n The RMI dissector could disclose system memory.\n\nCVE-2008-3145\n\n The packet reassembling module is vulnerable to denial of service.\n\nCVE-2008-3933\n\n The zlib uncompression module is vulnerable to denial of service.\n\nCVE-2008-4683\n\n The Bluetooth ACL dissector is vulnerable to denial of service.\n\nCVE-2008-4684\n\n The PRP and MATE dissectors are vulnerable to denial of service.\n\nCVE-2008-4685\n\n The Q931 dissector is vulnerable to denial of service.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 0.99.4-5.etch.3.\n\nFor the upcoming stable distribution (lenny), these problems have been\nfixed in version 1.0.2-3+lenny2.\n\nFor the unstable distribution (sid), these problems will be fixed soon.\n\nWe recommend that you upgrade your wireshark packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nStable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4.orig.tar.gz\n Size/MD5 checksum: 13306790 2556a31d0d770dd1990bd67b98bd2f9b\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.3.dsc\n Size/MD5 checksum: 1066 ece7cc5dd8e70c0b5c13bfbf6e8c6eee\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.3.diff.gz\n Size/MD5 checksum: 48388 2918d72a79fafde4759afe72db727d6f\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.3_alpha.deb\n Size/MD5 checksum: 22872 2ac3fe313364295340483294f1e9fb91\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.3_alpha.deb\n Size/MD5 checksum: 22504 e67991e3aa09ce8bd8a44833fe7e3883\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.3_alpha.deb\n Size/MD5 checksum: 9318436 d88e91f579849725048a4f5d9155871d\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.3_alpha.deb\n Size/MD5 checksum: 181432 bd619bdb6fdc69e10dd31241268fac22\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.3_alpha.deb\n Size/MD5 checksum: 22498 b6e13d7c505bceb09cd278c5f07c7c40\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.3_alpha.deb\n Size/MD5 checksum: 674820 b6a532ff5292b77773e1aa4cfc2fd577\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.3_alpha.deb\n Size/MD5 checksum: 22510 eafc125f4a6f9084880fdd2a557b9814\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.3_alpha.deb\n Size/MD5 checksum: 117502 d829953f80e3402ea53f96b5a60010a4\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.3_amd64.deb\n Size/MD5 checksum: 181784 be30e7ac952ecec26ed7cf9d73cf07ca\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.3_amd64.deb\n Size/MD5 checksum: 619708 b97e43ebf7fb339df7210c0fed2de92b\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.3_amd64.deb\n Size/MD5 checksum: 22502 24d2101cd90f05f7206ed1b222cf2655\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.3_amd64.deb\n Size/MD5 checksum: 9119506 67bc221048a9a1909e0780547e267956\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.3_amd64.deb\n Size/MD5 checksum: 112146 24dad3e9789181bc32c555174ebc6331\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.3_amd64.deb\n Size/MD5 checksum: 22516 fd918d886d3f43e85efc336267f8d3b1\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.3_amd64.deb\n Size/MD5 checksum: 22504 e427825910c10ca825d6263d72f3231d\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.3_amd64.deb\n Size/MD5 checksum: 22862 8b219977905e0ca92c11669b819a4d62\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.3_arm.deb\n Size/MD5 checksum: 7739012 2393f419581304f9d1bc96b2e80a87b9\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.3_arm.deb\n Size/MD5 checksum: 22520 91159635ccf35f1d0fc51d80eb5af43d\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.3_arm.deb\n Size/MD5 checksum: 600564 6c9dc2dfc018156969644378f856521a\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.3_arm.deb\n Size/MD5 checksum: 22870 64f1146af6c9759d7fce864dc5f0d7d3\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.3_arm.deb\n Size/MD5 checksum: 22528 44b24f50cf31c9c8e734fbf5cb32603f\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.3_arm.deb\n Size/MD5 checksum: 22514 073d8b3cf84d186a28f1923b77825651\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.3_arm.deb\n Size/MD5 checksum: 182074 21f420a957afb36f416b743ea928344c\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.3_arm.deb\n Size/MD5 checksum: 107352 a57d347239ea877d9dc7944f025a357f\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.3_hppa.deb\n Size/MD5 checksum: 22872 2ccd34d4f66efe4103e8bd6abefa9522\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.3_hppa.deb\n Size/MD5 checksum: 22512 5969e22027936a31221f293be3ee9a07\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.3_hppa.deb\n Size/MD5 checksum: 22506 c624bb7b41ceb11e497c09c231388f17\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.3_hppa.deb\n Size/MD5 checksum: 9856512 1dc01e880f2cbc9ed221775bada95006\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.3_hppa.deb\n Size/MD5 checksum: 109670 d4eea1ac706ac762a8ed8327438f4642\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.3_hppa.deb\n Size/MD5 checksum: 22504 a738cb866d71bd90d6221655993db604\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.3_hppa.deb\n Size/MD5 checksum: 634968 a399926534b08d75dc0858bebd83c9b5\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.3_hppa.deb\n Size/MD5 checksum: 182054 cef379511143780007c649c3089ea1b2\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.3_i386.deb\n Size/MD5 checksum: 182668 a1c8033946069020bf3c985ac15f3262\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.3_i386.deb\n Size/MD5 checksum: 564704 810e62b84fec47703eb3a123059b576b\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.3_i386.deb\n Size/MD5 checksum: 22492 e0730ad8b28f63b46e57dda4577009f2\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.3_i386.deb\n Size/MD5 checksum: 7502356 84707ff563a36e6dbdcafb47657b4260\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.3_i386.deb\n Size/MD5 checksum: 22860 34cc7a26d0416a35b9cbcd5dce2f875c\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.3_i386.deb\n Size/MD5 checksum: 102308 882325dfde6476fa6fef27435af1c9c7\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.3_i386.deb\n Size/MD5 checksum: 22498 a03f9bc9d8ce5f23bbab2280ab49798b\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.3_i386.deb\n Size/MD5 checksum: 22504 f2b77a28c0675c396652fcdc9c2c3803\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.3_ia64.deb\n Size/MD5 checksum: 22846 3c2f1b3206af0c51ad92aef628d1296c\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.3_ia64.deb\n Size/MD5 checksum: 145732 4f709746e604fd49e8500000c0c8b9fd\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.3_ia64.deb\n Size/MD5 checksum: 22498 00c321e1542af1331ca18b0df70eee08\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.3_ia64.deb\n Size/MD5 checksum: 10652434 5884462db3ab99cd180970b81bab92e1\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.3_ia64.deb\n Size/MD5 checksum: 22484 4591898f96b98e28d183328a0e21dba4\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.3_ia64.deb\n Size/MD5 checksum: 827582 c67bd7ddb1ab16764b7ebebbd5b1bb7c\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.3_ia64.deb\n Size/MD5 checksum: 22498 45334f3ef44ae17bb9c8d4a95f6cf4e6\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.3_ia64.deb\n Size/MD5 checksum: 182626 67cd7391e4c59b412ddc2e76c6fa6791\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.3_mips.deb\n Size/MD5 checksum: 104812 d3f86fe05592a3ac315047246c4dd26e\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.3_mips.deb\n Size/MD5 checksum: 8017676 583e585fb11a943ef5c0288016dffb43\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.3_mips.deb\n Size/MD5 checksum: 588850 2ea0a20be951ff4e8ab6ba6525dea911\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.3_mips.deb\n Size/MD5 checksum: 21856 8ad7420ab94abbaedd0a0283530f9bad\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.3_mips.deb\n Size/MD5 checksum: 22108 74e578c0a220a579e57830fe8031cc8b\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.3_mips.deb\n Size/MD5 checksum: 21844 7821c6a42d28f2c2833cf58b9ca033a5\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.3_mips.deb\n Size/MD5 checksum: 181530 cbdd1d6dd954ee7f1d7050ef3c9eba91\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.3_mips.deb\n Size/MD5 checksum: 21850 42ed2c8bc444299b2f6e4987e79ab666\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.3_mipsel.deb\n Size/MD5 checksum: 104602 79217e35d38b7a65b76c40f4e3cb9be1\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.3_mipsel.deb\n Size/MD5 checksum: 22492 f3005b052212919cdb4fcdb9b4fba65e\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.3_mipsel.deb\n Size/MD5 checksum: 7408744 4228174f1af0bf0b17f4d30de7cf7ea5\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.3_mipsel.deb\n Size/MD5 checksum: 22506 9b8bca5a067957146d32d0b92bb09117\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.3_mipsel.deb\n Size/MD5 checksum: 22506 250f509a57cee02c619151b65e6fd18e\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.3_mipsel.deb\n Size/MD5 checksum: 575840 750acb173d59b7936388b2a0d82dc796\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.3_mipsel.deb\n Size/MD5 checksum: 182672 766ee8b1ff019b03703ee93ebb76717f\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.3_mipsel.deb\n Size/MD5 checksum: 22856 9c5861628a2de7fd905f1924c0474332\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.3_powerpc.deb\n Size/MD5 checksum: 182652 1dfdaa74d72de475b67c3256bf14b637\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.3_powerpc.deb\n Size/MD5 checksum: 22498 4ec636076c7587204842382f6729001d\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.3_powerpc.deb\n Size/MD5 checksum: 22850 cb065d5901a738e96c35dc534407d59e\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.3_powerpc.deb\n Size/MD5 checksum: 22504 2da403f29c784c2da2b65d34a4342517\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.3_powerpc.deb\n Size/MD5 checksum: 104242 fd8bac6c5986e895547a8cd2bd0e047a\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.3_powerpc.deb\n Size/MD5 checksum: 8606102 2f48dcbf4864fff90668b9c9fd0b1f65\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.3_powerpc.deb\n Size/MD5 checksum: 583590 c2d40168eec70056745aacac50a1b6cd\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.3_powerpc.deb\n Size/MD5 checksum: 22490 452169dd566fa6bbf2d2ca1c2d950a37\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.3_s390.deb\n Size/MD5 checksum: 22848 02756b25f5eb8866a1c8281f088aba85\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.3_s390.deb\n Size/MD5 checksum: 22504 11c3d2072753d2f3a100e44c3d3fe33a\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.3_s390.deb\n Size/MD5 checksum: 115600 049e7e0f056196df2500e03c4d32a300\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.3_s390.deb\n Size/MD5 checksum: 9756694 e39b358505fa9cb7c7a8d0d6d898fd79\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.3_s390.deb\n Size/MD5 checksum: 22498 39c467d08525f96ce4900c9a26643477\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.3_s390.deb\n Size/MD5 checksum: 22488 23d2f294343796f2a7d44c3b5d93651e\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.3_s390.deb\n Size/MD5 checksum: 640960 539d3faeb8bebf6f945803a88f48f927\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.3_s390.deb\n Size/MD5 checksum: 182622 e0e7919335705d8062378606615675b7\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/w/wireshark/tethereal_0.99.4-5.etch.3_sparc.deb\n Size/MD5 checksum: 22520 fcded97d018614d9c009b7381af86c0c\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal_0.99.4-5.etch.3_sparc.deb\n Size/MD5 checksum: 22508 08b5ee4324e7bf9c70e3dc64790c0b3a\n http://security.debian.org/pool/updates/main/w/wireshark/tshark_0.99.4-5.etch.3_sparc.deb\n Size/MD5 checksum: 104122 5389c35fe323621a57e570eae09efa84\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark_0.99.4-5.etch.3_sparc.deb\n Size/MD5 checksum: 586906 d32db40176c7a72e691d1015c1c399dc\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-dev_0.99.4-5.etch.3_sparc.deb\n Size/MD5 checksum: 183182 db42ff4d1f6cb72b3fed705d72cd9334\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-common_0.99.4-5.etch.3_sparc.deb\n Size/MD5 checksum: 22866 880b204b5182202328541153989cf082\n http://security.debian.org/pool/updates/main/w/wireshark/ethereal-dev_0.99.4-5.etch.3_sparc.deb\n Size/MD5 checksum: 22522 acf3820b48c050b01da592940dee07ad\n http://security.debian.org/pool/updates/main/w/wireshark/wireshark-common_0.99.4-5.etch.3_sparc.deb\n Size/MD5 checksum: 8679242 716f14e3d3ea4795e742fed07ebe2f44\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show &lt;pkg&gt;&#x27; and http://packages.debian.org/&lt;pkg&gt;\n", "edition": 7, "modified": "2008-11-29T23:07:57", "published": "2008-11-29T23:07:57", "id": "DEBIAN:DSA-1673-1:71D41", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2008/msg00265.html", "title": "[SECURITY] [DSA 1673-1] New wireshark packages fix several vulnerabilities", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "exploitdb": [{"lastseen": "2016-02-01T01:16:00", "description": "Wireshark 1.0.x Malformed .ncf packet capture Local Denial of Service. CVE-2008-4682. Dos exploits for multiple platform", "published": "2008-09-29T00:00:00", "type": "exploitdb", "title": "Wireshark 1.0.x - Malformed .ncf packet capture Local Denial of Service", "bulletinFamily": "exploit", "cvelist": ["CVE-2008-4682"], "modified": "2008-09-29T00:00:00", "id": "EDB-ID:6622", "href": "https://www.exploit-db.com/exploits/6622/", "sourceData": "Wireshark 1.0.x .ncf local denial of service\r\nauthor: Shinnok\r\n\r\nDescription\r\n\r\nWireshark 1.0.x crashes as a result of a failed assertion when dealing\r\nwith a malformed Tamosoft CommView .ncf packet capture:\r\nErr file wtap.c: line 620 (wtap_read): assertion failed:\r\n(wth->phdr.pkt_encap != WTAP_ENCAP_PER_PACKET)\r\n\r\nhttps://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/6622.ncf (2008-wireshark.ncf)\r\n\r\n# milw0rm.com [2008-09-29]\r\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/6622/"}]}