{"securityvulns": [{"lastseen": "2018-08-31T11:10:47", "bulletinFamily": "software", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2013:020\r\n http://www.mandriva.com/en/support/security/\r\n _______________________________________________________________________\r\n\r\n Package : wireshark\r\n Date : March 8, 2013\r\n Affected: Enterprise Server 5.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Multiple vulnerabilities was found and corrected in Wireshark:\r\n \r\n * DRDA dissector infinite loop (CVE-2012-5239).\r\n * USB dissector infinite loop\r\n * ISAKMP dissector crash\r\n * iSCSI dissector infinite loop\r\n * WTP dissector infinite loop\r\n * RTCP dissector inifinte loop\r\n * ICMPv6 dissector infinite loop\r\n * Infinite and large loops in several dissectors (CVE-2013-1572,\r\n CVE-2013-1573, CVE-2013-1574, CVE-2013-1575, CVE-2013-1576,\r\n CVE-2013-1577, CVE-2013-1578, CVE-2013-1579, CVE-2013-1580,\r\n CVE-2013-1581).\r\n * CLNP dissector crash (CVE-2013-1582).\r\n * DTN dissector crash (CVE-2013-1583, CVE-2013-1584).\r\n * MS-MMC dissector crash (CVE-2013-1585).\r\n * DTLS dissector crash (CVE-2013-1586).\r\n * DCP-ETSI dissector crash (CVE-2013-1588).\r\n * Wireshark dissection engine crash (CVE-2013-1589).\r\n * NTLMSSP dissector overflow (CVE-2013-1590).\r\n * MS-MMS dissector crash (CVE-2013-2478).\r\n * RTPS and RTPS2 dissector crash (CVE-2013-2480).\r\n * Mount dissector crash (CVE-2013-2481).\r\n * AMPQ dissector infinite loop (CVE-2013-2482).\r\n * ACN dissector divide by zero (CVE-2013-2483).\r\n * CIMD dissector crash (CVE-2013-2484).\r\n * FCSP dissector infinite loop (CVE-2013-2485).\r\n * DTLS dissector crash (CVE-2013-2488).\r\n \r\n This advisory provides the latest version of Wireshark (1.6.14)\r\n which is not vulnerable to these issues.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5239\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1572\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1573\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1574\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1575\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1576\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1577\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1578\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1579\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1580\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1581\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1582\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1583\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1584\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1585\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1586\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1588\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1589\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1590\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2478\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2480\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2481\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2482\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2483\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2484\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2485\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2488\r\n http://www.wireshark.org/security/wnpa-sec-2012-28.html\r\n http://www.wireshark.org/security/wnpa-sec-2012-31.html\r\n http://www.wireshark.org/security/wnpa-sec-2012-35.html\r\n http://www.wireshark.org/security/wnpa-sec-2012-36.html\r\n http://www.wireshark.org/security/wnpa-sec-2012-37.html\r\n http://www.wireshark.org/security/wnpa-sec-2012-38.html\r\n http://www.wireshark.org/security/wnpa-sec-2012-40.html\r\n http://www.wireshark.org/security/wnpa-sec-2013-01.html\r\n http://www.wireshark.org/security/wnpa-sec-2013-02.html\r\n http://www.wireshark.org/security/wnpa-sec-2013-03.html\r\n http://www.wireshark.org/security/wnpa-sec-2013-04.html\r\n http://www.wireshark.org/security/wnpa-sec-2013-05.html\r\n http://www.wireshark.org/security/wnpa-sec-2013-07.html\r\n http://www.wireshark.org/security/wnpa-sec-2013-08.html\r\n http://www.wireshark.org/security/wnpa-sec-2013-09.html\r\n http://www.wireshark.org/security/wnpa-sec-2013-13.html\r\n http://www.wireshark.org/security/wnpa-sec-2013-15.html\r\n http://www.wireshark.org/security/wnpa-sec-2013-16.html\r\n http://www.wireshark.org/security/wnpa-sec-2013-17.html\r\n http://www.wireshark.org/security/wnpa-sec-2013-18.html\r\n http://www.wireshark.org/security/wnpa-sec-2013-19.html\r\n http://www.wireshark.org/security/wnpa-sec-2013-20.html\r\n http://www.wireshark.org/security/wnpa-sec-2013-22.html\r\n http://www.wireshark.org/lists/wireshark-announce/201208/msg00003.html\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Enterprise Server 5:\r\n a22beeba6fa41e24c7cfac34d5df7cce mes5/i586/dumpcap-1.6.14-0.1mdvmes5.2.i586.rpm\r\n 14d093a7435774afd18f24a2abb41b1f mes5/i586/libwireshark1-1.6.14-0.1mdvmes5.2.i586.rpm\r\n 36654a282d83b0105a8c9df3a97eee97 mes5/i586/libwireshark-devel-1.6.14-0.1mdvmes5.2.i586.rpm\r\n a82e66bd38a63cca2c0727ca1d38e3fb mes5/i586/rawshark-1.6.14-0.1mdvmes5.2.i586.rpm\r\n 0986f3ddb45fc6bd3d1659951ab47816 mes5/i586/tshark-1.6.14-0.1mdvmes5.2.i586.rpm\r\n b58996993509b52a43395458fbc290ba mes5/i586/wireshark-1.6.14-0.1mdvmes5.2.i586.rpm\r\n 2eab9f9ecf9f622a5f06b36d71183ffb mes5/i586/wireshark-tools-1.6.14-0.1mdvmes5.2.i586.rpm \r\n 6288f0cf8b88de7fb206c2b0dba2fe0c mes5/SRPMS/wireshark-1.6.14-0.1mdvmes5.2.src.rpm\r\n\r\n Mandriva Enterprise Server 5/X86_64:\r\n dbe7f9af81fc6dee15f1af6b8f57513e mes5/x86_64/dumpcap-1.6.14-0.1mdvmes5.2.x86_64.rpm\r\n 2755728f4fbd11eab89648f4ced5816f mes5/x86_64/lib64wireshark1-1.6.14-0.1mdvmes5.2.x86_64.rpm\r\n 7499190e0f8cee43b68228126764a674 mes5/x86_64/lib64wireshark-devel-1.6.14-0.1mdvmes5.2.x86_64.rpm\r\n 0b885069ea9380aff5f0a6bdc858dc6c mes5/x86_64/rawshark-1.6.14-0.1mdvmes5.2.x86_64.rpm\r\n bc7a38103a6a72370f0c24b956cadc47 mes5/x86_64/tshark-1.6.14-0.1mdvmes5.2.x86_64.rpm\r\n a515e67149dc0f1a35bc6769c8fa31ac mes5/x86_64/wireshark-1.6.14-0.1mdvmes5.2.x86_64.rpm\r\n ae4e61b2418693acebb9778c3a9eb165 mes5/x86_64/wireshark-tools-1.6.14-0.1mdvmes5.2.x86_64.rpm \r\n 6288f0cf8b88de7fb206c2b0dba2fe0c mes5/SRPMS/wireshark-1.6.14-0.1mdvmes5.2.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/en/support/security/advisories/\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.11 (GNU/Linux)\r\n\r\niD8DBQFROW9dmqjQ0CJFipgRAm2AAKC/3WNeGtK1b5hx+9y59bX+q1fb7QCg6s/V\r\ne+SBnkg6OiQ0UFvffT9trzk=\r\n=GO8S\r\n-----END PGP SIGNATURE-----\r\n", "modified": "2013-03-10T00:00:00", "published": "2013-03-10T00:00:00", "id": "SECURITYVULNS:DOC:29140", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:29140", "title": "[ MDVSA-2013:020 ] wireshark", "type": "securityvulns", "cvss": {"score": 6.1, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:47", "bulletinFamily": "software", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-2625-1 security@debian.org\r\nhttp://www.debian.org/security/ Moritz Muehlenhoff\r\nFebruary 17, 2013 http://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : wireshark\r\nVulnerability : several\r\nProblem type : remote\r\nDebian-specific: no\r\nCVE ID : CVE-2013-1582 CVE-2013-1586 CVE-2013-1588 CVE-2013-1590\r\n\r\nMultiple vulnerabilities were discovered in the dissectors for the CLNP,\r\nDTLS, DCP-ETSI and NTLMSSP protocols, which could result in denial of\r\nservice or the execution of arbitrary code.\r\n\r\nFor the stable distribution (squeeze), these problems have been fixed in\r\nversion 1.2.11-6+squeeze9.\r\n\r\nFor the unstable distribution (sid), these problems will be fixed soon.\r\n\r\nWe recommend that you upgrade your wireshark packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: http://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.12 (GNU/Linux)\r\n\r\niEYEARECAAYFAlEgF2sACgkQXm3vHE4uylo/4QCgkfQkzzKBxisAc6wCTNaGMdeN\r\n+2MAn3KVXhdhVK9+tAjjcGxd0lJWQ3Vy\r\n=EpbC\r\n-----END PGP SIGNATURE-----\r\n", "modified": "2013-02-24T00:00:00", "published": "2013-02-24T00:00:00", "id": "SECURITYVULNS:DOC:29091", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:29091", "title": "[SECURITY] [DSA 2625-1] wireshark security update", "type": "securityvulns", "cvss": {"score": 2.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "openvas": [{"lastseen": "2017-07-02T21:11:18", "bulletinFamily": "scanner", "description": "This host is installed with Wireshark and is prone to multiple\n vulnerabilities.", "modified": "2017-05-09T00:00:00", "published": "2013-02-04T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=803166", "id": "OPENVAS:803166", "title": "Wireshark Multiple Vulnerabilities(01) - Feb2013 (Mac OS X)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_wireshark_mult_vuln01_feb13_macosx.nasl 6086 2017-05-09 09:03:30Z teissa $\n#\n# Wireshark Multiple Vulnerabilities(01) - Feb2013 (Mac OS X)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow remote attackers to crash affected\n application or to consume excessive CPU resources.\n Impact Level: Application\";\n\ntag_affected = \"Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 on Mac OS X\";\ntag_insight = \"The flaws are due to\n - Errors in the Bluetooth HCI, CSN.1, DCP-ETSI DOCSIS CM-STAUS, IEEE 802.3\n Slow Protocols, MPLS, R3, RTPS, SDP, and SIP dissectors can be exploited\n to trigger infinite loops and consume CPU resources via specially crafted\n packets.\n - An error in the CLNP, DTN, MS-MMC, DTLS , DCP-ETSI, NTLMSSP and ROHC\n dissector when processing certain packets can be exploited to cause a\n crash via a specially crafted packet.\n - An error in the dissection engine when processing certain packets can be\n exploited to cause a crash via a specially crafted packet.\";\ntag_solution = \"Upgrade to the Wireshark version 1.6.13, 1.8.5 or later,\n For updates refer to http://www.wireshark.org/download\";\ntag_summary = \"This host is installed with Wireshark and is prone to multiple\n vulnerabilities.\";\n\nif(description)\n{\n script_id(803166);\n script_version(\"$Revision: 6086 $\");\n script_cve_id(\"CVE-2013-1572\", \"CVE-2013-1573\", \"CVE-2013-1574\", \"CVE-2013-1575\",\n \"CVE-2013-1576\", \"CVE-2013-1577\", \"CVE-2013-1578\", \"CVE-2013-1579\",\n \"CVE-2013-1580\", \"CVE-2013-1581\", \"CVE-2013-1582\", \"CVE-2013-1583\",\n \"CVE-2013-1584\", \"CVE-2013-1585\", \"CVE-2013-1586\", \"CVE-2013-1587\",\n \"CVE-2013-1588\", \"CVE-2013-1589\", \"CVE-2013-1590\");\n script_bugtraq_id(57616);\n script_tag(name:\"cvss_base\", value:\"2.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-09 11:03:30 +0200 (Tue, 09 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-04 19:46:29 +0530 (Mon, 04 Feb 2013)\");\n script_name(\"Wireshark Multiple Vulnerabilities(01) - Feb2013 (Mac OS X)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/51968\");\n script_xref(name : \"URL\" , value : \"http://www.wireshark.org/security/wnpa-sec-2013-01.html\");\n script_xref(name : \"URL\" , value : \"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8037\");\n script_xref(name : \"URL\" , value : \"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8038\");\n script_xref(name : \"URL\" , value : \"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8040\");\n script_xref(name : \"URL\" , value : \"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8041\");\n script_xref(name : \"URL\" , value : \"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8042\");\n script_xref(name : \"URL\" , value : \"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8043\");\n script_xref(name : \"URL\" , value : \"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8198\");\n script_xref(name : \"URL\" , value : \"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8222\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_wireshark_detect_macosx.nasl\", \"ssh_authorization_init.nasl\");\n script_require_keys(\"Wireshark/MacOSX/Version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Variable Initialization\nsharkVer = \"\";\n\n## Get version from KB\nsharkVer = get_kb_item(\"Wireshark/MacOSX/Version\");\nif(!sharkVer && !(sharkVer =~ \"^1\")){\n exit(0);\n}\n\n## Check for vulnerable Wireshark versions\nif(version_in_range(version:sharkVer, test_version:\"1.8.0\", test_version2:\"1.8.4\") ||\n version_in_range(version:sharkVer, test_version:\"1.6.0\", test_version2:\"1.6.12\")) {\n security_message(0);\n}\n", "cvss": {"score": 2.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-10-22T16:42:04", "bulletinFamily": "scanner", "description": "This host is installed with Wireshark and is prone to multiple\n vulnerabilities.", "modified": "2018-10-12T00:00:00", "published": "2013-02-04T00:00:00", "id": "OPENVAS:1361412562310803166", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803166", "title": "Wireshark Multiple Vulnerabilities(01) - Feb2013 (Mac OS X)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_wireshark_mult_vuln01_feb13_macosx.nasl 11865 2018-10-12 10:03:43Z cfischer $\n#\n# Wireshark Multiple Vulnerabilities(01) - Feb2013 (Mac OS X)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803166\");\n script_version(\"$Revision: 11865 $\");\n script_cve_id(\"CVE-2013-1572\", \"CVE-2013-1573\", \"CVE-2013-1574\", \"CVE-2013-1575\",\n \"CVE-2013-1576\", \"CVE-2013-1577\", \"CVE-2013-1578\", \"CVE-2013-1579\",\n \"CVE-2013-1580\", \"CVE-2013-1581\", \"CVE-2013-1582\", \"CVE-2013-1583\",\n \"CVE-2013-1584\", \"CVE-2013-1585\", \"CVE-2013-1586\", \"CVE-2013-1587\",\n \"CVE-2013-1588\", \"CVE-2013-1589\", \"CVE-2013-1590\");\n script_bugtraq_id(57616);\n script_tag(name:\"cvss_base\", value:\"2.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 12:03:43 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-04 19:46:29 +0530 (Mon, 04 Feb 2013)\");\n script_name(\"Wireshark Multiple Vulnerabilities(01) - Feb2013 (Mac OS X)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/51968\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/security/wnpa-sec-2013-01.html\");\n script_xref(name:\"URL\", value:\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8037\");\n script_xref(name:\"URL\", value:\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8038\");\n script_xref(name:\"URL\", value:\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8040\");\n script_xref(name:\"URL\", value:\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8041\");\n script_xref(name:\"URL\", value:\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8042\");\n script_xref(name:\"URL\", value:\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8043\");\n script_xref(name:\"URL\", value:\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8198\");\n script_xref(name:\"URL\", value:\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8222\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_wireshark_detect_macosx.nasl\");\n script_mandatory_keys(\"Wireshark/MacOSX/Version\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to crash affected\n application or to consume excessive CPU resources.\");\n\n script_tag(name:\"affected\", value:\"Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 on Mac OS X\");\n\n script_tag(name:\"insight\", value:\"The flaws are due to\n\n - Errors in the Bluetooth HCI, CSN.1, DCP-ETSI DOCSIS CM-STAUS, IEEE 802.3\n Slow Protocols, MPLS, R3, RTPS, SDP, and SIP dissectors can be exploited\n to trigger infinite loops and consume CPU resources via specially crafted\n packets.\n\n - An error in the CLNP, DTN, MS-MMC, DTLS, DCP-ETSI, NTLMSSP and ROHC\n dissector when processing certain packets can be exploited to cause a\n crash via a specially crafted packet.\n\n - An error in the dissection engine when processing certain packets can be\n exploited to cause a crash via a specially crafted packet.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the Wireshark version 1.6.13, 1.8.5 or later.\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark and is prone to multiple\n vulnerabilities.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/download\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\nsharkVer = get_kb_item(\"Wireshark/MacOSX/Version\");\nif(!sharkVer && sharkVer !~ \"^1\\.[68]\"){\n exit(0);\n}\n\nif(version_in_range(version:sharkVer, test_version:\"1.8.0\", test_version2:\"1.8.4\") ||\n version_in_range(version:sharkVer, test_version:\"1.6.0\", test_version2:\"1.6.12\")) {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n", "cvss": {"score": 2.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:11:19", "bulletinFamily": "scanner", "description": "This host is installed with Wireshark and is prone to multiple\n vulnerabilities.", "modified": "2017-05-08T00:00:00", "published": "2013-02-04T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=803165", "id": "OPENVAS:803165", "title": "Wireshark Multiple Vulnerabilities(01) - Feb2013 (Windows)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_wireshark_mult_vuln01_feb13_win.nasl 6079 2017-05-08 09:03:33Z teissa $\n#\n# Wireshark Multiple Vulnerabilities(01) - Feb2013 (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow remote attackers to crash affected\n application or to consume excessive CPU resources.\n Impact Level: Application\";\n\ntag_affected = \"Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 on Windows\";\ntag_insight = \"The flaws are due to\n - Errors in the Bluetooth HCI, CSN.1, DCP-ETSI DOCSIS CM-STAUS, IEEE 802.3\n Slow Protocols, MPLS, R3, RTPS, SDP, and SIP dissectors can be exploited\n to trigger infinite loops and consume CPU resources via specially crafted\n packets.\n - An error in the CLNP, DTN, MS-MMC, DTLS , DCP-ETSI, NTLMSSP and ROHC\n dissector when processing certain packets can be exploited to cause a\n crash via a specially crafted packet.\n - An error in the dissection engine when processing certain packets can be\n exploited to cause a crash via a specially crafted packet.\";\ntag_solution = \"Upgrade to the Wireshark version 1.6.13, 1.8.5 or later,\n For updates refer to http://www.wireshark.org/download\";\ntag_summary = \"This host is installed with Wireshark and is prone to multiple\n vulnerabilities.\";\n\nif(description)\n{\n script_id(803165);\n script_version(\"$Revision: 6079 $\");\n script_cve_id(\"CVE-2013-1572\", \"CVE-2013-1573\", \"CVE-2013-1574\", \"CVE-2013-1575\",\n \"CVE-2013-1576\", \"CVE-2013-1577\", \"CVE-2013-1578\", \"CVE-2013-1579\",\n \"CVE-2013-1580\", \"CVE-2013-1581\", \"CVE-2013-1582\", \"CVE-2013-1583\",\n \"CVE-2013-1584\", \"CVE-2013-1585\", \"CVE-2013-1586\", \"CVE-2013-1587\",\n \"CVE-2013-1588\", \"CVE-2013-1589\", \"CVE-2013-1590\");\n script_bugtraq_id(57616);\n script_tag(name:\"cvss_base\", value:\"2.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-08 11:03:33 +0200 (Mon, 08 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-04 19:32:22 +0530 (Mon, 04 Feb 2013)\");\n script_name(\"Wireshark Multiple Vulnerabilities(01) - Feb2013 (Windows)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/51968\");\n script_xref(name : \"URL\" , value : \"http://www.wireshark.org/security/wnpa-sec-2013-01.html\");\n script_xref(name : \"URL\" , value : \"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8037\");\n script_xref(name : \"URL\" , value : \"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8038\");\n script_xref(name : \"URL\" , value : \"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8040\");\n script_xref(name : \"URL\" , value : \"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8041\");\n script_xref(name : \"URL\" , value : \"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8042\");\n script_xref(name : \"URL\" , value : \"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8043\");\n script_xref(name : \"URL\" , value : \"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8198\");\n script_xref(name : \"URL\" , value : \"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8222\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_require_keys(\"Wireshark/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Variable Initialization\nsharkVer = \"\";\n\n## Get version from KB\nsharkVer = get_kb_item(\"Wireshark/Win/Ver\");\nif(!sharkVer && !(sharkVer =~ \"^1\")){\n exit(0);\n}\n\n## Check for vulnerable Wireshark versions\nif(version_in_range(version:sharkVer, test_version:\"1.8.0\", test_version2:\"1.8.4\") ||\n version_in_range(version:sharkVer, test_version:\"1.6.0\", test_version2:\"1.6.12\")) {\n security_message(0);\n}\n", "cvss": {"score": 2.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-10-22T16:42:09", "bulletinFamily": "scanner", "description": "This host is installed with Wireshark and is prone to multiple\n vulnerabilities.", "modified": "2018-10-12T00:00:00", "published": "2013-02-04T00:00:00", "id": "OPENVAS:1361412562310803165", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803165", "title": "Wireshark Multiple Vulnerabilities(01) - Feb2013 (Windows)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_wireshark_mult_vuln01_feb13_win.nasl 11865 2018-10-12 10:03:43Z cfischer $\n#\n# Wireshark Multiple Vulnerabilities(01) - Feb2013 (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803165\");\n script_version(\"$Revision: 11865 $\");\n script_cve_id(\"CVE-2013-1572\", \"CVE-2013-1573\", \"CVE-2013-1574\", \"CVE-2013-1575\",\n \"CVE-2013-1576\", \"CVE-2013-1577\", \"CVE-2013-1578\", \"CVE-2013-1579\",\n \"CVE-2013-1580\", \"CVE-2013-1581\", \"CVE-2013-1582\", \"CVE-2013-1583\",\n \"CVE-2013-1584\", \"CVE-2013-1585\", \"CVE-2013-1586\", \"CVE-2013-1587\",\n \"CVE-2013-1588\", \"CVE-2013-1589\", \"CVE-2013-1590\");\n script_bugtraq_id(57616);\n script_tag(name:\"cvss_base\", value:\"2.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 12:03:43 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-04 19:32:22 +0530 (Mon, 04 Feb 2013)\");\n script_name(\"Wireshark Multiple Vulnerabilities(01) - Feb2013 (Windows)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/51968\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/security/wnpa-sec-2013-01.html\");\n script_xref(name:\"URL\", value:\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8037\");\n script_xref(name:\"URL\", value:\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8038\");\n script_xref(name:\"URL\", value:\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8040\");\n script_xref(name:\"URL\", value:\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8041\");\n script_xref(name:\"URL\", value:\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8042\");\n script_xref(name:\"URL\", value:\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8043\");\n script_xref(name:\"URL\", value:\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8198\");\n script_xref(name:\"URL\", value:\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8222\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to crash affected\n application or to consume excessive CPU resources.\");\n script_tag(name:\"affected\", value:\"Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 on Windows\");\n script_tag(name:\"insight\", value:\"The flaws are due to\n\n - Errors in the Bluetooth HCI, CSN.1, DCP-ETSI DOCSIS CM-STAUS, IEEE 802.3\n Slow Protocols, MPLS, R3, RTPS, SDP, and SIP dissectors can be exploited\n to trigger infinite loops and consume CPU resources via specially crafted\n packets.\n\n - An error in the CLNP, DTN, MS-MMC, DTLS, DCP-ETSI, NTLMSSP and ROHC\n dissector when processing certain packets can be exploited to cause a\n crash via a specially crafted packet.\n\n - An error in the dissection engine when processing certain packets can be\n exploited to cause a crash via a specially crafted packet.\");\n script_tag(name:\"solution\", value:\"Upgrade to the Wireshark version 1.6.13, 1.8.5 or later.\");\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark and is prone to multiple\n vulnerabilities.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/download\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\nsharkVer = get_kb_item(\"Wireshark/Win/Ver\");\nif(!sharkVer && !(sharkVer =~ \"^1\")){\n exit(0);\n}\n\nif(version_in_range(version:sharkVer, test_version:\"1.8.0\", test_version2:\"1.8.4\") ||\n version_in_range(version:sharkVer, test_version:\"1.6.0\", test_version2:\"1.6.12\")) {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n", "cvss": {"score": 2.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-10-22T16:41:54", "bulletinFamily": "scanner", "description": "This host is installed with Wireshark and is prone to multiple\n denial of service vulnerabilities.", "modified": "2018-10-12T00:00:00", "published": "2013-03-11T00:00:00", "id": "OPENVAS:1361412562310803330", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803330", "title": "Wireshark Multiple Dissector Multiple DoS Vulnerabilities - March 13 (Windows)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_wireshark_mult_dos_vuln_mar13_win.nasl 11865 2018-10-12 10:03:43Z cfischer $\n#\n# Wireshark Multiple Dissector Multiple DoS Vulnerabilities - March 13 (Windows)\n#\n# Authors:\n# Arun Kallavi <karun@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803330\");\n script_version(\"$Revision: 11865 $\");\n script_cve_id(\"CVE-2013-2478\", \"CVE-2013-2480\", \"CVE-2013-2481\", \"CVE-2013-2482\",\n \"CVE-2013-2483\", \"CVE-2013-2484\", \"CVE-2013-2485\", \"CVE-2013-2488\");\n script_bugtraq_id(58357, 58351, 58340, 58353, 58355, 58356, 58362, 58365);\n script_tag(name:\"cvss_base\", value:\"6.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 12:03:43 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-11 18:57:44 +0530 (Mon, 11 Mar 2013)\");\n script_name(\"Wireshark Multiple Dissector Multiple DoS Vulnerabilities - March 13 (Windows)\");\n script_xref(name:\"URL\", value:\"http://www.securelist.com/en/advisories/52471\");\n script_xref(name:\"URL\", value:\"http://securitytracker.com/id/1028254\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/docs/relnotes/wireshark-1.8.6.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to cause denial of\n service or to consume excessive CPU resources.\");\n script_tag(name:\"affected\", value:\"Wireshark 1.6.x before 1.6.14, 1.8.x before 1.8.6 on Windows\");\n script_tag(name:\"insight\", value:\"Multiple flaws are due to errors in MS-MMS, RTPS, RTPS2, Mount, AMPQ, ACN,\n CIMD, FCSP and DTLS dissectors.\");\n script_tag(name:\"solution\", value:\"Upgrade to the Wireshark version 1.6.14 or 1.8.6 or later.\");\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark and is prone to multiple\n denial of service vulnerabilities.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/download\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nsharkVer = get_kb_item(\"Wireshark/Win/Ver\");\n\nif(sharkVer && sharkVer=~ \"^(1.6|1.8)\")\n{\n if(version_in_range(version:sharkVer, test_version:\"1.6.0\", test_version2:\"1.6.13\") ||\n version_in_range(version:sharkVer, test_version:\"1.8.0\", test_version2:\"1.8.5\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n}\n", "cvss": {"score": 6.1, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-10-22T16:42:16", "bulletinFamily": "scanner", "description": "This host is installed with Wireshark and is prone to multiple\n denial of service vulnerabilities.", "modified": "2018-10-12T00:00:00", "published": "2013-03-11T00:00:00", "id": "OPENVAS:1361412562310803332", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803332", "title": "Wireshark Multiple Dissector Multiple DoS Vulnerabilities - March 13 (Mac OS X)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_wireshark_mult_dos_vuln_mar13_macosx.nasl 11865 2018-10-12 10:03:43Z cfischer $\n#\n# Wireshark Multiple Dissector Multiple DoS Vulnerabilities - March 13 (Mac OS X)\n#\n# Authors:\n# Arun Kallavi <karun@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803332\");\n script_version(\"$Revision: 11865 $\");\n script_cve_id(\"CVE-2013-2478\", \"CVE-2013-2480\", \"CVE-2013-2481\", \"CVE-2013-2482\",\n \"CVE-2013-2483\", \"CVE-2013-2484\", \"CVE-2013-2485\", \"CVE-2013-2488\");\n script_bugtraq_id(58357, 58351, 58340, 58353, 58355, 58356, 58362, 58365);\n script_tag(name:\"cvss_base\", value:\"6.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 12:03:43 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-11 19:20:06 +0530 (Mon, 11 Mar 2013)\");\n script_name(\"Wireshark Multiple Dissector Multiple DoS Vulnerabilities - March 13 (Mac OS X)\");\n script_xref(name:\"URL\", value:\"http://www.securelist.com/en/advisories/52471\");\n script_xref(name:\"URL\", value:\"http://securitytracker.com/id/1028254\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/docs/relnotes/wireshark-1.8.6.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_wireshark_detect_macosx.nasl\");\n script_mandatory_keys(\"Wireshark/MacOSX/Version\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to cause denial of\n service or to consume excessive CPU resources.\");\n script_tag(name:\"affected\", value:\"Wireshark 1.6.x before 1.6.14, 1.8.x before 1.8.6 on Mac OS X\");\n script_tag(name:\"insight\", value:\"Multiple flaws are due to errors in MS-MMS, RTPS, RTPS2, Mount, AMPQ, ACN,\n CIMD, FCSP and DTLS dissectors.\");\n script_tag(name:\"solution\", value:\"Upgrade to the Wireshark version 1.6.14 or 1.8.6 or later.\");\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark and is prone to multiple\n denial of service vulnerabilities.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.wireshark.org/download\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nsharkVer = get_kb_item(\"Wireshark/MacOSX/Version\");\n\nif(sharkVer && sharkVer=~ \"^(1.6|1.8)\")\n{\n if(version_in_range(version:sharkVer, test_version:\"1.6.0\", test_version2:\"1.6.11\") ||\n version_in_range(version:sharkVer, test_version:\"1.8.0\", test_version2:\"1.8.3\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n}\n", "cvss": {"score": 6.1, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:11:12", "bulletinFamily": "scanner", "description": "This host is installed with Wireshark and is prone to multiple\n denial of service vulnerabilities.", "modified": "2017-05-05T00:00:00", "published": "2013-03-11T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=803332", "id": "OPENVAS:803332", "title": "Wireshark Multiple Dissector Multiple DoS Vulnerabilities - March 13 (Mac OS X)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_wireshark_mult_dos_vuln_mar13_macosx.nasl 6074 2017-05-05 09:03:14Z teissa $\n#\n# Wireshark Multiple Dissector Multiple DoS Vulnerabilities - March 13 (Mac OS X)\n#\n# Authors:\n# Arun Kallavi <karun@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow remote attackers to cause denial of\n service or to consume excessive CPU resources.\n Impact Level: Application\";\n\ntag_affected = \"Wireshark 1.6.x before 1.6.14, 1.8.x before 1.8.6 on Mac OS X\";\ntag_insight = \"Multiple flaws are due to errors in MS-MMS, RTPS, RTPS2, Mount, AMPQ, ACN,\n CIMD, FCSP and DTLS dissectors.\";\ntag_solution = \"Upgrade to the Wireshark version 1.6.14 or 1.8.6 or later,\n For updates refer to http://www.wireshark.org/download\";\ntag_summary = \"This host is installed with Wireshark and is prone to multiple\n denial of service vulnerabilities.\";\n\nif(description)\n{\n script_id(803332);\n script_version(\"$Revision: 6074 $\");\n script_cve_id(\"CVE-2013-2478\", \"CVE-2013-2480\", \"CVE-2013-2481\", \"CVE-2013-2482\",\n \"CVE-2013-2483\", \"CVE-2013-2484\", \"CVE-2013-2485\", \"CVE-2013-2488\");\n script_bugtraq_id(58357, 58351, 58340, 58353, 58355, 58356, 58362, 58365);\n script_tag(name:\"cvss_base\", value:\"6.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-05 11:03:14 +0200 (Fri, 05 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-11 19:20:06 +0530 (Mon, 11 Mar 2013)\");\n script_name(\"Wireshark Multiple Dissector Multiple DoS Vulnerabilities - March 13 (Mac OS X)\");\n script_xref(name : \"URL\" , value : \"http://www.securelist.com/en/advisories/52471\");\n script_xref(name : \"URL\" , value : \"http://securitytracker.com/id/1028254\");\n script_xref(name : \"URL\" , value : \"http://www.wireshark.org/docs/relnotes/wireshark-1.8.6.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_wireshark_detect_macosx.nasl\");\n script_mandatory_keys(\"Wireshark/MacOSX/Version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Variable Initialization\nsharkVer = \"\";\n\n## Get version from KB\nsharkVer = get_kb_item(\"Wireshark/MacOSX/Version\");\n\nif(sharkVer && sharkVer=~ \"^(1.6|1.8)\")\n{\n ## Check for vulnerable Wireshark versions\n if(version_in_range(version:sharkVer, test_version:\"1.6.0\", test_version2:\"1.6.11\") ||\n version_in_range(version:sharkVer, test_version:\"1.8.0\", test_version2:\"1.8.3\")){\n security_message(0);\n exit(0);\n }\n}\n", "cvss": {"score": 6.1, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:11:25", "bulletinFamily": "scanner", "description": "This host is installed with Wireshark and is prone to multiple\n denial of service vulnerabilities.", "modified": "2017-05-10T00:00:00", "published": "2013-03-11T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=803330", "id": "OPENVAS:803330", "title": "Wireshark Multiple Dissector Multiple DoS Vulnerabilities - March 13 (Windows)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_wireshark_mult_dos_vuln_mar13_win.nasl 6093 2017-05-10 09:03:18Z teissa $\n#\n# Wireshark Multiple Dissector Multiple DoS Vulnerabilities - March 13 (Windows)\n#\n# Authors:\n# Arun Kallavi <karun@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow remote attackers to cause denial of\n service or to consume excessive CPU resources.\n Impact Level: Application\";\n\ntag_affected = \"Wireshark 1.6.x before 1.6.14, 1.8.x before 1.8.6 on Windows\";\ntag_insight = \"Multiple flaws are due to errors in MS-MMS, RTPS, RTPS2, Mount, AMPQ, ACN,\n CIMD, FCSP and DTLS dissectors.\";\ntag_solution = \"Upgrade to the Wireshark version 1.6.14 or 1.8.6 or later,\n For updates refer to http://www.wireshark.org/download\";\ntag_summary = \"This host is installed with Wireshark and is prone to multiple\n denial of service vulnerabilities.\";\n\nif(description)\n{\n script_id(803330);\n script_version(\"$Revision: 6093 $\");\n script_cve_id(\"CVE-2013-2478\", \"CVE-2013-2480\", \"CVE-2013-2481\", \"CVE-2013-2482\",\n \"CVE-2013-2483\", \"CVE-2013-2484\", \"CVE-2013-2485\", \"CVE-2013-2488\");\n script_bugtraq_id(58357, 58351, 58340, 58353, 58355, 58356, 58362, 58365);\n script_tag(name:\"cvss_base\", value:\"6.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-10 11:03:18 +0200 (Wed, 10 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-11 18:57:44 +0530 (Mon, 11 Mar 2013)\");\n script_name(\"Wireshark Multiple Dissector Multiple DoS Vulnerabilities - March 13 (Windows)\");\n script_xref(name : \"URL\" , value : \"http://www.securelist.com/en/advisories/52471\");\n script_xref(name : \"URL\" , value : \"http://securitytracker.com/id/1028254\");\n script_xref(name : \"URL\" , value : \"http://www.wireshark.org/docs/relnotes/wireshark-1.8.6.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Variable Initialization\nsharkVer = \"\";\n\n## Get version from KB\nsharkVer = get_kb_item(\"Wireshark/Win/Ver\");\n\nif(sharkVer && sharkVer=~ \"^(1.6|1.8)\")\n{\n ## Check for vulnerable Wireshark versions\n if(version_in_range(version:sharkVer, test_version:\"1.6.0\", test_version2:\"1.6.13\") ||\n version_in_range(version:sharkVer, test_version:\"1.8.0\", test_version2:\"1.8.5\")){\n security_message(0);\n exit(0);\n }\n}\n", "cvss": {"score": 6.1, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:51:47", "bulletinFamily": "scanner", "description": "Multiple vulnerabilities were discovered in the dissectors for the\nMS-MMS, RTPS, RTPS2, Mount, ACN, CIMD and DTLS protocols, which could\nresult in denial of service or the execution of arbitrary code.", "modified": "2017-07-07T00:00:00", "published": "2013-03-14T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=892644", "id": "OPENVAS:892644", "title": "Debian Security Advisory DSA 2644-1 (wireshark - several vulnerabilities)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2644.nasl 6611 2017-07-07 12:07:20Z cfischer $\n# Auto-generated from advisory DSA 2644-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"wireshark on Debian Linux\";\ntag_insight = \"Wireshark is a network 'sniffer' - a tool that captures and analyzes\npackets off the wire. Wireshark can decode too many protocols to list\nhere.\";\ntag_solution = \"For the stable distribution (squeeze), these problems have been fixed in\nversion 1.2.11-6+squeeze10.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.8.2-5.\n\nWe recommend that you upgrade your wireshark packages.\";\ntag_summary = \"Multiple vulnerabilities were discovered in the dissectors for the\nMS-MMS, RTPS, RTPS2, Mount, ACN, CIMD and DTLS protocols, which could\nresult in denial of service or the execution of arbitrary code.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(892644);\n script_version(\"$Revision: 6611 $\");\n script_cve_id(\"CVE-2013-2484\", \"CVE-2013-2480\", \"CVE-2013-2478\", \"CVE-2013-2481\", \"CVE-2013-2488\", \"CVE-2013-2483\");\n script_name(\"Debian Security Advisory DSA 2644-1 (wireshark - several vulnerabilities)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-07 14:07:20 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2013-03-14 00:00:00 +0100 (Thu, 14 Mar 2013)\");\n script_tag(name: \"cvss_base\", value:\"5.0\");\n script_tag(name: \"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2013/dsa-2644.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"tshark\", ver:\"1.2.11-6+squeeze10\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark\", ver:\"1.2.11-6+squeeze10\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-common\", ver:\"1.2.11-6+squeeze10\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-dbg\", ver:\"1.2.11-6+squeeze10\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-dev\", ver:\"1.2.11-6+squeeze10\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:56:55", "bulletinFamily": "scanner", "description": "Multiple vulnerabilities were discovered in the dissectors for the\nMS-MMS, RTPS, RTPS2, Mount, ACN, CIMD and DTLS protocols, which could\nresult in denial of service or the execution of arbitrary code.", "modified": "2018-04-06T00:00:00", "published": "2013-03-14T00:00:00", "id": "OPENVAS:1361412562310892644", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892644", "title": "Debian Security Advisory DSA 2644-1 (wireshark - several vulnerabilities)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2644.nasl 9353 2018-04-06 07:14:20Z cfischer $\n# Auto-generated from advisory DSA 2644-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"wireshark on Debian Linux\";\ntag_insight = \"Wireshark is a network 'sniffer' - a tool that captures and analyzes\npackets off the wire. Wireshark can decode too many protocols to list\nhere.\";\ntag_solution = \"For the stable distribution (squeeze), these problems have been fixed in\nversion 1.2.11-6+squeeze10.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.8.2-5.\n\nWe recommend that you upgrade your wireshark packages.\";\ntag_summary = \"Multiple vulnerabilities were discovered in the dissectors for the\nMS-MMS, RTPS, RTPS2, Mount, ACN, CIMD and DTLS protocols, which could\nresult in denial of service or the execution of arbitrary code.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892644\");\n script_version(\"$Revision: 9353 $\");\n script_cve_id(\"CVE-2013-2484\", \"CVE-2013-2480\", \"CVE-2013-2478\", \"CVE-2013-2481\", \"CVE-2013-2488\", \"CVE-2013-2483\");\n script_name(\"Debian Security Advisory DSA 2644-1 (wireshark - several vulnerabilities)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2018-04-06 09:14:20 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name: \"creation_date\", value:\"2013-03-14 00:00:00 +0100 (Thu, 14 Mar 2013)\");\n script_tag(name: \"cvss_base\", value:\"5.0\");\n script_tag(name: \"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2013/dsa-2644.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"tshark\", ver:\"1.2.11-6+squeeze10\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark\", ver:\"1.2.11-6+squeeze10\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-common\", ver:\"1.2.11-6+squeeze10\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-dbg\", ver:\"1.2.11-6+squeeze10\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wireshark-dev\", ver:\"1.2.11-6+squeeze10\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "nessus": [{"lastseen": "2019-01-16T20:15:34", "bulletinFamily": "scanner", "description": "The installed version of Wireshark 1.8 is earlier than 1.8.5. It is,\ntherefore, affected by the following vulnerabilities :\n\n - Errors exist related to the Bluetooth HCI, CSN.1,\n DCP-ETSI DOCSIS CM-STAUS, IEEE 802.3 Slow Protocols,\n MPLS, R3, RTPS, SDP, and SIP dissectors that could\n allow the application to enter infinite or large loops,\n thereby consuming excessive CPU resources. (Bugs 8036,\n 8037, 8038, 8040, 8041, 8042, 8043, 8198, 8199, 8222)\n\n - Errors exist related to the DCP-ETSI, ROHC, DTLS,\n MS-MMC, DTN, CLNP dissectors that could allow them to\n crash. (Bugs 7679, 7871, 7945, 8111, 8112, 8213)\n\n - An unspecified error could allow the dissection engine\n to crash. (Bug 8197)\n\n - An unspecified buffer overflow exists in the NTLMSSP\n dissector that has an unspecified impact.", "modified": "2018-11-15T00:00:00", "published": "2013-01-30T00:00:00", "id": "WIRESHARK_1_8_5.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=64362", "title": "Wireshark 1.8.x < 1.8.5 Multiple Vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(64362);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/11/15 20:50:29\");\n\n script_cve_id(\n \"CVE-2013-1572\",\n \"CVE-2013-1573\",\n \"CVE-2013-1574\",\n \"CVE-2013-1575\",\n \"CVE-2013-1576\",\n \"CVE-2013-1577\",\n \"CVE-2013-1578\",\n \"CVE-2013-1579\",\n \"CVE-2013-1580\",\n \"CVE-2013-1581\",\n \"CVE-2013-1582\",\n \"CVE-2013-1583\",\n \"CVE-2013-1584\",\n \"CVE-2013-1585\",\n \"CVE-2013-1586\",\n \"CVE-2013-1587\",\n \"CVE-2013-1588\",\n \"CVE-2013-1589\",\n \"CVE-2013-1590\"\n );\n script_bugtraq_id(\n 57615,\n 57616,\n 57618,\n 57619,\n 57620,\n 57621,\n 57622,\n 57625,\n 57626,\n 57647\n );\n\n script_name(english:\"Wireshark 1.8.x < 1.8.5 Multiple Vulnerabilities\");\n script_summary(english:\"Does a version check\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains an application that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The installed version of Wireshark 1.8 is earlier than 1.8.5. It is,\ntherefore, affected by the following vulnerabilities :\n\n - Errors exist related to the Bluetooth HCI, CSN.1,\n DCP-ETSI DOCSIS CM-STAUS, IEEE 802.3 Slow Protocols,\n MPLS, R3, RTPS, SDP, and SIP dissectors that could\n allow the application to enter infinite or large loops,\n thereby consuming excessive CPU resources. (Bugs 8036,\n 8037, 8038, 8040, 8041, 8042, 8043, 8198, 8199, 8222)\n\n - Errors exist related to the DCP-ETSI, ROHC, DTLS,\n MS-MMC, DTN, CLNP dissectors that could allow them to\n crash. (Bugs 7679, 7871, 7945, 8111, 8112, 8213)\n\n - An unspecified error could allow the dissection engine\n to crash. (Bug 8197)\n\n - An unspecified buffer overflow exists in the NTLMSSP\n dissector that has an unspecified impact.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-01.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-02.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-03.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-04.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-05.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-06.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-07.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-08.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-09.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.wireshark.org/docs/relnotes/wireshark-1.8.5.html\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Wireshark version 1.8.5 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/01/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/01/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"wireshark_installed.nasl\");\n script_require_keys(\"SMB/Wireshark/Installed\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n# Check each install.\ninstalls = get_kb_list_or_exit(\"SMB/Wireshark/*\");\n\ninfo = '';\ninfo2 = '';\n\nforeach install(keys(installs))\n{\n if (\"/Installed\" >< install) continue;\n\n version = install - \"SMB/Wireshark/\";\n\n if (version =~ \"^1\\.8\\.[0-4]($|[^0-9])\")\n info +=\n '\\n Path : ' + installs[install] +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 1.8.5\\n';\n else\n info2 += 'Version ' + version + ', under ' + installs[install] + ' ';\n}\n\n# Remove trailing space on info2\nif (strlen(info2) > 1)\n info2 = substr(info2, 0, strlen(info2) -2);\n\n# Report if any were found to be vulnerable\nif (info)\n{\n if (report_verbosity > 0)\n {\n if (max_index(split(info)) > 4) s = \"s of Wireshark are\";\n else s = \" of Wireshark is\";\n\n report =\n '\\n' + 'The following vulnerable instance' + s + ' installed :' + \n '\\n' + \n '\\n' + info;\n security_hole(port:get_kb_item(\"SMB/transport\"), extra:report);\n }\n else security_hole(get_kb_item(\"SMB/transport\"));\n exit(0);\n}\nif (info2) exit(0, \"The following installed instance(s) of Wireshark are not affected : \" + info2 + \".\");\n", "cvss": {"score": 2.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:15:34", "bulletinFamily": "scanner", "description": "The installed version of Wireshark 1.6 is earlier than 1.6.13. It is,\ntherefore, affected by the following vulnerabilities :\n\n - Errors exist related to the Bluetooth HCI, CSN.1,\n DCP-ETSI DOCSIS CM-STAUS, IEEE 802.3 Slow Protocols,\n MPLS, R3, RTPS, SDP, and SIP dissectors that could\n allow the application to enter infinite or large loops,\n thereby consuming excessive CPU resources. (Bugs 8036,\n 8037, 8038, 8040, 8041, 8042, 8043, 8198, 8199, 8222)\n\n - Errors exist related to the DCP-ETSI, DTLS, MS-MMC, DTN,\n CLNP dissectors that could allow them to crash.\n (Bugs 7871, 7945, 8111, 8112, 8213)\n\n - An unspecified error could allow the dissection engine\n to crash. (Bug 8197)\n\n - An unspecified buffer overflow exists in the NTLMSSP\n dissector that has an unspecified impact.", "modified": "2018-11-15T00:00:00", "published": "2013-01-30T00:00:00", "id": "WIRESHARK_1_6_13.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=64361", "title": "Wireshark 1.6.x < 1.6.13 Multiple Vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(64361);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/11/15 20:50:29\");\n\n script_cve_id(\n \"CVE-2013-1572\",\n \"CVE-2013-1573\",\n \"CVE-2013-1574\",\n \"CVE-2013-1575\",\n \"CVE-2013-1576\",\n \"CVE-2013-1577\",\n \"CVE-2013-1578\",\n \"CVE-2013-1579\",\n \"CVE-2013-1580\",\n \"CVE-2013-1581\",\n \"CVE-2013-1582\",\n \"CVE-2013-1583\",\n \"CVE-2013-1584\",\n \"CVE-2013-1585\",\n \"CVE-2013-1586\",\n \"CVE-2013-1588\",\n \"CVE-2013-1589\",\n \"CVE-2013-1590\"\n );\n script_bugtraq_id(\n 57615,\n 57616,\n 57618,\n 57620,\n 57621,\n 57622,\n 57625,\n 57626,\n 57647\n );\n\n script_name(english:\"Wireshark 1.6.x < 1.6.13 Multiple Vulnerabilities\");\n script_summary(english:\"Does a version check\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains an application that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The installed version of Wireshark 1.6 is earlier than 1.6.13. It is,\ntherefore, affected by the following vulnerabilities :\n\n - Errors exist related to the Bluetooth HCI, CSN.1,\n DCP-ETSI DOCSIS CM-STAUS, IEEE 802.3 Slow Protocols,\n MPLS, R3, RTPS, SDP, and SIP dissectors that could\n allow the application to enter infinite or large loops,\n thereby consuming excessive CPU resources. (Bugs 8036,\n 8037, 8038, 8040, 8041, 8042, 8043, 8198, 8199, 8222)\n\n - Errors exist related to the DCP-ETSI, DTLS, MS-MMC, DTN,\n CLNP dissectors that could allow them to crash.\n (Bugs 7871, 7945, 8111, 8112, 8213)\n\n - An unspecified error could allow the dissection engine\n to crash. (Bug 8197)\n\n - An unspecified buffer overflow exists in the NTLMSSP\n dissector that has an unspecified impact.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-01.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-02.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-03.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-04.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-05.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-07.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-08.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-09.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.6.13.html\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Wireshark version 1.6.13 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/01/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/01/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"wireshark_installed.nasl\");\n script_require_keys(\"SMB/Wireshark/Installed\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n# Check each install.\ninstalls = get_kb_list_or_exit(\"SMB/Wireshark/*\");\n\ninfo = '';\ninfo2 = '';\n\nforeach install(keys(installs))\n{\n if (\"/Installed\" >< install) continue;\n\n version = install - \"SMB/Wireshark/\";\n\n if (version =~ \"^1\\.6\\.([0-9]|1[0-2])($|[^0-9])\")\n info +=\n '\\n Path : ' + installs[install] +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 1.6.13\\n';\n else\n info2 += 'Version ' + version + ', under ' + installs[install] + ' ';\n}\n\n# Remove trailing space on info2\nif (strlen(info2) > 1)\n info2 = substr(info2, 0, strlen(info2) -2);\n\n# Report if any were found to be vulnerable\nif (info)\n{\n if (report_verbosity > 0)\n {\n if (max_index(split(info)) > 4) s = \"s of Wireshark are\";\n else s = \" of Wireshark is\";\n\n report =\n '\\n' + 'The following vulnerable instance' + s + ' installed :' + \n '\\n' + \n '\\n' + info;\n security_hole(port:get_kb_item(\"SMB/transport\"), extra:report);\n }\n else security_hole(get_kb_item(\"SMB/transport\"));\n exit(0);\n}\nif (info2) exit(0, \"The following installed instance(s) of Wireshark are not affected : \" + info2 + \".\");\n", "cvss": {"score": 2.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:18:45", "bulletinFamily": "scanner", "description": "wireshark was updated to 1.8.5 to fix bugs and security issues.\n\nVulnerabilities fixed :\n\n - Infinite and large loops in the Bluetooth HCI, CSN.1,\n DCP-ETSI DOCSIS CM-STAUS, IEEE 802.3 Slow Protocols,\n MPLS, R3, RTPS, SDP, and SIP dissectors wnpa-sec-2013-01\n CVE-2013-1572 CVE-2013-1573 CVE-2013-1574 CVE-2013-1575\n CVE-2013-1576 CVE-2013-1577 CVE-2013-1578 CVE-2013-1579\n CVE-2013-1580 CVE-2013-1581\n\n - The CLNP dissector could crash wnpa-sec-2013-02\n CVE-2013-1582\n\n - The DTN dissector could crash wnpa-sec-2013-03\n CVE-2013-1583 CVE-2013-1584\n\n - The MS-MMC dissector (and possibly others) could crash\n wnpa-sec-2013-04 CVE-2013-1585\n\n - The DTLS dissector could crash wnpa-sec-2013-05\n CVE-2013-1586\n\n - The ROHC dissector could crash wnpa-sec-2013-06\n CVE-2013-1587\n\n - The DCP-ETSI dissector could corrupt memory\n wnpa-sec-2013-07 CVE-2013-1588\n\n - The Wireshark dissection engine could crash\n wnpa-sec-2013-08 CVE-2013-1589\n\n - The NTLMSSP dissector could overflow a buffer\n wnpa-sec-2013-09 CVE-2013-1590\n\n + Further bug fixes and updated protocol support as listed\n in:\n http://www.wireshark.org/docs/relnotes/wireshark-1.8.5.h\n tml", "modified": "2018-11-19T00:00:00", "published": "2014-06-13T00:00:00", "id": "OPENSUSE-2013-104.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=74879", "title": "openSUSE Security Update : wireshark (openSUSE-SU-2013:0276-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-104.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74879);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/11/19 11:02:42\");\n\n script_cve_id(\"CVE-2013-1572\", \"CVE-2013-1573\", \"CVE-2013-1574\", \"CVE-2013-1575\", \"CVE-2013-1576\", \"CVE-2013-1577\", \"CVE-2013-1578\", \"CVE-2013-1579\", \"CVE-2013-1580\", \"CVE-2013-1581\", \"CVE-2013-1582\", \"CVE-2013-1583\", \"CVE-2013-1584\", \"CVE-2013-1585\", \"CVE-2013-1586\", \"CVE-2013-1587\", \"CVE-2013-1588\", \"CVE-2013-1589\", \"CVE-2013-1590\");\n\n script_name(english:\"openSUSE Security Update : wireshark (openSUSE-SU-2013:0276-1)\");\n script_summary(english:\"Check for the openSUSE-2013-104 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"wireshark was updated to 1.8.5 to fix bugs and security issues.\n\nVulnerabilities fixed :\n\n - Infinite and large loops in the Bluetooth HCI, CSN.1,\n DCP-ETSI DOCSIS CM-STAUS, IEEE 802.3 Slow Protocols,\n MPLS, R3, RTPS, SDP, and SIP dissectors wnpa-sec-2013-01\n CVE-2013-1572 CVE-2013-1573 CVE-2013-1574 CVE-2013-1575\n CVE-2013-1576 CVE-2013-1577 CVE-2013-1578 CVE-2013-1579\n CVE-2013-1580 CVE-2013-1581\n\n - The CLNP dissector could crash wnpa-sec-2013-02\n CVE-2013-1582\n\n - The DTN dissector could crash wnpa-sec-2013-03\n CVE-2013-1583 CVE-2013-1584\n\n - The MS-MMC dissector (and possibly others) could crash\n wnpa-sec-2013-04 CVE-2013-1585\n\n - The DTLS dissector could crash wnpa-sec-2013-05\n CVE-2013-1586\n\n - The ROHC dissector could crash wnpa-sec-2013-06\n CVE-2013-1587\n\n - The DCP-ETSI dissector could corrupt memory\n wnpa-sec-2013-07 CVE-2013-1588\n\n - The Wireshark dissection engine could crash\n wnpa-sec-2013-08 CVE-2013-1589\n\n - The NTLMSSP dissector could overflow a buffer\n wnpa-sec-2013-09 CVE-2013-1590\n\n + Further bug fixes and updated protocol support as listed\n in:\n http://www.wireshark.org/docs/relnotes/wireshark-1.8.5.h\n tml\"\n );\n # http://www.wireshark.org/docs/relnotes/wireshark-1.8.5.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.8.5.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=801131\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-02/msg00028.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.1|SUSE12\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.1 / 12.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.1\", reference:\"wireshark-1.8.5-3.37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"wireshark-debuginfo-1.8.5-3.37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"wireshark-debugsource-1.8.5-3.37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"wireshark-devel-1.8.5-3.37.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"wireshark-1.8.5-1.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"wireshark-debuginfo-1.8.5-1.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"wireshark-debugsource-1.8.5-1.19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"wireshark-devel-1.8.5-1.19.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "cvss": {"score": 2.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:15:43", "bulletinFamily": "scanner", "description": "wireshark was updated to 1.8.5 (bnc#801131), fixing bugs and security\nissues :\n\nThe following vulnerabilities have been fixed :\n\n - Infinite and large loops in the Bluetooth HCI, CSN.1,\n DCP-ETSI DOCSIS CM-STAUS, IEEE 802.3 Slow Protocols,\n MPLS, R3, RTPS, SDP, and SIP dissectors wnpa-sec-2013-01\n CVE-2013-1572 / CVE-2013-1573 / CVE-2013-1574 /\n CVE-2013-1575 / CVE-2013-1576 / CVE-2013-1577 /\n CVE-2013-1578 / CVE-2013-1579 / CVE-2013-1580 /\n CVE-2013-1581\n\n - The CLNP dissector could crash wnpa-sec-2013-02.\n (CVE-2013-1582)\n\n - The DTN dissector could crash wnpa-sec-2013-03.\n (CVE-2013-1583 / CVE-2013-1584)\n\n - The MS-MMC dissector (and possibly others) could crash\n wnpa-sec-2013-04. (CVE-2013-1585)\n\n - The DTLS dissector could crash wnpa-sec-2013-05.\n (CVE-2013-1586)\n\n - The ROHC dissector could crash wnpa-sec-2013-06.\n (CVE-2013-1587)\n\n - The DCP-ETSI dissector could corrupt memory\n wnpa-sec-2013-07. (CVE-2013-1588)\n\n - The Wireshark dissection engine could crash\n wnpa-sec-2013-08. (CVE-2013-1589)\n\n - The NTLMSSP dissector could overflow a buffer\n wnpa-sec-2013-09 CVE-2013-1590: Further bug fixes and\n updated protocol support as listed in:\n http://www.wireshark.org/docs/relnotes/wireshark-1.8.5.h\n tml", "modified": "2013-10-25T00:00:00", "published": "2013-02-22T00:00:00", "id": "SUSE_11_WIRESHARK-130207.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=64796", "title": "SuSE 11.2 Security Update : wireshark (SAT Patch Number 7317)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(64796);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2013/10/25 23:56:05 $\");\n\n script_cve_id(\"CVE-2013-1572\", \"CVE-2013-1573\", \"CVE-2013-1574\", \"CVE-2013-1575\", \"CVE-2013-1576\", \"CVE-2013-1577\", \"CVE-2013-1578\", \"CVE-2013-1579\", \"CVE-2013-1580\", \"CVE-2013-1581\", \"CVE-2013-1582\", \"CVE-2013-1583\", \"CVE-2013-1584\", \"CVE-2013-1585\", \"CVE-2013-1586\", \"CVE-2013-1587\", \"CVE-2013-1588\", \"CVE-2013-1589\", \"CVE-2013-1590\");\n\n script_name(english:\"SuSE 11.2 Security Update : wireshark (SAT Patch Number 7317)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"wireshark was updated to 1.8.5 (bnc#801131), fixing bugs and security\nissues :\n\nThe following vulnerabilities have been fixed :\n\n - Infinite and large loops in the Bluetooth HCI, CSN.1,\n DCP-ETSI DOCSIS CM-STAUS, IEEE 802.3 Slow Protocols,\n MPLS, R3, RTPS, SDP, and SIP dissectors wnpa-sec-2013-01\n CVE-2013-1572 / CVE-2013-1573 / CVE-2013-1574 /\n CVE-2013-1575 / CVE-2013-1576 / CVE-2013-1577 /\n CVE-2013-1578 / CVE-2013-1579 / CVE-2013-1580 /\n CVE-2013-1581\n\n - The CLNP dissector could crash wnpa-sec-2013-02.\n (CVE-2013-1582)\n\n - The DTN dissector could crash wnpa-sec-2013-03.\n (CVE-2013-1583 / CVE-2013-1584)\n\n - The MS-MMC dissector (and possibly others) could crash\n wnpa-sec-2013-04. (CVE-2013-1585)\n\n - The DTLS dissector could crash wnpa-sec-2013-05.\n (CVE-2013-1586)\n\n - The ROHC dissector could crash wnpa-sec-2013-06.\n (CVE-2013-1587)\n\n - The DCP-ETSI dissector could corrupt memory\n wnpa-sec-2013-07. (CVE-2013-1588)\n\n - The Wireshark dissection engine could crash\n wnpa-sec-2013-08. (CVE-2013-1589)\n\n - The NTLMSSP dissector could overflow a buffer\n wnpa-sec-2013-09 CVE-2013-1590: Further bug fixes and\n updated protocol support as listed in:\n http://www.wireshark.org/docs/relnotes/wireshark-1.8.5.h\n tml\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=801131\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1572.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1573.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1574.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1575.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1576.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1577.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1578.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1579.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1580.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1581.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1582.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1583.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1584.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1585.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1586.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1587.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1588.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1589.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1590.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 7317.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 2) audit(AUDIT_OS_NOT, \"SuSE 11.2\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"s390x\", reference:\"wireshark-1.8.5-0.2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 2.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:15:43", "bulletinFamily": "scanner", "description": "Wireshark has been updated to 1.6.13 which fixes bugs and security\nissues :\n\nThe following vulnerabilities have been fixed :\n\n - Infinite and large loops in the Bluetooth HCI, CSN.1,\n DCP-ETSI DOCSIS CM-STAUS, IEEE 802.3 Slow Protocols,\n MPLS, R3, RTPS, SDP, and SIP dissectors wnpa-sec-2013-01\n CVE-2013-1572 / CVE-2013-1573 / CVE-2013-1574 /\n CVE-2013-1575 / CVE-2013-1576 / CVE-2013-1577 /\n CVE-2013-1578 / CVE-2013-1579 / CVE-2013-1580 /\n CVE-2013-1581\n\n - The CLNP dissector could crash wnpa-sec-2013-02\n CVE-2013-1582\n\n - The DTN dissector could crash wnpa-sec-2013-03\n CVE-2013-1583 / CVE-2013-1584\n\n - The MS-MMC dissector (and possibly others) could crash\n wnpa-sec-2013-04 CVE-2013-1585\n\n - The DTLS dissector could crash wnpa-sec-2013-05\n CVE-2013-1586\n\n - The DCP-ETSI dissector could corrupt memory\n wnpa-sec-2013-07 CVE-2013-1588: * The Wireshark\n dissection engine could crash wnpa-sec-2013-08\n CVE-2013-1589: * The NTLMSSP dissector could overflow a\n buffer wnpa-sec-2013-09 CVE-2013-1590: Further bug fixes\n and updated protocol support as listed in :\n\nhttp://www.wireshark.org/docs/relnotes/wireshark-1.6.13.html", "modified": "2013-03-23T00:00:00", "published": "2013-02-22T00:00:00", "id": "SUSE_WIRESHARK-8467.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=64797", "title": "SuSE 10 Security Update : wireshark (ZYPP Patch Number 8467)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(64797);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2013/03/23 03:06:27 $\");\n\n script_cve_id(\"CVE-2013-1572\", \"CVE-2013-1573\", \"CVE-2013-1574\", \"CVE-2013-1575\", \"CVE-2013-1576\", \"CVE-2013-1577\", \"CVE-2013-1578\", \"CVE-2013-1579\", \"CVE-2013-1580\", \"CVE-2013-1581\", \"CVE-2013-1582\", \"CVE-2013-1583\", \"CVE-2013-1584\", \"CVE-2013-1585\", \"CVE-2013-1586\", \"CVE-2013-1588\", \"CVE-2013-1589\", \"CVE-2013-1590\");\n\n script_name(english:\"SuSE 10 Security Update : wireshark (ZYPP Patch Number 8467)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Wireshark has been updated to 1.6.13 which fixes bugs and security\nissues :\n\nThe following vulnerabilities have been fixed :\n\n - Infinite and large loops in the Bluetooth HCI, CSN.1,\n DCP-ETSI DOCSIS CM-STAUS, IEEE 802.3 Slow Protocols,\n MPLS, R3, RTPS, SDP, and SIP dissectors wnpa-sec-2013-01\n CVE-2013-1572 / CVE-2013-1573 / CVE-2013-1574 /\n CVE-2013-1575 / CVE-2013-1576 / CVE-2013-1577 /\n CVE-2013-1578 / CVE-2013-1579 / CVE-2013-1580 /\n CVE-2013-1581\n\n - The CLNP dissector could crash wnpa-sec-2013-02\n CVE-2013-1582\n\n - The DTN dissector could crash wnpa-sec-2013-03\n CVE-2013-1583 / CVE-2013-1584\n\n - The MS-MMC dissector (and possibly others) could crash\n wnpa-sec-2013-04 CVE-2013-1585\n\n - The DTLS dissector could crash wnpa-sec-2013-05\n CVE-2013-1586\n\n - The DCP-ETSI dissector could corrupt memory\n wnpa-sec-2013-07 CVE-2013-1588: * The Wireshark\n dissection engine could crash wnpa-sec-2013-08\n CVE-2013-1589: * The NTLMSSP dissector could overflow a\n buffer wnpa-sec-2013-09 CVE-2013-1590: Further bug fixes\n and updated protocol support as listed in :\n\nhttp://www.wireshark.org/docs/relnotes/wireshark-1.6.13.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1572.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1573.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1574.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1575.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1576.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1577.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1578.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1579.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1580.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1581.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1582.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1583.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1584.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1585.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1586.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1588.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1589.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1590.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 8467.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"wireshark-1.6.13-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"wireshark-1.6.13-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"wireshark-devel-1.6.13-0.5.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 2.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:15:43", "bulletinFamily": "scanner", "description": "wireshark was updated to 1.8.5 (bnc#801131), fixing bugs and security\nissues :\n\nThe following vulnerabilities have been fixed :\n\n - Infinite and large loops in the Bluetooth HCI, CSN.1,\n DCP-ETSI DOCSIS CM-STAUS, IEEE 802.3 Slow Protocols,\n MPLS, R3, RTPS, SDP, and SIP dissectors wnpa-sec-2013-01\n CVE-2013-1572 / CVE-2013-1573 / CVE-2013-1574 /\n CVE-2013-1575 / CVE-2013-1576 / CVE-2013-1577 /\n CVE-2013-1578 / CVE-2013-1579 / CVE-2013-1580 /\n CVE-2013-1581\n\n - The CLNP dissector could crash wnpa-sec-2013-02.\n (CVE-2013-1582)\n\n - The DTN dissector could crash wnpa-sec-2013-03.\n (CVE-2013-1583 / CVE-2013-1584)\n\n - The MS-MMC dissector (and possibly others) could crash\n wnpa-sec-2013-04. (CVE-2013-1585)\n\n - The DTLS dissector could crash wnpa-sec-2013-05.\n (CVE-2013-1586)\n\n - The ROHC dissector could crash wnpa-sec-2013-06.\n (CVE-2013-1587)\n\n - The DCP-ETSI dissector could corrupt memory\n wnpa-sec-2013-07. (CVE-2013-1588)\n\n - The Wireshark dissection engine could crash\n wnpa-sec-2013-08. (CVE-2013-1589)\n\n - The NTLMSSP dissector could overflow a buffer\n wnpa-sec-2013-09 CVE-2013-1590: Further bug fixes and\n updated protocol support as listed in:\n http://www.wireshark.org/docs/relnotes/wireshark-1.8.5.h\n tml", "modified": "2013-10-25T00:00:00", "published": "2013-02-22T00:00:00", "id": "SUSE_11_WIRESHARK-130206.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=64795", "title": "SuSE 11.2 Security Update : wireshark (SAT Patch Number 7317)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(64795);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2013/10/25 23:56:05 $\");\n\n script_cve_id(\"CVE-2013-1572\", \"CVE-2013-1573\", \"CVE-2013-1574\", \"CVE-2013-1575\", \"CVE-2013-1576\", \"CVE-2013-1577\", \"CVE-2013-1578\", \"CVE-2013-1579\", \"CVE-2013-1580\", \"CVE-2013-1581\", \"CVE-2013-1582\", \"CVE-2013-1583\", \"CVE-2013-1584\", \"CVE-2013-1585\", \"CVE-2013-1586\", \"CVE-2013-1587\", \"CVE-2013-1588\", \"CVE-2013-1589\", \"CVE-2013-1590\");\n\n script_name(english:\"SuSE 11.2 Security Update : wireshark (SAT Patch Number 7317)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"wireshark was updated to 1.8.5 (bnc#801131), fixing bugs and security\nissues :\n\nThe following vulnerabilities have been fixed :\n\n - Infinite and large loops in the Bluetooth HCI, CSN.1,\n DCP-ETSI DOCSIS CM-STAUS, IEEE 802.3 Slow Protocols,\n MPLS, R3, RTPS, SDP, and SIP dissectors wnpa-sec-2013-01\n CVE-2013-1572 / CVE-2013-1573 / CVE-2013-1574 /\n CVE-2013-1575 / CVE-2013-1576 / CVE-2013-1577 /\n CVE-2013-1578 / CVE-2013-1579 / CVE-2013-1580 /\n CVE-2013-1581\n\n - The CLNP dissector could crash wnpa-sec-2013-02.\n (CVE-2013-1582)\n\n - The DTN dissector could crash wnpa-sec-2013-03.\n (CVE-2013-1583 / CVE-2013-1584)\n\n - The MS-MMC dissector (and possibly others) could crash\n wnpa-sec-2013-04. (CVE-2013-1585)\n\n - The DTLS dissector could crash wnpa-sec-2013-05.\n (CVE-2013-1586)\n\n - The ROHC dissector could crash wnpa-sec-2013-06.\n (CVE-2013-1587)\n\n - The DCP-ETSI dissector could corrupt memory\n wnpa-sec-2013-07. (CVE-2013-1588)\n\n - The Wireshark dissection engine could crash\n wnpa-sec-2013-08. (CVE-2013-1589)\n\n - The NTLMSSP dissector could overflow a buffer\n wnpa-sec-2013-09 CVE-2013-1590: Further bug fixes and\n updated protocol support as listed in:\n http://www.wireshark.org/docs/relnotes/wireshark-1.8.5.h\n tml\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=801131\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1572.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1573.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1574.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1575.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1576.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1577.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1578.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1579.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1580.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1581.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1582.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1583.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1584.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1585.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1586.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1587.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1588.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1589.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1590.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 7317.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 2) audit(AUDIT_OS_NOT, \"SuSE 11.2\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"wireshark-1.8.5-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"wireshark-1.8.5-0.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"wireshark-1.8.5-0.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"wireshark-1.8.5-0.2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 2.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:15:53", "bulletinFamily": "scanner", "description": "Multiple vulnerabilities were discovered in the dissectors for the\nMS-MMS, RTPS, RTPS2, Mount, ACN, CIMD and DTLS protocols, which could\nresult in denial of service or the execution of arbitrary code.", "modified": "2018-11-10T00:00:00", "published": "2013-03-15T00:00:00", "id": "DEBIAN_DSA-2644.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=65557", "title": "Debian DSA-2644-1 : wireshark - several vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2644. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(65557);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/11/10 11:49:35\");\n\n script_cve_id(\"CVE-2013-2478\", \"CVE-2013-2480\", \"CVE-2013-2481\", \"CVE-2013-2483\", \"CVE-2013-2484\", \"CVE-2013-2488\");\n script_bugtraq_id(58340, 58351, 58355, 58356, 58357);\n script_xref(name:\"DSA\", value:\"2644\");\n\n script_name(english:\"Debian DSA-2644-1 : wireshark - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities were discovered in the dissectors for the\nMS-MMS, RTPS, RTPS2, Mount, ACN, CIMD and DTLS protocols, which could\nresult in denial of service or the execution of arbitrary code.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/wireshark\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2013/dsa-2644\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the wireshark packages.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 1.2.11-6+squeeze10.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"tshark\", reference:\"1.2.11-6+squeeze10\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"wireshark\", reference:\"1.2.11-6+squeeze10\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"wireshark-common\", reference:\"1.2.11-6+squeeze10\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"wireshark-dbg\", reference:\"1.2.11-6+squeeze10\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"wireshark-dev\", reference:\"1.2.11-6+squeeze10\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:15:52", "bulletinFamily": "scanner", "description": "The installed version of Wireshark 1.6 is earlier than 1.6.14. It is,\ntherefore, affected by the following vulnerabilities :\n\n - Errors exist in the FCSP, AMPQ, SCTP, and sFlow\n dissector that could lead to an infinite loop resulting\n in a denial of service. (Bugs 7789, 7802, 8337, 8359)\n\n - Errors exist in the CIMD, DTLS, Mount, MS-MMS, RTPS,\n and RTPS2 that could allow them to crash.\n (Bugs 8382, 8332, 8335, 8346, 8380)\n\n - The ACN dissector can attempt a divide by zero\n operation that could lead to an application crash.\n (Bug 8340)", "modified": "2018-11-15T00:00:00", "published": "2013-03-13T00:00:00", "id": "WIRESHARK_1_6_14.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=65253", "title": "Wireshark 1.6.x < 1.6.14 Multiple Vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(65253);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/11/15 20:50:29\");\n\n script_cve_id(\n \"CVE-2012-6054\",\n \"CVE-2012-6056\",\n \"CVE-2013-2478\",\n \"CVE-2013-2480\",\n \"CVE-2013-2481\",\n \"CVE-2013-2482\",\n \"CVE-2013-2483\",\n \"CVE-2013-2484\",\n \"CVE-2013-2485\",\n \"CVE-2013-2488\"\n );\n script_bugtraq_id(\n 56729,\n 58340,\n 58351,\n 58353,\n 58355,\n 58356,\n 58357,\n 58362,\n 58365\n );\n\n script_name(english:\"Wireshark 1.6.x < 1.6.14 Multiple Vulnerabilities\");\n script_summary(english:\"Does a version check\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains an application that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The installed version of Wireshark 1.6 is earlier than 1.6.14. It is,\ntherefore, affected by the following vulnerabilities :\n\n - Errors exist in the FCSP, AMPQ, SCTP, and sFlow\n dissector that could lead to an infinite loop resulting\n in a denial of service. (Bugs 7789, 7802, 8337, 8359)\n\n - Errors exist in the CIMD, DTLS, Mount, MS-MMS, RTPS,\n and RTPS2 that could allow them to crash.\n (Bugs 8382, 8332, 8335, 8346, 8380)\n\n - The ACN dissector can attempt a divide by zero\n operation that could lead to an application crash.\n (Bug 8340)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2012-32.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2012-33.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-13.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-15.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-16.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-17.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-18.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-19.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2013-22.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-1.6.14.html\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Wireshark version 1.6.14 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/01/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/01/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"wireshark_installed.nasl\");\n script_require_keys(\"SMB/Wireshark/Installed\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n# Check each install.\ninstalls = get_kb_list_or_exit(\"SMB/Wireshark/*\");\n\ninfo = '';\ninfo2 = '';\n\nforeach install(keys(installs))\n{\n if (\"/Installed\" >< install) continue;\n\n version = install - \"SMB/Wireshark/\";\n\n if (version =~ \"^1\\.6\\.([0-9]|1[0-3])($|[^0-9])\")\n info +=\n '\\n Path : ' + installs[install] +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 1.6.14\\n';\n else\n info2 += 'Version ' + version + ', under ' + installs[install] + ' ';\n}\n\n# Remove trailing space on info2\nif (strlen(info2) > 1)\n info2 = substr(info2, 0, strlen(info2) -2);\n\n# Report if any were found to be vulnerable\nif (info)\n{\n port = get_kb_item(\"SMB/transport\");\n if (!port) port = 445;\n\n if (report_verbosity > 0)\n {\n if (max_index(split(info)) > 4) s = \"s of Wireshark are\";\n else s = \" of Wireshark is\";\n\n report =\n '\\n' + 'The following vulnerable instance' + s + ' installed :' +\n '\\n' + \n info;\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nif (info2) exit(0, \"The following installed instance(s) of Wireshark are not affected : \" + info2 + \".\");\n", "cvss": {"score": 6.1, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-01-16T20:16:03", "bulletinFamily": "scanner", "description": "wireshark has been updated to 1.6.14 to fix bugs and security issues :\n\nVulnerabilities fixed :\n\n - The sFlow dissector could go into an infinite loop.\n wnpa-sec-2012-32 CVE-2012-6054: * The SCTP dissector\n could go into an infinite loop. wnpa-sec-2012-33\n CVE-2012-6056: * The MS-MMS dissector could crash.\n wnpa-sec-2013-13 CVE-2013-2478\n\n - The RTPS and RTPS2 dissectors could crash.\n wnpa-sec-2013-15 CVE-2013-2480: * The Mount dissector\n could crash. wnpa-sec-2013-16 CVE-2013-2481\n\n - The AMPQ dissector could go into an infinite loop.\n wnpa-sec-2013-17 CVE-2013-2482: * The ACN dissector\n could attempt to divide by zero. wnpa-sec-2013-18\n CVE-2013-2483: * The CIMD dissector could crash.\n wnpa-sec-2013-19 CVE-2013-2484\n\n - The FCSP dissector could go into an infinite loop.\n wnpa-sec-2013-20 CVE-2013-2485: * The DTLS dissector\n could crash. wnpa-sec-2013-22 CVE-2013-2488\n\nFurther bug fixes and updated protocol support are listed in :\n\nhttp://www.wireshark.org/docs/relnotes/wireshark-1.6.14.html", "modified": "2013-05-25T00:00:00", "published": "2013-04-29T00:00:00", "id": "SUSE_WIRESHARK-8500.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=66255", "title": "SuSE 10 Security Update : wireshark (ZYPP Patch Number 8500)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(66255);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2013/05/25 03:25:02 $\");\n\n script_cve_id(\"CVE-2012-6054\", \"CVE-2012-6056\", \"CVE-2013-2478\", \"CVE-2013-2480\", \"CVE-2013-2481\", \"CVE-2013-2482\", \"CVE-2013-2483\", \"CVE-2013-2484\", \"CVE-2013-2485\", \"CVE-2013-2488\");\n\n script_name(english:\"SuSE 10 Security Update : wireshark (ZYPP Patch Number 8500)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"wireshark has been updated to 1.6.14 to fix bugs and security issues :\n\nVulnerabilities fixed :\n\n - The sFlow dissector could go into an infinite loop.\n wnpa-sec-2012-32 CVE-2012-6054: * The SCTP dissector\n could go into an infinite loop. wnpa-sec-2012-33\n CVE-2012-6056: * The MS-MMS dissector could crash.\n wnpa-sec-2013-13 CVE-2013-2478\n\n - The RTPS and RTPS2 dissectors could crash.\n wnpa-sec-2013-15 CVE-2013-2480: * The Mount dissector\n could crash. wnpa-sec-2013-16 CVE-2013-2481\n\n - The AMPQ dissector could go into an infinite loop.\n wnpa-sec-2013-17 CVE-2013-2482: * The ACN dissector\n could attempt to divide by zero. wnpa-sec-2013-18\n CVE-2013-2483: * The CIMD dissector could crash.\n wnpa-sec-2013-19 CVE-2013-2484\n\n - The FCSP dissector could go into an infinite loop.\n wnpa-sec-2013-20 CVE-2013-2485: * The DTLS dissector\n could crash. wnpa-sec-2013-22 CVE-2013-2488\n\nFurther bug fixes and updated protocol support are listed in :\n\nhttp://www.wireshark.org/docs/relnotes/wireshark-1.6.14.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-6054.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-6056.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2478.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2480.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2481.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2482.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2483.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2484.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2485.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2488.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 8500.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"wireshark-1.6.14-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"wireshark-1.6.14-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"wireshark-devel-1.6.14-0.5.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 6.1, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-01-16T20:15:40", "bulletinFamily": "scanner", "description": "Multiple vulnerabilities were discovered in the dissectors for the\nCLNP, DTLS, DCP-ETSI and NTLMSSP protocols, which could result in\ndenial of service or the execution of arbitrary code.", "modified": "2018-11-10T00:00:00", "published": "2013-02-18T00:00:00", "id": "DEBIAN_DSA-2625.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=64649", "title": "Debian DSA-2625-1 : wireshark - several vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2625. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(64649);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/11/10 11:49:35\");\n\n script_cve_id(\"CVE-2013-1582\", \"CVE-2013-1586\", \"CVE-2013-1588\", \"CVE-2013-1590\");\n script_bugtraq_id(57615, 57618, 57621, 57625);\n script_xref(name:\"DSA\", value:\"2625\");\n\n script_name(english:\"Debian DSA-2625-1 : wireshark - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities were discovered in the dissectors for the\nCLNP, DTLS, DCP-ETSI and NTLMSSP protocols, which could result in\ndenial of service or the execution of arbitrary code.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/wireshark\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2013/dsa-2625\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the wireshark packages.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 1.2.11-6+squeeze9.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"tshark\", reference:\"1.2.11-6+squeeze9\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"wireshark\", reference:\"1.2.11-6+squeeze9\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"wireshark-common\", reference:\"1.2.11-6+squeeze9\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"wireshark-dbg\", reference:\"1.2.11-6+squeeze9\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"wireshark-dev\", reference:\"1.2.11-6+squeeze9\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:deb_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 2.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "debian": [{"lastseen": "2018-10-16T22:14:05", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2644-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nMarch 14, 2013 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : wireshark\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2013-2478 CVE-2013-2480 CVE-2013-2481 CVE-2013-2483 \n CVE-2013-2484 CVE-2013-2488\n\nMultiple vulnerabilities were discovered in the dissectors for the \nMS-MMS, RTPS, RTPS2, Mount, ACN, CIMD and DTLS protocols, which could \nresult in denial of service or the execution of arbitrary code.\n\nFor the stable distribution (squeeze), these problems have been fixed in\nversion 1.2.11-6+squeeze10.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.8.2-5.\n\nWe recommend that you upgrade your wireshark packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2013-03-14T17:57:46", "published": "2013-03-14T17:57:46", "id": "DEBIAN:DSA-2644-1:92A2D", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2013/msg00049.html", "title": "[SECURITY] [DSA 2644-1] wireshark security update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-10-16T22:14:11", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2625-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nFebruary 17, 2013 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : wireshark\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2013-1582 CVE-2013-1586 CVE-2013-1588 CVE-2013-1590\n\nMultiple vulnerabilities were discovered in the dissectors for the CLNP,\nDTLS, DCP-ETSI and NTLMSSP protocols, which could result in denial of\nservice or the execution of arbitrary code.\n\nFor the stable distribution (squeeze), these problems have been fixed in\nversion 1.2.11-6+squeeze9.\n\nFor the unstable distribution (sid), these problems will be fixed soon.\n\nWe recommend that you upgrade your wireshark packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2013-02-16T23:35:24", "published": "2013-02-16T23:35:24", "id": "DEBIAN:DSA-2625-1:06C8F", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2013/msg00030.html", "title": "[SECURITY] [DSA 2625-1] wireshark security update", "type": "debian", "cvss": {"score": 2.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-10-18T13:48:26", "bulletinFamily": "unix", "description": "Package : wireshark\nVersion : 1.12.1+g01b65bf-4+deb8u6~deb7u1\nCVE ID : CVE-2012-6052 CVE-2012-6053 CVE-2012-6054 CVE-2012-6055\n CVE-2012-6056 CVE-2012-6057 CVE-2012-6058 CVE-2012-6059\n CVE-2012-6060 CVE-2012-6061 CVE-2012-6062 CVE-2013-1572\n CVE-2013-1573 CVE-2013-1574 CVE-2013-1575 CVE-2013-1576\n CVE-2013-1577 CVE-2013-1578 CVE-2013-1579 CVE-2013-1580\n CVE-2013-1581 CVE-2013-2476 CVE-2013-2479 CVE-2013-2482\n CVE-2013-2485 CVE-2013-2486 CVE-2013-2487 CVE-2013-4079\n CVE-2013-4080 CVE-2013-4927 CVE-2013-4929 CVE-2013-4931\n CVE-2013-5719 CVE-2013-5721 CVE-2013-6339 CVE-2013-7112\n CVE-2015-6243 CVE-2015-6246 CVE-2015-6248 CVE-2016-4006\n CVE-2016-4079 CVE-2016-4080 CVE-2016-4081 CVE-2016-4082\n CVE-2016-4085\n\nMultiple vulnerabilities were discovered in the dissectors/parsers for\nPKTC, IAX2, GSM CBCH and NCP which could result in denial of service.\n\nThis update also fixes many older less important issues by updating the\npackage to the version found in Debian 8 also known as Jessie.\n\nFor Debian 7 "Wheezy", these problems have been fixed in version\n1.12.1+g01b65bf-4+deb8u6~deb7u1.\n\nWe recommend that you upgrade your wireshark packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "modified": "2016-05-31T10:22:50", "published": "2016-05-31T10:22:50", "id": "DEBIAN:DLA-497-1:1FD56", "href": "https://lists.debian.org/debian-lts-announce/2016/debian-lts-announce-201605/msg00051.html", "title": "[SECURITY] [DLA 497-1] wireshark security update", "type": "debian", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "cve": [{"lastseen": "2018-11-01T05:14:10", "bulletinFamily": "NVD", "description": "The DTLS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not validate the fragment offset before invoking the reassembly state machine, which allows remote attackers to cause a denial of service (application crash) via a large offset value that triggers write access to an invalid memory location.", "modified": "2018-10-30T12:27:34", "published": "2013-03-07T10:55:02", "id": "CVE-2013-2488", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2488", "title": "CVE-2013-2488", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-11-01T05:14:10", "bulletinFamily": "NVD", "description": "The RTPS and RTPS2 dissectors in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allow remote attackers to cause a denial of service (application crash) via a malformed packet.", "modified": "2018-10-30T12:27:34", "published": "2013-03-07T10:55:01", "id": "CVE-2013-2480", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2480", "title": "CVE-2013-2480", "type": "cve", "cvss": {"score": 3.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-09-19T13:38:41", "bulletinFamily": "NVD", "description": "The rtps_util_add_bitmap function in epan/dissectors/packet-rtps.c in the RTPS dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly implement certain nested loops for processing bitmap data, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.", "modified": "2017-09-18T21:36:08", "published": "2013-02-02T20:55:07", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1579", "id": "CVE-2013-1579", "title": "CVE-2013-1579", "type": "cve", "cvss": {"score": 2.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-09-19T13:38:41", "bulletinFamily": "NVD", "description": "Buffer overflow in the NTLMSSP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allows remote attackers to cause a denial of service (application crash) via a malformed packet.", "modified": "2017-09-18T21:36:09", "published": "2013-02-02T20:55:07", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1590", "id": "CVE-2013-1590", "title": "CVE-2013-1590", "type": "cve", "cvss": {"score": 2.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-11-01T05:14:10", "bulletinFamily": "NVD", "description": "The FCSP dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.", "modified": "2018-10-30T12:27:34", "published": "2013-03-07T10:55:01", "id": "CVE-2013-2485", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2485", "title": "CVE-2013-2485", "type": "cve", "cvss": {"score": 6.1, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-09-19T13:38:41", "bulletinFamily": "NVD", "description": "The dissect_cmstatus_tlv function in plugins/docsis/packet-cmstatus.c in the DOCSIS CM-STATUS dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 uses an incorrect data type for a position variable, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.", "modified": "2017-09-18T21:36:08", "published": "2013-02-02T20:55:07", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1580", "id": "CVE-2013-1580", "title": "CVE-2013-1580", "type": "cve", "cvss": {"score": 2.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-09-19T13:38:41", "bulletinFamily": "NVD", "description": "Double free vulnerability in epan/proto.c in the dissection engine in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allows remote attackers to cause a denial of service (application crash) via a malformed packet.", "modified": "2017-09-18T21:36:09", "published": "2013-02-02T20:55:07", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1589", "id": "CVE-2013-1589", "title": "CVE-2013-1589", "type": "cve", "cvss": {"score": 2.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-09-19T13:38:41", "bulletinFamily": "NVD", "description": "Multiple buffer overflows in the dissect_pft_fec_detailed function in the DCP-ETSI dissector in epan/dissectors/packet-dcp-etsi.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allow remote attackers to cause a denial of service (application crash) via a malformed packet.", "modified": "2017-09-18T21:36:09", "published": "2013-02-02T20:55:07", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1588", "id": "CVE-2013-1588", "title": "CVE-2013-1588", "type": "cve", "cvss": {"score": 2.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-11-01T05:14:10", "bulletinFamily": "NVD", "description": "Integer signedness error in the dissect_mount_dirpath_call function in epan/dissectors/packet-mount.c in the Mount dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6, when nfs_file_name_snooping is enabled, allows remote attackers to cause a denial of service (application crash) via a negative length value.", "modified": "2018-10-30T12:27:34", "published": "2013-03-07T10:55:01", "id": "CVE-2013-2481", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2481", "title": "CVE-2013-2481", "type": "cve", "cvss": {"score": 2.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-11-01T05:14:10", "bulletinFamily": "NVD", "description": "The dissect_server_info function in epan/dissectors/packet-ms-mms.c in the MS-MMS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not properly manage string lengths, which allows remote attackers to cause a denial of service (application crash) via a malformed packet that (1) triggers an integer overflow or (2) has embedded '\\0' characters in a string.", "modified": "2018-10-30T12:27:34", "published": "2013-03-07T10:55:01", "id": "CVE-2013-2478", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2478", "title": "CVE-2013-2478", "type": "cve", "cvss": {"score": 3.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "freebsd": [{"lastseen": "2018-08-31T01:15:03", "bulletinFamily": "unix", "description": "\nRedHat security team reports:\n\nA denial of service flaw was found in the way Distributed\n\t Relational Database Architecture (DRDA) dissector of\n\t Wireshark, a network traffic analyzer, performed processing\n\t of certain DRDA packet capture files. A remote attacker\n\t could create a specially-crafted capture file that, when\n\t opened could lead to wireshark executable to consume\n\t excessive amount of CPU time and hang with an infinite\n\t loop.\n\n", "modified": "2012-09-05T00:00:00", "published": "2012-08-21T00:00:00", "id": "5415F1B3-F33D-11E1-8BD8-0022156E8794", "href": "https://vuxml.freebsd.org/freebsd/5415f1b3-f33d-11e1-8bd8-0022156e8794.html", "title": "wireshark -- denial of service in DRDA dissector", "type": "freebsd", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:49", "bulletinFamily": "unix", "description": "### Background\n\nWireshark is a versatile network protocol analyzer.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Wireshark. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could possibly execute arbitrary code with the privileges of the process or cause a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Wireshark 1.10 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-analyzer/wireshark-1.10.1\"\n \n\nAll Wireshark 1.8 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-analyzer/wireshark-1.8.9\"", "modified": "2013-08-30T00:00:00", "published": "2013-08-28T00:00:00", "id": "GLSA-201308-05", "href": "https://security.gentoo.org/glsa/201308-05", "type": "gentoo", "title": "Wireshark: Multiple vulnerabilities", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
