Security update for wireshark (moderate)

2020-11-08T00:00:00

Description

An update that fixes four vulnerabilities is now available. Description: This update for wireshark fixes the following issues: - Update to wireshark 3.2.7: * CVE-2020-25863: MIME Multipart dissector crash (bsc#1176908) * CVE-2020-25862: TCP dissector crash (bsc#1176909) * CVE-2020-25866: BLIP dissector crash (bsc#1176910) * CVE-2020-17498: Kafka dissector crash (bsc#1175204) This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.1: zypper in -t patch openSUSE-2020-1878=1

Affected Package

OS	OS Version	Package Name	Package Version
openSUSE Leap	15.1		- openSUSE Leap 15.1 (x86_64):

{"id": "OPENSUSE-SU-2020:1878-1", "vendorId": null, "type": "suse", "bulletinFamily": "unix", "title": "Security update for wireshark (moderate)", "description": "An update that fixes four vulnerabilities is now available.\n\nDescription:\n\n This update for wireshark fixes the following issues:\n\n - Update to wireshark 3.2.7:\n * CVE-2020-25863: MIME Multipart dissector crash (bsc#1176908)\n * CVE-2020-25862: TCP dissector crash (bsc#1176909)\n * CVE-2020-25866: BLIP dissector crash (bsc#1176910)\n * CVE-2020-17498: Kafka dissector crash (bsc#1175204)\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2020-1878=1", "published": "2020-11-08T00:00:00", "modified": "2020-11-08T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0}, "severity": "MEDIUM", "exploitabilityScore": 10.0, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4FXI56R5FRB3HAJ7KVJHFSZVF3FCUZCP/", "reporter": "Suse", "references": [], "cvelist": ["CVE-2020-17498", "CVE-2020-25862", "CVE-2020-25863", "CVE-2020-25866"], "immutableFields": [], "lastseen": "2022-06-30T18:25:44", "viewCount": 32, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2020-17498", "CVE-2020-25862", "CVE-2020-25863", "CVE-2020-25866"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2547-1:C57F2"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2020-17498", "DEBIANCVE:CVE-2020-25862", "DEBIANCVE:CVE-2020-25863", "DEBIANCVE:CVE-2020-25866"]}, {"type": "fedora", "idList": ["FEDORA:08FBA30AD117", "FEDORA:2879830C563E", "FEDORA:70EE730AF87A", "FEDORA:8216A3140404", "FEDORA:CE56C3052D8E"]}, {"type": "gentoo", "idList": ["GLSA-202008-14"]}, {"type": "kaspersky", "idList": ["KLA12078", "KLA12079"]}, {"type": "nessus", "idList": ["DEBIAN_DLA-2547.NASL", "FEDORA_2020-1B390BEC14.NASL", "FEDORA_2020-1BF4B97C16.NASL", "FEDORA_2020-2981A0224D.NASL", "FEDORA_2020-7F91F10F2B.NASL", "FEDORA_2020-9BDA6AE1CD.NASL", "GENTOO_GLSA-202008-14.NASL", "MACOSX_WIRESHARK_2_6_20.NASL", "MACOSX_WIRESHARK_3_0_14.NASL", "MACOSX_WIRESHARK_3_2_6.NASL", "MACOSX_WIRESHARK_3_2_7.NASL", "OPENSUSE-2020-1878.NASL", "OPENSUSE-2020-1882.NASL", "SUSE_SU-2020-3166-1.NASL", "WIRESHARK_2_6_20.NASL", "WIRESHARK_3_0_14.NASL", "WIRESHARK_3_2_6.NASL", "WIRESHARK_3_2_7.NASL"]}, {"type": "oracle", "idList": ["ORACLE:CPUJAN2021"]}, {"type": "redhatcve", "idList": ["RH:CVE-2020-17498", "RH:CVE-2020-25862", "RH:CVE-2020-25863", "RH:CVE-2020-25866"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2020:1882-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2020-17498", "UB:CVE-2020-25862", "UB:CVE-2020-25863", "UB:CVE-2020-25866"]}], "rev": 4}, "score": {"value": 4.3, "vector": "NONE"}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2020-17498"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2547-1:C57F2"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2020-17498", "DEBIANCVE:CVE-2020-25862", "DEBIANCVE:CVE-2020-25863", "DEBIANCVE:CVE-2020-25866"]}, {"type": "fedora", "idList": ["FEDORA:08FBA30AD117", "FEDORA:2879830C563E", "FEDORA:70EE730AF87A", "FEDORA:8216A3140404", "FEDORA:CE56C3052D8E"]}, {"type": "gentoo", "idList": ["GLSA-202008-14"]}, {"type": "kaspersky", "idList": ["KLA12078", "KLA12079"]}, {"type": "nessus", "idList": ["DEBIAN_DLA-2547.NASL", "FEDORA_2020-2981A0224D.NASL", "FEDORA_2020-7F91F10F2B.NASL", "GENTOO_GLSA-202008-14.NASL", "MACOSX_WIRESHARK_3_2_6.NASL", "WIRESHARK_3_2_6.NASL"]}, {"type": "oracle", "idList": ["ORACLE:CPUJAN2021"]}, {"type": "redhatcve", "idList": ["RH:CVE-2020-25862", "RH:CVE-2020-25863", "RH:CVE-2020-25866"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2020:1882-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2020-17498", "UB:CVE-2020-25862", "UB:CVE-2020-25863", "UB:CVE-2020-25866"]}]}, "exploitation": null, "vulnersScore": 4.3}, "_state": {"dependencies": 0}, "_internal": {}, "affectedPackage": [{"OS": "openSUSE Leap", "OSVersion": "15.1", "arch": "x86_64", "operator": "lt", "packageVersion": "- openSUSE Leap 15.1 (x86_64):", "packageFilename": "- openSUSE Leap 15.1 (x86_64):.x86_64.rpm", "packageName": ""}]}

{"suse": [{"lastseen": "2022-04-21T22:47:58", "description": "An update that fixes four vulnerabilities is now available.\n\nDescription:\n\n This update for wireshark fixes the following issues:\n\n - Update to wireshark 3.2.7:\n * CVE-2020-25863: MIME Multipart dissector crash (bsc#1176908)\n * CVE-2020-25862: TCP dissector crash (bsc#1176909)\n * CVE-2020-25866: BLIP dissector crash (bsc#1176910)\n * CVE-2020-17498: Kafka dissector crash (bsc#1175204)\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.2:\n\n zypper in -t patch openSUSE-2020-1882=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-11-09T00:00:00", "type": "suse", "title": "Security update for wireshark (moderate)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17498", "CVE-2020-25862", "CVE-2020-25863", "CVE-2020-25866"], "modified": "2020-11-09T00:00:00", "id": "OPENSUSE-SU-2020:1882-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DHPCK4MWAVMVJ2UDLVVVY3RLYSSO3M7U/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2022-06-23T15:13:09", "description": "This update for wireshark fixes the following issues :\n\n - Update to wireshark 3.2.7 :\n\n - CVE-2020-25863: MIME Multipart dissector crash (bsc#1176908)\n\n - CVE-2020-25862: TCP dissector crash (bsc#1176909)\n\n - CVE-2020-25866: BLIP dissector crash (bsc#1176910)\n\n - CVE-2020-17498: Kafka dissector crash (bsc#1175204)\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-11-12T00:00:00", "type": "nessus", "title": "openSUSE Security Update : wireshark (openSUSE-2020-1882)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-17498", "CVE-2020-25862", "CVE-2020-25863", "CVE-2020-25866"], "modified": "2020-11-20T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libwireshark13", "p-cpe:/a:novell:opensuse:libwireshark13-debuginfo", "p-cpe:/a:novell:opensuse:libwiretap10", "p-cpe:/a:novell:opensuse:libwiretap10-debuginfo", "p-cpe:/a:novell:opensuse:libwsutil11", "p-cpe:/a:novell:opensuse:libwsutil11-debuginfo", "p-cpe:/a:novell:opensuse:wireshark", "p-cpe:/a:novell:opensuse:wireshark-debuginfo", "p-cpe:/a:novell:opensuse:wireshark-debugsource", "p-cpe:/a:novell:opensuse:wireshark-devel", "p-cpe:/a:novell:opensuse:wireshark-ui-qt", "p-cpe:/a:novell:opensuse:wireshark-ui-qt-debuginfo", "cpe:/o:novell:opensuse:15.2"], "id": "OPENSUSE-2020-1882.NASL", "href": "https://www.tenable.com/plugins/nessus/142829", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-1882.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(142829);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/20\");\n\n script_cve_id(\"CVE-2020-17498\", \"CVE-2020-25862\", \"CVE-2020-25863\", \"CVE-2020-25866\");\n\n script_name(english:\"openSUSE Security Update : wireshark (openSUSE-2020-1882)\");\n script_summary(english:\"Check for the openSUSE-2020-1882 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for wireshark fixes the following issues :\n\n - Update to wireshark 3.2.7 :\n\n - CVE-2020-25863: MIME Multipart dissector crash\n (bsc#1176908)\n\n - CVE-2020-25862: TCP dissector crash (bsc#1176909)\n\n - CVE-2020-25866: BLIP dissector crash (bsc#1176910)\n\n - CVE-2020-17498: Kafka dissector crash (bsc#1175204)\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1175204\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1176908\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1176909\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1176910\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25866\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwireshark13\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwireshark13-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwiretap10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwiretap10-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwsutil11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwsutil11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-ui-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-ui-qt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libwireshark13-3.2.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libwireshark13-debuginfo-3.2.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libwiretap10-3.2.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libwiretap10-debuginfo-3.2.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libwsutil11-3.2.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libwsutil11-debuginfo-3.2.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"wireshark-3.2.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"wireshark-debuginfo-3.2.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"wireshark-debugsource-3.2.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"wireshark-devel-3.2.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"wireshark-ui-qt-3.2.7-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"wireshark-ui-qt-debuginfo-3.2.7-lp152.2.6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libwireshark13 / libwireshark13-debuginfo / libwiretap10 / etc\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-23T15:10:47", "description": "This update for wireshark fixes the following issues :\n\n - Update to wireshark 3.2.7 :\n\n - CVE-2020-25863: MIME Multipart dissector crash (bsc#1176908)\n\n - CVE-2020-25862: TCP dissector crash (bsc#1176909)\n\n - CVE-2020-25866: BLIP dissector crash (bsc#1176910)\n\n - CVE-2020-17498: Kafka dissector crash (bsc#1175204)\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-11-12T00:00:00", "type": "nessus", "title": "openSUSE Security Update : wireshark (openSUSE-2020-1878)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-17498", "CVE-2020-25862", "CVE-2020-25863", "CVE-2020-25866"], "modified": "2020-11-20T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libwireshark13", "p-cpe:/a:novell:opensuse:libwireshark13-debuginfo", "p-cpe:/a:novell:opensuse:libwiretap10", "p-cpe:/a:novell:opensuse:libwiretap10-debuginfo", "p-cpe:/a:novell:opensuse:libwsutil11", "p-cpe:/a:novell:opensuse:libwsutil11-debuginfo", "p-cpe:/a:novell:opensuse:wireshark", "p-cpe:/a:novell:opensuse:wireshark-debuginfo", "p-cpe:/a:novell:opensuse:wireshark-debugsource", "p-cpe:/a:novell:opensuse:wireshark-devel", "p-cpe:/a:novell:opensuse:wireshark-ui-qt", "p-cpe:/a:novell:opensuse:wireshark-ui-qt-debuginfo", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2020-1878.NASL", "href": "https://www.tenable.com/plugins/nessus/142838", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-1878.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(142838);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/20\");\n\n script_cve_id(\"CVE-2020-17498\", \"CVE-2020-25862\", \"CVE-2020-25863\", \"CVE-2020-25866\");\n\n script_name(english:\"openSUSE Security Update : wireshark (openSUSE-2020-1878)\");\n script_summary(english:\"Check for the openSUSE-2020-1878 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for wireshark fixes the following issues :\n\n - Update to wireshark 3.2.7 :\n\n - CVE-2020-25863: MIME Multipart dissector crash\n (bsc#1176908)\n\n - CVE-2020-25862: TCP dissector crash (bsc#1176909)\n\n - CVE-2020-25866: BLIP dissector crash (bsc#1176910)\n\n - CVE-2020-17498: Kafka dissector crash (bsc#1175204)\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1175204\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1176908\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1176909\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1176910\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25866\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwireshark13\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwireshark13-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwiretap10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwiretap10-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwsutil11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwsutil11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-ui-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-ui-qt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libwireshark13-3.2.7-lp151.2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libwireshark13-debuginfo-3.2.7-lp151.2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libwiretap10-3.2.7-lp151.2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libwiretap10-debuginfo-3.2.7-lp151.2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libwsutil11-3.2.7-lp151.2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libwsutil11-debuginfo-3.2.7-lp151.2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"wireshark-3.2.7-lp151.2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"wireshark-debuginfo-3.2.7-lp151.2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"wireshark-debugsource-3.2.7-lp151.2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"wireshark-devel-3.2.7-lp151.2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"wireshark-ui-qt-3.2.7-lp151.2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"wireshark-ui-qt-debuginfo-3.2.7-lp151.2.15.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libwireshark13 / libwireshark13-debuginfo / libwiretap10 / etc\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-23T15:16:11", "description": "This update for wireshark fixes the following issues :\n\nUpdate to wireshark 3.2.7 :\n\n - CVE-2020-25863: MIME Multipart dissector crash (bsc#1176908)\n\n - CVE-2020-25862: TCP dissector crash (bsc#1176909)\n\n - CVE-2020-25866: BLIP dissector crash (bsc#1176910)\n\n - CVE-2020-17498: Kafka dissector crash (bsc#1175204)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-12-09T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : wireshark (SUSE-SU-2020:3166-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-17498", "CVE-2020-25862", "CVE-2020-25863", "CVE-2020-25866"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libwireshark13", "p-cpe:/a:novell:suse_linux:libwireshark13-debuginfo", "p-cpe:/a:novell:suse_linux:libwiretap10", "p-cpe:/a:novell:suse_linux:libwiretap10-debuginfo", "p-cpe:/a:novell:suse_linux:libwsutil11", "p-cpe:/a:novell:suse_linux:libwsutil11-debuginfo", "p-cpe:/a:novell:suse_linux:wireshark", "p-cpe:/a:novell:suse_linux:wireshark-debuginfo", "p-cpe:/a:novell:suse_linux:wireshark-debugsource", "p-cpe:/a:novell:suse_linux:wireshark-devel", "p-cpe:/a:novell:suse_linux:wireshark-ui-qt", "p-cpe:/a:novell:suse_linux:wireshark-ui-qt-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2020-3166-1.NASL", "href": "https://www.tenable.com/plugins/nessus/143863", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:3166-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(143863);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2020-17498\", \"CVE-2020-25862\", \"CVE-2020-25863\", \"CVE-2020-25866\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : wireshark (SUSE-SU-2020:3166-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for wireshark fixes the following issues :\n\nUpdate to wireshark 3.2.7 :\n\n - CVE-2020-25863: MIME Multipart dissector crash\n (bsc#1176908)\n\n - CVE-2020-25862: TCP dissector crash (bsc#1176909)\n\n - CVE-2020-25866: BLIP dissector crash (bsc#1176910)\n\n - CVE-2020-17498: Kafka dissector crash (bsc#1175204)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1175204\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1176908\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1176909\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1176910\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-17498/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-25862/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-25863/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-25866/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20203166-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?465c7ed6\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Desktop Applications 15-SP2 :\n\nzypper in -t patch\nSUSE-SLE-Module-Desktop-Applications-15-SP2-2020-3166=1\n\nSUSE Linux Enterprise Module for Desktop Applications 15-SP1 :\n\nzypper in -t patch\nSUSE-SLE-Module-Desktop-Applications-15-SP1-2020-3166=1\n\nSUSE Linux Enterprise Module for Basesystem 15-SP2 :\n\nzypper in -t patch SUSE-SLE-Module-Basesystem-15-SP2-2020-3166=1\n\nSUSE Linux Enterprise Module for Basesystem 15-SP1 :\n\nzypper in -t patch SUSE-SLE-Module-Basesystem-15-SP1-2020-3166=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwireshark13\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwireshark13-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwiretap10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwiretap10-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwsutil11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwsutil11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-ui-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-ui-qt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(1|2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP1/2\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(1|2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP1/2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libwireshark13-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libwireshark13-debuginfo-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libwiretap10-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libwiretap10-debuginfo-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libwsutil11-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libwsutil11-debuginfo-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"wireshark-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"wireshark-debuginfo-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"wireshark-debugsource-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"wireshark-devel-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"wireshark-ui-qt-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"wireshark-ui-qt-debuginfo-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libwireshark13-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libwireshark13-debuginfo-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libwiretap10-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libwiretap10-debuginfo-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libwsutil11-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libwsutil11-debuginfo-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"wireshark-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"wireshark-debuginfo-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"wireshark-debugsource-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"wireshark-devel-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"wireshark-ui-qt-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"wireshark-ui-qt-debuginfo-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libwireshark13-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libwireshark13-debuginfo-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libwiretap10-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libwiretap10-debuginfo-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libwsutil11-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libwsutil11-debuginfo-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"wireshark-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"wireshark-debuginfo-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"wireshark-debugsource-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"wireshark-devel-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"wireshark-ui-qt-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"wireshark-ui-qt-debuginfo-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libwireshark13-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libwireshark13-debuginfo-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libwiretap10-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libwiretap10-debuginfo-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libwsutil11-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libwsutil11-debuginfo-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"wireshark-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"wireshark-debuginfo-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"wireshark-debugsource-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"wireshark-devel-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"wireshark-ui-qt-3.2.7-3.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"wireshark-ui-qt-debuginfo-3.2.7-3.41.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-23T15:07:07", "description": "The version of Wireshark installed on the remote Windows host is prior to 3.2.7. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-3.2.7 advisory.\n\n - The MIME Multipart dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.\n (CVE-2020-25863)\n\n - The TCP dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2020-25862)\n\n - The BLIP dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2020-25866)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-09-24T00:00:00", "type": "nessus", "title": "Wireshark 3.2.x < 3.2.7 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-25862", "CVE-2020-25863", "CVE-2020-25866"], "modified": "2020-11-06T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "WIRESHARK_3_2_7.NASL", "href": "https://www.tenable.com/plugins/nessus/140757", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(140757);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/06\");\n\n script_cve_id(\"CVE-2020-25862\", \"CVE-2020-25863\", \"CVE-2020-25866\");\n script_xref(name:\"IAVB\", value:\"2020-B-0059-S\");\n\n script_name(english:\"Wireshark 3.2.x < 3.2.7 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Wireshark installed on the remote Windows host is prior to 3.2.7. It is, therefore, affected by multiple\nvulnerabilities as referenced in the wireshark-3.2.7 advisory.\n\n - The MIME Multipart dissector could crash. It may be possible to make Wireshark crash by injecting a\n malformed packet onto the wire or by convincing someone to read a malformed packet trace file.\n (CVE-2020-25863)\n\n - The TCP dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet\n onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2020-25862)\n\n - The BLIP dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet\n onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2020-25866)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-3.2.7.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2020-11\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2020-12\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2020-13\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Wireshark version 3.2.7 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25866\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/09/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"wireshark_installed.nasl\");\n script_require_keys(\"installed_sw/Wireshark\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\nget_kb_item_or_exit('SMB/Registry/Enumerated');\n\napp_info = vcf::get_app_info(app:'Wireshark', win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '3.2.0', 'max_version' : '3.2.6', 'fixed_version' : '3.2.7' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-23T15:07:08", "description": "The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 3.0.14. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-3.0.14 advisory.\n\n - The MIME Multipart dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.\n (CVE-2020-25863)\n\n - The TCP dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2020-25862)\n\n - The BLIP dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2020-25866)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-09-24T00:00:00", "type": "nessus", "title": "Wireshark 3.0.x < 3.0.14 Multiple Vulnerabilities (macOS)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-25862", "CVE-2020-25863", "CVE-2020-25866"], "modified": "2020-11-06T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "MACOSX_WIRESHARK_3_0_14.NASL", "href": "https://www.tenable.com/plugins/nessus/140774", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(140774);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/06\");\n\n script_cve_id(\"CVE-2020-25862\", \"CVE-2020-25863\", \"CVE-2020-25866\");\n script_xref(name:\"IAVB\", value:\"2020-B-0059-S\");\n\n script_name(english:\"Wireshark 3.0.x < 3.0.14 Multiple Vulnerabilities (macOS)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote macOS / Mac OS X host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 3.0.14. It is, therefore, affected by\nmultiple vulnerabilities as referenced in the wireshark-3.0.14 advisory.\n\n - The MIME Multipart dissector could crash. It may be possible to make Wireshark crash by injecting a\n malformed packet onto the wire or by convincing someone to read a malformed packet trace file.\n (CVE-2020-25863)\n\n - The TCP dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet\n onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2020-25862)\n\n - The BLIP dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet\n onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2020-25866)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-3.0.14.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2020-11\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2020-12\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2020-13\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Wireshark version 3.0.14 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25866\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/09/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_wireshark_installed.nbin\");\n script_require_keys(\"installed_sw/Wireshark\", \"Host/MacOSX/Version\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp_info = vcf::get_app_info(app:'Wireshark');\n\nconstraints = [\n { 'min_version' : '3.0.0', 'max_version' : '3.0.13', 'fixed_version' : '3.0.14' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-23T15:10:14", "description": "New version 3.2.7 Security fix for CVE-2020-25862, CVE-2020-25863, CVE-2020-25866\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-10-19T00:00:00", "type": "nessus", "title": "Fedora 31 : 1:wireshark (2020-1b390bec14)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-25862", "CVE-2020-25863", "CVE-2020-25866"], "modified": "2020-10-21T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:1:wireshark", "cpe:/o:fedoraproject:fedora:31"], "id": "FEDORA_2020-1B390BEC14.NASL", "href": "https://www.tenable.com/plugins/nessus/141522", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-1b390bec14.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(141522);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/10/21\");\n\n script_cve_id(\"CVE-2020-25862\", \"CVE-2020-25863\", \"CVE-2020-25866\");\n script_xref(name:\"FEDORA\", value:\"2020-1b390bec14\");\n\n script_name(english:\"Fedora 31 : 1:wireshark (2020-1b390bec14)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"New version 3.2.7 Security fix for CVE-2020-25862, CVE-2020-25863,\nCVE-2020-25866\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-1b390bec14\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected 1:wireshark package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:31\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^31([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 31\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC31\", reference:\"wireshark-3.2.7-1.fc31\", epoch:\"1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"1:wireshark\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-23T15:04:56", "description": "The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 3.2.7. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-3.2.7 advisory.\n\n - The MIME Multipart dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.\n (CVE-2020-25863)\n\n - The TCP dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2020-25862)\n\n - The BLIP dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2020-25866)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-09-24T00:00:00", "type": "nessus", "title": "Wireshark 3.2.x < 3.2.7 Multiple Vulnerabilities (macOS)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-25862", "CVE-2020-25863", "CVE-2020-25866"], "modified": "2020-11-06T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "MACOSX_WIRESHARK_3_2_7.NASL", "href": "https://www.tenable.com/plugins/nessus/140756", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(140756);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/06\");\n\n script_cve_id(\"CVE-2020-25862\", \"CVE-2020-25863\", \"CVE-2020-25866\");\n script_xref(name:\"IAVB\", value:\"2020-B-0059-S\");\n\n script_name(english:\"Wireshark 3.2.x < 3.2.7 Multiple Vulnerabilities (macOS)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote macOS / Mac OS X host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 3.2.7. It is, therefore, affected by\nmultiple vulnerabilities as referenced in the wireshark-3.2.7 advisory.\n\n - The MIME Multipart dissector could crash. It may be possible to make Wireshark crash by injecting a\n malformed packet onto the wire or by convincing someone to read a malformed packet trace file.\n (CVE-2020-25863)\n\n - The TCP dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet\n onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2020-25862)\n\n - The BLIP dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet\n onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2020-25866)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-3.2.7.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2020-11\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2020-12\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2020-13\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Wireshark version 3.2.7 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25866\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/09/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_wireshark_installed.nbin\");\n script_require_keys(\"installed_sw/Wireshark\", \"Host/MacOSX/Version\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp_info = vcf::get_app_info(app:'Wireshark');\n\nconstraints = [\n { 'min_version' : '3.2.0', 'max_version' : '3.2.6', 'fixed_version' : '3.2.7' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-23T15:04:57", "description": "The version of Wireshark installed on the remote Windows host is prior to 3.0.14. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-3.0.14 advisory.\n\n - The MIME Multipart dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.\n (CVE-2020-25863)\n\n - The TCP dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2020-25862)\n\n - The BLIP dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2020-25866)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-09-24T00:00:00", "type": "nessus", "title": "Wireshark 3.0.x < 3.0.14 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-25862", "CVE-2020-25863", "CVE-2020-25866"], "modified": "2020-11-06T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "WIRESHARK_3_0_14.NASL", "href": "https://www.tenable.com/plugins/nessus/140775", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(140775);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/06\");\n\n script_cve_id(\"CVE-2020-25862\", \"CVE-2020-25863\", \"CVE-2020-25866\");\n script_xref(name:\"IAVB\", value:\"2020-B-0059-S\");\n\n script_name(english:\"Wireshark 3.0.x < 3.0.14 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Wireshark installed on the remote Windows host is prior to 3.0.14. It is, therefore, affected by multiple\nvulnerabilities as referenced in the wireshark-3.0.14 advisory.\n\n - The MIME Multipart dissector could crash. It may be possible to make Wireshark crash by injecting a\n malformed packet onto the wire or by convincing someone to read a malformed packet trace file.\n (CVE-2020-25863)\n\n - The TCP dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet\n onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2020-25862)\n\n - The BLIP dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet\n onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2020-25866)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-3.0.14.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2020-11\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2020-12\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2020-13\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Wireshark version 3.0.14 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25866\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/09/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"wireshark_installed.nasl\");\n script_require_keys(\"installed_sw/Wireshark\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\nget_kb_item_or_exit('SMB/Registry/Enumerated');\n\napp_info = vcf::get_app_info(app:'Wireshark', win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '3.0.0', 'max_version' : '3.0.13', 'fixed_version' : '3.0.14' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-23T15:07:23", "description": "New version 3.2.7 Security fix for CVE-2020-25862, CVE-2020-25863, CVE-2020-25866\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-10-19T00:00:00", "type": "nessus", "title": "Fedora 32 : 1:wireshark (2020-1bf4b97c16)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-25862", "CVE-2020-25863", "CVE-2020-25866"], "modified": "2020-10-21T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:1:wireshark", "cpe:/o:fedoraproject:fedora:32"], "id": "FEDORA_2020-1BF4B97C16.NASL", "href": "https://www.tenable.com/plugins/nessus/141510", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-1bf4b97c16.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(141510);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/10/21\");\n\n script_cve_id(\"CVE-2020-25862\", \"CVE-2020-25863\", \"CVE-2020-25866\");\n script_xref(name:\"FEDORA\", value:\"2020-1bf4b97c16\");\n\n script_name(english:\"Fedora 32 : 1:wireshark (2020-1bf4b97c16)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"New version 3.2.7 Security fix for CVE-2020-25862, CVE-2020-25863,\nCVE-2020-25866\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-1bf4b97c16\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected 1:wireshark package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:32\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^32([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 32\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC32\", reference:\"wireshark-3.2.7-1.fc32\", epoch:\"1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"1:wireshark\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-23T15:09:54", "description": "New version 3.2.7 Security fix for CVE-2020-25862, CVE-2020-25863, CVE-2020-25866\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-10-26T00:00:00", "type": "nessus", "title": "Fedora 33 : 1:wireshark (2020-9bda6ae1cd)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-25862", "CVE-2020-25863", "CVE-2020-25866"], "modified": "2020-10-28T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:1:wireshark", "cpe:/o:fedoraproject:fedora:33"], "id": "FEDORA_2020-9BDA6AE1CD.NASL", "href": "https://www.tenable.com/plugins/nessus/141869", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-9bda6ae1cd.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(141869);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/10/28\");\n\n script_cve_id(\"CVE-2020-25862\", \"CVE-2020-25863\", \"CVE-2020-25866\");\n script_xref(name:\"FEDORA\", value:\"2020-9bda6ae1cd\");\n\n script_name(english:\"Fedora 33 : 1:wireshark (2020-9bda6ae1cd)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"New version 3.2.7 Security fix for CVE-2020-25862, CVE-2020-25863,\nCVE-2020-25866\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-9bda6ae1cd\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected 1:wireshark package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:33\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^33([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 33\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC33\", reference:\"wireshark-3.2.7-2.fc33\", epoch:\"1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"1:wireshark\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-23T15:07:08", "description": "The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.6.20. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.6.20 advisory.\n\n - The MIME Multipart dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.\n (CVE-2020-25863)\n\n - The TCP dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2020-25862)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-09-24T00:00:00", "type": "nessus", "title": "Wireshark 2.6.x < 2.6.20 Multiple Vulnerabilities (macOS)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-25862", "CVE-2020-25863"], "modified": "2020-11-06T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "MACOSX_WIRESHARK_2_6_20.NASL", "href": "https://www.tenable.com/plugins/nessus/140776", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(140776);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/06\");\n\n script_cve_id(\"CVE-2020-25862\", \"CVE-2020-25863\");\n script_xref(name:\"IAVB\", value:\"2020-B-0059-S\");\n\n script_name(english:\"Wireshark 2.6.x < 2.6.20 Multiple Vulnerabilities (macOS)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote macOS / Mac OS X host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.6.20. It is, therefore, affected by\nmultiple vulnerabilities as referenced in the wireshark-2.6.20 advisory.\n\n - The MIME Multipart dissector could crash. It may be possible to make Wireshark crash by injecting a\n malformed packet onto the wire or by convincing someone to read a malformed packet trace file.\n (CVE-2020-25863)\n\n - The TCP dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet\n onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2020-25862)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-2.6.20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2020-11\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2020-12\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Wireshark version 2.6.20 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25863\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/09/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_wireshark_installed.nbin\");\n script_require_keys(\"installed_sw/Wireshark\", \"Host/MacOSX/Version\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp_info = vcf::get_app_info(app:'Wireshark');\n\nconstraints = [\n { 'min_version' : '2.6.0', 'max_version' : '2.6.19', 'fixed_version' : '2.6.20' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-23T15:04:58", "description": "The version of Wireshark installed on the remote Windows host is prior to 2.6.20. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.6.20 advisory.\n\n - The MIME Multipart dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.\n (CVE-2020-25863)\n\n - The TCP dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2020-25862)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-09-24T00:00:00", "type": "nessus", "title": "Wireshark 2.6.x < 2.6.20 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-25862", "CVE-2020-25863"], "modified": "2020-11-06T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "WIRESHARK_2_6_20.NASL", "href": "https://www.tenable.com/plugins/nessus/140777", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(140777);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/06\");\n\n script_cve_id(\"CVE-2020-25862\", \"CVE-2020-25863\");\n script_xref(name:\"IAVB\", value:\"2020-B-0059-S\");\n\n script_name(english:\"Wireshark 2.6.x < 2.6.20 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Wireshark installed on the remote Windows host is prior to 2.6.20. It is, therefore, affected by multiple\nvulnerabilities as referenced in the wireshark-2.6.20 advisory.\n\n - The MIME Multipart dissector could crash. It may be possible to make Wireshark crash by injecting a\n malformed packet onto the wire or by convincing someone to read a malformed packet trace file.\n (CVE-2020-25863)\n\n - The TCP dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet\n onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2020-25862)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-2.6.20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2020-11\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2020-12\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Wireshark version 2.6.20 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25863\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/09/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"wireshark_installed.nasl\");\n script_require_keys(\"installed_sw/Wireshark\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\nget_kb_item_or_exit('SMB/Registry/Enumerated');\n\napp_info = vcf::get_app_info(app:'Wireshark', win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '2.6.0', 'max_version' : '2.6.19', 'fixed_version' : '2.6.20' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-02-19T12:23:43", "description": "The remote host is affected by the vulnerability described in GLSA-202008-14 (Wireshark: Denial of service)\n\n A double free error was discovered in Wireshark’s Kafka dissector.\n Impact :\n\n A remote attacker could exploit these vulnerabilities by sending a malformed packet or enticing a user to read a malformed packet trace file, causing a Denial of Service.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": 6.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}, "published": "2020-08-27T00:00:00", "type": "nessus", "title": "GLSA-202008-14 : Wireshark: Denial of service", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-17498"], "modified": "2021-06-03T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:wireshark", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-202008-14.NASL", "href": "https://www.tenable.com/plugins/nessus/139890", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202008-14.\n#\n# The advisory text is Copyright (C) 2001-2020 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(139890);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\"CVE-2020-17498\");\n script_xref(name:\"GLSA\", value:\"202008-14\");\n script_xref(name:\"IAVB\", value:\"2020-B-0048-S\");\n\n script_name(english:\"GLSA-202008-14 : Wireshark: Denial of service\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote host is affected by the vulnerability described in GLSA-202008-14\n(Wireshark: Denial of service)\n\n A double free error was discovered in Wireshark’s Kafka dissector.\n \nImpact :\n\n A remote attacker could exploit these vulnerabilities by sending a\n malformed packet or enticing a user to read a malformed packet trace\n file, causing a Denial of Service.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"https://security.gentoo.org/glsa/202008-14\");\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"All Wireshark users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-analyzer/wireshark-3.2.6'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-17498\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/27\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-analyzer/wireshark\", unaffected:make_list(\"ge 3.2.6\"), vulnerable:make_list(\"lt 3.2.6\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Wireshark\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-02-19T12:24:23", "description": "The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 3.2.6. It is, therefore, affected by a vulnerability as referenced in the wireshark-3.2.6 advisory.\n\n - The Kafka dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2020-17498)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 6.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}, "published": "2020-08-13T00:00:00", "type": "nessus", "title": "Wireshark 3.2.x < 3.2.6 A Vulnerability (macOS)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-17498"], "modified": "2021-06-03T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "MACOSX_WIRESHARK_3_2_6.NASL", "href": "https://www.tenable.com/plugins/nessus/139572", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139572);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\"CVE-2020-17498\");\n script_xref(name:\"IAVB\", value:\"2020-B-0048-S\");\n\n script_name(english:\"Wireshark 3.2.x < 3.2.6 A Vulnerability (macOS)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote macOS / Mac OS X host is affected by a vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 3.2.6. It is, therefore, affected by\na vulnerability as referenced in the wireshark-3.2.6 advisory.\n\n - The Kafka dissector could crash. It may be possible to make Wireshark crash by injecting a malformed\n packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2020-17498)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-3.2.6.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16672\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2020-10\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Wireshark version 3.2.6 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-17498\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/08/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_wireshark_installed.nbin\");\n script_require_keys(\"installed_sw/Wireshark\", \"Host/MacOSX/Version\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp_info = vcf::get_app_info(app:'Wireshark');\n\nconstraints = [\n { 'min_version' : '3.2.0', 'max_version' : '3.2.5', 'fixed_version' : '3.2.6' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n\n\n\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:13:04", "description": "The version of Wireshark installed on the remote Windows host is prior to 3.2.6. It is, therefore, affected by a vulnerability as referenced in the wireshark-3.2.6 advisory.\n\n - The Kafka dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2020-17498)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 6.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}, "published": "2020-08-13T00:00:00", "type": "nessus", "title": "Wireshark 3.2.x < 3.2.6 A Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-17498"], "modified": "2021-06-03T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "WIRESHARK_3_2_6.NASL", "href": "https://www.tenable.com/plugins/nessus/139573", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139573);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\"CVE-2020-17498\");\n script_xref(name:\"IAVB\", value:\"2020-B-0048-S\");\n\n script_name(english:\"Wireshark 3.2.x < 3.2.6 A Vulnerability\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote Windows host is affected by a vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Wireshark installed on the remote Windows host is prior to 3.2.6. It is, therefore, affected by a\nvulnerability as referenced in the wireshark-3.2.6 advisory.\n\n - The Kafka dissector could crash. It may be possible to make Wireshark crash by injecting a malformed\n packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2020-17498)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-3.2.6.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16672\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2020-10\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Wireshark version 3.2.6 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-17498\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/08/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"wireshark_installed.nasl\");\n script_require_keys(\"installed_sw/Wireshark\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\nget_kb_item_or_exit('SMB/Registry/Enumerated');\n\napp_info = vcf::get_app_info(app:'Wireshark', win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '3.2.0', 'max_version' : '3.2.5', 'fixed_version' : '3.2.6' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n\n\n\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:13:11", "description": "New version 3.2.6, Security fix for CVE-2020-17498\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 6.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}, "published": "2020-08-28T00:00:00", "type": "nessus", "title": "Fedora 32 : 1:wireshark (2020-7f91f10f2b)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-17498"], "modified": "2021-06-03T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:1:wireshark", "cpe:/o:fedoraproject:fedora:32"], "id": "FEDORA_2020-7F91F10F2B.NASL", "href": "https://www.tenable.com/plugins/nessus/139932", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-7f91f10f2b.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(139932);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\"CVE-2020-17498\");\n script_xref(name:\"FEDORA\", value:\"2020-7f91f10f2b\");\n script_xref(name:\"IAVB\", value:\"2020-B-0048-S\");\n\n script_name(english:\"Fedora 32 : 1:wireshark (2020-7f91f10f2b)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"New version 3.2.6, Security fix for CVE-2020-17498\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-7f91f10f2b\");\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected 1:wireshark package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-17498\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:32\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/28\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^32([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 32\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC32\", reference:\"wireshark-3.2.6-1.fc32\", epoch:\"1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"1:wireshark\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:13:11", "description": "New version 3.2.6, Security fix for CVE-2020-17498\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 6.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}, "published": "2020-08-28T00:00:00", "type": "nessus", "title": "Fedora 31 : 1:wireshark (2020-2981a0224d)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-17498"], "modified": "2021-06-03T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:1:wireshark", "cpe:/o:fedoraproject:fedora:31"], "id": "FEDORA_2020-2981A0224D.NASL", "href": "https://www.tenable.com/plugins/nessus/139931", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-2981a0224d.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(139931);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\"CVE-2020-17498\");\n script_xref(name:\"FEDORA\", value:\"2020-2981a0224d\");\n script_xref(name:\"IAVB\", value:\"2020-B-0048-S\");\n\n script_name(english:\"Fedora 31 : 1:wireshark (2020-2981a0224d)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"New version 3.2.6, Security fix for CVE-2020-17498\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-2981a0224d\");\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected 1:wireshark package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-17498\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:31\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/28\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^31([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 31\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC31\", reference:\"wireshark-3.2.6-1.fc31\", epoch:\"1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"1:wireshark\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-16T14:53:48", "description": "Several vulnerabilities were fixed in Wireshark, a network sniffer.\n\nCVE-2019-13619\n\nASN.1 BER and related dissectors crash.\n\nCVE-2019-16319\n\nThe Gryphon dissector could go into an infinite loop.\n\nCVE-2019-19553\n\nThe CMS dissector could crash.\n\nCVE-2020-7045\n\nThe BT ATT dissector could crash.\n\nCVE-2020-9428\n\nThe EAP dissector could crash.\n\nCVE-2020-9430\n\nThe WiMax DLMAP dissector could crash.\n\nCVE-2020-9431\n\nThe LTE RRC dissector could leak memory.\n\nCVE-2020-11647\n\nThe BACapp dissector could crash.\n\nCVE-2020-13164\n\nThe NFS dissector could crash.\n\nCVE-2020-15466\n\nThe GVCP dissector could go into an infinite loop.\n\nCVE-2020-25862\n\nThe TCP dissector could crash.\n\nCVE-2020-25863\n\nThe MIME Multipart dissector could crash.\n\nCVE-2020-26418\n\nMemory leak in the Kafka protocol dissector.\n\nCVE-2020-26421\n\nCrash in USB HID protocol dissector.\n\nCVE-2020-26575\n\nThe Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop.\n\nCVE-2020-28030\n\nThe GQUIC dissector could crash.\n\nFor Debian 9 stretch, these problems have been fixed in version 2.6.20-0+deb9u1.\n\nWe recommend that you upgrade your wireshark packages.\n\nFor the detailed security status of wireshark please refer to its security tracker page at:\nhttps://security-tracker.debian.org/tracker/wireshark\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2021-02-08T00:00:00", "type": "nessus", "title": "Debian DLA-2547-1 : wireshark security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13619", "CVE-2019-16319", "CVE-2019-19553", "CVE-2020-11647", "CVE-2020-13164", "CVE-2020-15466", "CVE-2020-25862", "CVE-2020-25863", "CVE-2020-26418", "CVE-2020-26421", "CVE-2020-26575", "CVE-2020-28030", "CVE-2020-7045", "CVE-2020-9428", "CVE-2020-9430", "CVE-2020-9431"], "modified": "2021-02-10T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libwireshark-data", "p-cpe:/a:debian:debian_linux:libwireshark-dev", "p-cpe:/a:debian:debian_linux:libwireshark8", "p-cpe:/a:debian:debian_linux:libwiretap-dev", "p-cpe:/a:debian:debian_linux:libwiretap6", "p-cpe:/a:debian:debian_linux:libwscodecs1", "p-cpe:/a:debian:debian_linux:libwsutil-dev", "p-cpe:/a:debian:debian_linux:libwsutil7", "p-cpe:/a:debian:debian_linux:tshark", "p-cpe:/a:debian:debian_linux:wireshark", "p-cpe:/a:debian:debian_linux:wireshark-common", "p-cpe:/a:debian:debian_linux:wireshark-dev", "p-cpe:/a:debian:debian_linux:wireshark-doc", "p-cpe:/a:debian:debian_linux:wireshark-gtk", "p-cpe:/a:debian:debian_linux:wireshark-qt", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DLA-2547.NASL", "href": "https://www.tenable.com/plugins/nessus/146291", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-2547-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(146291);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/10\");\n\n script_cve_id(\"CVE-2019-13619\", \"CVE-2019-16319\", \"CVE-2019-19553\", \"CVE-2020-11647\", \"CVE-2020-13164\", \"CVE-2020-15466\", \"CVE-2020-25862\", \"CVE-2020-25863\", \"CVE-2020-26418\", \"CVE-2020-26421\", \"CVE-2020-26575\", \"CVE-2020-28030\", \"CVE-2020-7045\", \"CVE-2020-9428\", \"CVE-2020-9430\", \"CVE-2020-9431\");\n\n script_name(english:\"Debian DLA-2547-1 : wireshark security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Several vulnerabilities were fixed in Wireshark, a network sniffer.\n\nCVE-2019-13619\n\nASN.1 BER and related dissectors crash.\n\nCVE-2019-16319\n\nThe Gryphon dissector could go into an infinite loop.\n\nCVE-2019-19553\n\nThe CMS dissector could crash.\n\nCVE-2020-7045\n\nThe BT ATT dissector could crash.\n\nCVE-2020-9428\n\nThe EAP dissector could crash.\n\nCVE-2020-9430\n\nThe WiMax DLMAP dissector could crash.\n\nCVE-2020-9431\n\nThe LTE RRC dissector could leak memory.\n\nCVE-2020-11647\n\nThe BACapp dissector could crash.\n\nCVE-2020-13164\n\nThe NFS dissector could crash.\n\nCVE-2020-15466\n\nThe GVCP dissector could go into an infinite loop.\n\nCVE-2020-25862\n\nThe TCP dissector could crash.\n\nCVE-2020-25863\n\nThe MIME Multipart dissector could crash.\n\nCVE-2020-26418\n\nMemory leak in the Kafka protocol dissector.\n\nCVE-2020-26421\n\nCrash in USB HID protocol dissector.\n\nCVE-2020-26575\n\nThe Facebook Zero Protocol (aka FBZERO) dissector could enter an\ninfinite loop.\n\nCVE-2020-28030\n\nThe GQUIC dissector could crash.\n\nFor Debian 9 stretch, these problems have been fixed in version\n2.6.20-0+deb9u1.\n\nWe recommend that you upgrade your wireshark packages.\n\nFor the detailed security status of wireshark please refer to its\nsecurity tracker page at:\nhttps://security-tracker.debian.org/tracker/wireshark\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2021/02/msg00008.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/wireshark\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/wireshark\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwireshark-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwireshark-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwireshark8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwiretap-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwiretap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwscodecs1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwsutil-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libwsutil7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wireshark-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libwireshark-data\", reference:\"2.6.20-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libwireshark-dev\", reference:\"2.6.20-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libwireshark8\", reference:\"2.6.20-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libwiretap-dev\", reference:\"2.6.20-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libwiretap6\", reference:\"2.6.20-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libwscodecs1\", reference:\"2.6.20-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libwsutil-dev\", reference:\"2.6.20-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libwsutil7\", reference:\"2.6.20-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"tshark\", reference:\"2.6.20-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"wireshark\", reference:\"2.6.20-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"wireshark-common\", reference:\"2.6.20-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"wireshark-dev\", reference:\"2.6.20-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"wireshark-doc\", reference:\"2.6.20-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"wireshark-gtk\", reference:\"2.6.20-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"wireshark-qt\", reference:\"2.6.20-0+deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "kaspersky": [{"lastseen": "2021-08-18T10:58:15", "description": "### *Detect date*:\n09/23/2020\n\n### *Severity*:\nWarning\n\n### *Description*:\nDoS vulnerabilities were found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service.\n\n### *Affected products*:\nWireshark 2.6.x earlier than 2.6.20 \nWireshark 3.0.x earlier than 3.0.14 \nWireshark 3.2.x earlier than 3.2.7\n\n### *Solution*:\nUpdate to the latest version \n[Download Wireshark](<https://www.wireshark.org/download.html>)\n\n### *Original advisories*:\n[wnpa-sec-2020-13 \u00b7 BLIP dissector crash](<https://www.wireshark.org/security/wnpa-sec-2020-13.html>) \n[wnpa-sec-2020-11 \u00b7 MIME Multipart dissector crash](<https://www.wireshark.org/security/wnpa-sec-2020-11.html>) \n[wnpa-sec-2020-12 \u00b7 TCP dissector crash](<https://www.wireshark.org/security/wnpa-sec-2020-12.html>) \n\n\n### *Impacts*:\nDoS \n\n### *Related products*:\n[Wireshark](<https://threats.kaspersky.com/en/product/Wireshark/>)\n\n### *CVE-IDS*:\n[CVE-2020-25866](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25866>)5.0Critical \n[CVE-2020-25863](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25863>)5.0Critical \n[CVE-2020-25862](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25862>)5.0Critical", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-09-23T00:00:00", "type": "kaspersky", "title": "KLA12079 DoS vulnerabilties in Wireshark", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25862", "CVE-2020-25863", "CVE-2020-25866"], "modified": "2021-02-16T00:00:00", "id": "KLA12079", "href": "https://threats.kaspersky.com/en/vulnerability/KLA12079/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-18T10:58:16", "description": "### *Detect date*:\n08/12/2020\n\n### *Severity*:\nWarning\n\n### *Description*:\nA denial of service vulnerability was found in Wireshark. Malicious users can exploit this vulnerability to cause denial of service.\n\n### *Affected products*:\nWireshark 3.2.x earlier than 3.2.6\n\n### *Solution*:\nUpdate to the latest version \n[Download Wireshark](<https://www.wireshark.org/download.html>)\n\n### *Original advisories*:\n[wnpa-sec-2020-10 \u00b7 Kafka dissector crash](<https://www.wireshark.org/security/wnpa-sec-2020-10.html>) \n\n\n### *Impacts*:\nDoS \n\n### *Related products*:\n[Wireshark](<https://threats.kaspersky.com/en/product/Wireshark/>)\n\n### *CVE-IDS*:\n[CVE-2020-17498](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17498>)4.3Warning", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-08-12T00:00:00", "type": "kaspersky", "title": "KLA12078 DoS vulnerability in Wireshark", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17498"], "modified": "2021-02-16T00:00:00", "id": "KLA12078", "href": "https://threats.kaspersky.com/en/vulnerability/KLA12078/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "fedora": [{"lastseen": "2021-07-28T14:46:52", "description": "Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless (WiFi or Bluetooth) networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful features including a rich display filter language and the ability to reassemble multiple protocol packets in order to, for example, view a complete TCP stream, save the contents of a file which was transferred over HTTP or CIFS, or play back an RTP audio stream. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-10-17T14:09:37", "type": "fedora", "title": "[SECURITY] Fedora 32 Update: wireshark-3.2.7-1.fc32", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25862", "CVE-2020-25863", "CVE-2020-25866"], "modified": "2020-10-17T14:09:37", "id": "FEDORA:70EE730AF87A", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/4DQHPKZFQ7W3X34RYN3FWFYCFJD4FXJW/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-07-28T14:46:52", "description": "Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless (WiFi or Bluetooth) networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful features including a rich display filter language and the ability to reassemble multiple protocol packets in order to, for example, view a complete TCP stream, save the contents of a file which was transferred over HTTP or CIFS, or play back an RTP audio stream. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-10-17T14:24:50", "type": "fedora", "title": "[SECURITY] Fedora 31 Update: wireshark-3.2.7-1.fc31", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25862", "CVE-2020-25863", "CVE-2020-25866"], "modified": "2020-10-17T14:24:50", "id": "FEDORA:CE56C3052D8E", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/6IGRYKW4XLR44YDWTAH547ODYYBYPB2D/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-07-28T14:46:52", "description": "Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless (WiFi or Bluetooth) networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful features including a rich display filter language and the ability to reassemble multiple protocol packets in order to, for example, view a complete TCP stream, save the contents of a file which was transferred over HTTP or CIFS, or play back an RTP audio stream. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-10-23T22:23:18", "type": "fedora", "title": "[SECURITY] Fedora 33 Update: wireshark-3.2.7-2.fc33", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25862", "CVE-2020-25863", "CVE-2020-25866"], "modified": "2020-10-23T22:23:18", "id": "FEDORA:8216A3140404", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/ZUHMK5HYTUUDXA64T2TAMAFMYV674QBW/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-07-28T14:46:51", "description": "Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless (WiFi or Bluetooth) networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful features including a rich display filter language and the ability to reassemble multiple protocol packets in order to, for example, view a complete TCP stream, save the contents of a file which was transferred over HTTP or CIFS, or play back an RTP audio stream. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-08-27T14:21:28", "type": "fedora", "title": "[SECURITY] Fedora 31 Update: wireshark-3.2.6-1.fc31", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17498"], "modified": "2020-08-27T14:21:28", "id": "FEDORA:2879830C563E", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/G7LO7DAPN33FL4JQ7DDPB76SIEFGMZSQ/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-07-28T14:46:51", "description": "Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless (WiFi or Bluetooth) networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful features including a rich display filter language and the ability to reassemble multiple protocol packets in order to, for example, view a complete TCP stream, save the contents of a file which was transferred over HTTP or CIFS, or play back an RTP audio stream. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-08-27T14:31:40", "type": "fedora", "title": "[SECURITY] Fedora 32 Update: wireshark-3.2.6-1.fc32", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17498"], "modified": "2020-08-27T14:31:40", "id": "FEDORA:08FBA30AD117", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/AII7UYDPNKYE75AZL45M6HAV2COP7F6S/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "mageia": [{"lastseen": "2022-04-18T11:19:34", "description": "The TCP dissector could crash (CVE-2020-25862). The MIME Multipart dissector could crash (CVE-2020-25863). The BLIP dissector could crash (CVE-2020-25866). \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-10-16T15:44:59", "type": "mageia", "title": "Updated wireshark packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25862", "CVE-2020-25863", "CVE-2020-25866"], "modified": "2020-10-16T15:44:59", "id": "MGASA-2020-0384", "href": "https://advisories.mageia.org/MGASA-2020-0384.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "ubuntucve": [{"lastseen": "2021-11-23T21:24:07", "description": "In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol\ndissector has a NULL pointer dereference because a buffer was sized for\ncompressed (not uncompressed) messages. This was addressed in\nepan/dissectors/packet-blip.c by allowing reasonable compression ratios and\nrejecting ZIP bombs.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-10-06T00:00:00", "type": "ubuntucve", "title": "CVE-2020-25866", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25866"], "modified": "2020-10-06T00:00:00", "id": "UB:CVE-2020-25866", "href": "https://ubuntu.com/security/CVE-2020-25866", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-11-22T21:24:40", "description": "In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP\ndissector could crash. This was addressed in epan/dissectors/packet-tcp.c\nby changing the handling of the invalid 0xFFFF checksum.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-10-06T00:00:00", "type": "ubuntucve", "title": "CVE-2020-25862", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25862"], "modified": "2020-10-06T00:00:00", "id": "UB:CVE-2020-25862", "href": "https://ubuntu.com/security/CVE-2020-25862", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-11-22T21:22:50", "description": "In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME\nMultipart dissector could crash. This was addressed in\nepan/dissectors/packet-multipart.c by correcting the deallocation of\ninvalid MIME parts.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-10-06T00:00:00", "type": "ubuntucve", "title": "CVE-2020-25863", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25863"], "modified": "2020-10-06T00:00:00", "id": "UB:CVE-2020-25863", "href": "https://ubuntu.com/security/CVE-2020-25863", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-11-22T21:25:19", "description": "In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash. This\nwas addressed in epan/dissectors/packet-kafka.c by avoiding a double free\nduring LZ4 decompression.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-08-13T00:00:00", "type": "ubuntucve", "title": "CVE-2020-17498", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17498"], "modified": "2020-08-13T00:00:00", "id": "UB:CVE-2020-17498", "href": "https://ubuntu.com/security/CVE-2020-17498", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "debiancve": [{"lastseen": "2022-07-01T06:28:36", "description": "In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-10-06T15:15:00", "type": "debiancve", "title": "CVE-2020-25866", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25866"], "modified": "2020-10-06T15:15:00", "id": "DEBIANCVE:CVE-2020-25866", "href": "https://security-tracker.debian.org/tracker/CVE-2020-25866", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-01T06:28:36", "description": "In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by changing the handling of the invalid 0xFFFF checksum.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-10-06T15:15:00", "type": "debiancve", "title": "CVE-2020-25862", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25862"], "modified": "2020-10-06T15:15:00", "id": "DEBIANCVE:CVE-2020-25862", "href": "https://security-tracker.debian.org/tracker/CVE-2020-25862", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-01T06:28:36", "description": "In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. This was addressed in epan/dissectors/packet-multipart.c by correcting the deallocation of invalid MIME parts.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-10-06T15:15:00", "type": "debiancve", "title": "CVE-2020-25863", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25863"], "modified": "2020-10-06T15:15:00", "id": "DEBIANCVE:CVE-2020-25863", "href": "https://security-tracker.debian.org/tracker/CVE-2020-25863", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-01T06:28:36", "description": "In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash. This was addressed in epan/dissectors/packet-kafka.c by avoiding a double free during LZ4 decompression.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2020-08-13T16:15:00", "type": "debiancve", "title": "CVE-2020-17498", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17498"], "modified": "2020-08-13T16:15:00", "id": "DEBIANCVE:CVE-2020-17498", "href": "https://security-tracker.debian.org/tracker/CVE-2020-17498", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "cve": [{"lastseen": "2022-03-23T15:56:49", "description": "In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-10-06T15:15:00", "type": "cve", "title": "CVE-2020-25866", "cwe": ["CWE-476"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25866"], "modified": "2021-01-20T15:15:00", "cpe": ["cpe:/a:wireshark:wireshark:3.2.6", "cpe:/a:wireshark:wireshark:3.0.13"], "id": "CVE-2020-25866", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25866", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:3.0.13:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T15:56:40", "description": "In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by changing the handling of the invalid 0xFFFF checksum.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-10-06T15:15:00", "type": "cve", "title": "CVE-2020-25862", "cwe": ["CWE-354"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25862"], "modified": "2021-02-10T20:20:00", "cpe": ["cpe:/o:fedoraproject:fedora:32", "cpe:/a:wireshark:wireshark:2.6.20", "cpe:/o:opensuse:leap:15.1", "cpe:/o:debian:debian_linux:9.0", "cpe:/a:wireshark:wireshark:3.2.6", "cpe:/o:opensuse:leap:15.2", "cpe:/o:fedoraproject:fedora:31", "cpe:/o:oracle:zfs_storage_appliance_firmware:8.8", "cpe:/o:fedoraproject:fedora:33", "cpe:/a:wireshark:wireshark:3.0.13"], "id": "CVE-2020-25862", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25862", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:2.6.20:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", "cpe:2.3:o:oracle:zfs_storage_appliance_firmware:8.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:3.0.13:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T15:56:42", "description": "In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. This was addressed in epan/dissectors/packet-multipart.c by correcting the deallocation of invalid MIME parts.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-10-06T15:15:00", "type": "cve", "title": "CVE-2020-25863", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25863"], "modified": "2021-02-10T20:22:00", "cpe": ["cpe:/o:fedoraproject:fedora:32", "cpe:/a:wireshark:wireshark:2.6.20", "cpe:/o:opensuse:leap:15.1", "cpe:/o:debian:debian_linux:9.0", "cpe:/a:wireshark:wireshark:3.2.6", "cpe:/o:opensuse:leap:15.2", "cpe:/o:fedoraproject:fedora:31", "cpe:/o:oracle:zfs_storage_appliance_firmware:8.8", "cpe:/o:fedoraproject:fedora:33", "cpe:/a:wireshark:wireshark:3.0.13"], "id": "CVE-2020-25863", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25863", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:2.6.20:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", "cpe:2.3:o:oracle:zfs_storage_appliance_firmware:8.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:3.0.13:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T14:39:48", "description": "In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash. This was addressed in epan/dissectors/packet-kafka.c by avoiding a double free during LZ4 decompression.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2020-08-13T16:15:00", "type": "cve", "title": "CVE-2020-17498", "cwe": ["CWE-415"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17498"], "modified": "2021-01-20T15:15:00", "cpe": [], "id": "CVE-2020-17498", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-17498", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": []}], "redhatcve": [{"lastseen": "2022-06-08T08:05:31", "description": "In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-10-07T15:06:17", "type": "redhatcve", "title": "CVE-2020-25866", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25866"], "modified": "2022-06-08T07:54:24", "id": "RH:CVE-2020-25866", "href": "https://access.redhat.com/security/cve/cve-2020-25866", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-08T08:05:30", "description": "In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by changing the handling of the invalid 0xFFFF checksum.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-10-07T14:36:09", "type": "redhatcve", "title": "CVE-2020-25862", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25862"], "modified": "2022-06-08T07:54:27", "id": "RH:CVE-2020-25862", "href": "https://access.redhat.com/security/cve/cve-2020-25862", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-08T08:05:29", "description": "In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. This was addressed in epan/dissectors/packet-multipart.c by correcting the deallocation of invalid MIME parts.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-10-07T14:36:09", "type": "redhatcve", "title": "CVE-2020-25863", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25863"], "modified": "2022-06-08T07:54:19", "id": "RH:CVE-2020-25863", "href": "https://access.redhat.com/security/cve/cve-2020-25863", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-08T08:06:05", "description": "In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash. This was addressed in epan/dissectors/packet-kafka.c by avoiding a double free during LZ4 decompression.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2020-08-14T07:14:12", "type": "redhatcve", "title": "CVE-2020-17498", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17498"], "modified": "2022-06-08T07:46:27", "id": "RH:CVE-2020-17498", "href": "https://access.redhat.com/security/cve/cve-2020-17498", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "gentoo": [{"lastseen": "2022-01-17T19:01:44", "description": "### Background\n\nWireshark is a network protocol analyzer formerly known as ethereal.\n\n### Description\n\nA double free error was discovered in Wireshark\u2019s Kafka dissector.\n\n### Impact\n\nA remote attacker could exploit these vulnerabilities by sending a malformed packet or enticing a user to read a malformed packet trace file, causing a Denial of Service. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Wireshark users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-analyzer/wireshark-3.2.6\"", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-08-26T00:00:00", "type": "gentoo", "title": "Wireshark: Denial of service", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17498"], "modified": "2020-08-26T00:00:00", "id": "GLSA-202008-14", "href": "https://security.gentoo.org/glsa/202008-14", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "debian": [{"lastseen": "2022-01-05T02:31:15", "description": "- -------------------------------------------------------------------------\nDebian LTS Advisory DLA-2547-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Adrian Bunk\nFebruary 06, 2021 https://wiki.debian.org/LTS\n- -------------------------------------------------------------------------\n\nPackage : wireshark\nVersion : 2.6.20-0+deb9u1\nCVE ID : CVE-2019-13619 CVE-2019-16319 CVE-2019-19553 CVE-2020-7045\n CVE-2020-9428 CVE-2020-9430 CVE-2020-9431 CVE-2020-11647\n CVE-2020-13164 CVE-2020-15466 CVE-2020-25862 CVE-2020-25863\n CVE-2020-26418 CVE-2020-26421 CVE-2020-26575 CVE-2020-28030\nDebian Bug : 958213 974688 974689\n\nSeveral vulnerabilities were fixed in Wireshark, a network sniffer.\n\nCVE-2019-13619\n\n ASN.1 BER and related dissectors crash.\n\nCVE-2019-16319\n\n The Gryphon dissector could go into an infinite loop.\n\nCVE-2019-19553\n\n The CMS dissector could crash.\n\nCVE-2020-7045\n\n The BT ATT dissector could crash.\n\nCVE-2020-9428\n\n The EAP dissector could crash.\n\nCVE-2020-9430\n\n The WiMax DLMAP dissector could crash.\n\nCVE-2020-9431\n\n The LTE RRC dissector could leak memory.\n\nCVE-2020-11647\n\n The BACapp dissector could crash.\n\nCVE-2020-13164\n\n The NFS dissector could crash.\n\nCVE-2020-15466\n\n The GVCP dissector could go into an infinite loop.\n\nCVE-2020-25862\n\n The TCP dissector could crash.\n\nCVE-2020-25863\n\n The MIME Multipart dissector could crash.\n\nCVE-2020-26418\n\n Memory leak in the Kafka protocol dissector.\n\nCVE-2020-26421\n\n Crash in USB HID protocol dissector.\n\nCVE-2020-26575\n\n The Facebook Zero Protocol (aka FBZERO) dissector\n could enter an infinite loop.\n\nCVE-2020-28030\n\n The GQUIC dissector could crash.\n\nFor Debian 9 stretch, these problems have been fixed in version\n2.6.20-0+deb9u1.\n\nWe recommend that you upgrade your wireshark packages.\n\nFor the detailed security status of wireshark please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/wireshark\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-02-06T20:32:39", "type": "debian", "title": "[SECURITY] [DLA 2547-1] wireshark security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-13619", "CVE-2019-16319", "CVE-2019-19553", "CVE-2020-11647", "CVE-2020-13164", "CVE-2020-15466", "CVE-2020-25862", "CVE-2020-25863", "CVE-2020-26418", "CVE-2020-26421", "CVE-2020-26575", "CVE-2020-28030", "CVE-2020-7045", "CVE-2020-9428", "CVE-2020-9430", "CVE-2020-9431"], "modified": "2021-02-06T20:32:39", "id": "DEBIAN:DLA-2547-1:C57F2", "href": "https://lists.debian.org/debian-lts-announce/2021/02/msg00008.html", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "oracle": [{"lastseen": "2021-10-22T15:44:15", "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches address vulnerabilities in Oracle code and in third-party components included in Oracle products. These patches are usually cumulative, but each advisory describes only the security patches added since the previous Critical Patch Update Advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security patches. Refer to [\u201cCritical Patch Updates, Security Alerts and Bulletins\u201d](<https://www.oracle.com/security-alerts/>) for information about Oracle Security advisories. \n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released security patches. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update security patches without delay.**\n\nThis Critical Patch Update contains 329 new security patches across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ January 2021 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/rs?type=doc&id=2739494.1>).\n\n**Please note that since the release of the October 2020 Critical Patch Update, Oracle has released a Security Alert for Oracle WebLogic Server: [CVE-2020-14750 (November 1, 2020)](<https://www.oracle.com/security-alerts/alert-cve-2020-14750.html>). Customers are strongly advised to apply this Critical Patch Update, which includes patches for this Alert as well as additional patches.**\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-01-19T00:00:00", "type": "oracle", "title": "Oracle Critical Patch Update Advisory - January 2021", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2098", "CVE-2015-4000", "CVE-2015-8965", "CVE-2016-1000031", "CVE-2016-5725", "CVE-2017-12626", "CVE-2017-5611", "CVE-2017-5645", "CVE-2017-8028", "CVE-2018-0732", "CVE-2018-10237", "CVE-2018-11775", "CVE-2018-1258", "CVE-2018-1285", "CVE-2018-15756", "CVE-2018-20781", "CVE-2018-2587", "CVE-2018-7318", "CVE-2018-8032", "CVE-2018-9019", "CVE-2019-0188", "CVE-2019-0227", "CVE-2019-0230", "CVE-2019-0233", "CVE-2019-10086", "CVE-2019-10173", "CVE-2019-10246", "CVE-2019-10247", "CVE-2019-10744", "CVE-2019-11135", "CVE-2019-11269", "CVE-2019-11358", "CVE-2019-12399", "CVE-2019-12402", "CVE-2019-12415", "CVE-2019-13990", "CVE-2019-14862", "CVE-2019-1551", "CVE-2019-1559", "CVE-2019-17091", "CVE-2019-17195", "CVE-2019-17359", "CVE-2019-17563", "CVE-2019-17566", "CVE-2019-17569", "CVE-2019-20892", "CVE-2019-20907", "CVE-2019-2697", "CVE-2019-3773", "CVE-2019-3778", "CVE-2019-5427", "CVE-2019-7164", "CVE-2019-7548", "CVE-2019-9511", "CVE-2019-9513", "CVE-2020-10531", "CVE-2020-10543", "CVE-2020-10650", "CVE-2020-10672", "CVE-2020-10673", "CVE-2020-10683", "CVE-2020-10722", "CVE-2020-10723", "CVE-2020-10724", "CVE-2020-10725", "CVE-2020-10726", "CVE-2020-10878", "CVE-2020-10968", "CVE-2020-10969", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-11080", "CVE-2020-11111", "CVE-2020-11112", "CVE-2020-11113", "CVE-2020-11612", "CVE-2020-11619", "CVE-2020-11620", "CVE-2020-11655", "CVE-2020-11656", "CVE-2020-11971", "CVE-2020-11972", "CVE-2020-11973", "CVE-2020-11979", "CVE-2020-11984", "CVE-2020-11985", "CVE-2020-11993", "CVE-2020-11994", "CVE-2020-11996", "CVE-2020-11998", "CVE-2020-12723", "CVE-2020-13254", "CVE-2020-13596", "CVE-2020-13871", "CVE-2020-13934", "CVE-2020-13935", "CVE-2020-13954", "CVE-2020-14060", "CVE-2020-14061", "CVE-2020-14062", "CVE-2020-14147", "CVE-2020-14195", "CVE-2020-14422", "CVE-2020-14750", "CVE-2020-14756", "CVE-2020-14803", "CVE-2020-15025", "CVE-2020-15358", "CVE-2020-17498", "CVE-2020-17521", "CVE-2020-17530", "CVE-2020-1935", "CVE-2020-1938", "CVE-2020-1945", "CVE-2020-1967", "CVE-2020-1968", "CVE-2020-1971", "CVE-2020-24583", "CVE-2020-24584", "CVE-2020-24616", "CVE-2020-24750", "CVE-2020-25020", "CVE-2020-2555", "CVE-2020-25862", "CVE-2020-25863", "CVE-2020-25866", "CVE-2020-26575", "CVE-2020-27216", "CVE-2020-35460", "CVE-2020-5398", "CVE-2020-5407", "CVE-2020-5408", "CVE-2020-5421", "CVE-2020-7064", "CVE-2020-8172", "CVE-2020-8174", "CVE-2020-8265", "CVE-2020-8277", "CVE-2020-8287", "CVE-2020-9281", "CVE-2020-9327", "CVE-2020-9484", "CVE-2020-9488", "CVE-2020-9490", "CVE-2020-9546", "CVE-2020-9547", "CVE-2020-9548", "CVE-2021-1993", "CVE-2021-1994", "CVE-2021-1995", "CVE-2021-1996", "CVE-2021-1997", "CVE-2021-1998", "CVE-2021-1999", "CVE-2021-2000", "CVE-2021-2001", "CVE-2021-2002", "CVE-2021-2003", "CVE-2021-2004", "CVE-2021-2005", "CVE-2021-2006", "CVE-2021-2007", "CVE-2021-2009", "CVE-2021-2010", "CVE-2021-2011", "CVE-2021-2012", "CVE-2021-2013", "CVE-2021-2014", "CVE-2021-2015", "CVE-2021-2016", "CVE-2021-2017", "CVE-2021-2018", "CVE-2021-2019", "CVE-2021-2020", "CVE-2021-2021", "CVE-2021-2022", "CVE-2021-2023", "CVE-2021-2024", "CVE-2021-2025", "CVE-2021-2026", "CVE-2021-2027", "CVE-2021-2028", "CVE-2021-2029", "CVE-2021-2030", "CVE-2021-2031", "CVE-2021-2032", "CVE-2021-2033", "CVE-2021-2034", "CVE-2021-2035", "CVE-2021-2036", "CVE-2021-2038", "CVE-2021-2039", "CVE-2021-2040", "CVE-2021-2041", "CVE-2021-2042", "CVE-2021-2043", "CVE-2021-2044", "CVE-2021-2045", "CVE-2021-2046", "CVE-2021-2047", "CVE-2021-2048", "CVE-2021-2049", "CVE-2021-2050", "CVE-2021-2051", "CVE-2021-2052", "CVE-2021-2054", "CVE-2021-2055", "CVE-2021-2056", "CVE-2021-2057", "CVE-2021-2058", "CVE-2021-2059", "CVE-2021-2060", "CVE-2021-2061", "CVE-2021-2062", "CVE-2021-2063", "CVE-2021-2064", "CVE-2021-2065", "CVE-2021-2066", "CVE-2021-2067", "CVE-2021-2068", "CVE-2021-2069", "CVE-2021-2070", "CVE-2021-2071", "CVE-2021-2072", "CVE-2021-2073", "CVE-2021-2074", "CVE-2021-2075", "CVE-2021-2076", "CVE-2021-2077", "CVE-2021-2078", "CVE-2021-2079", "CVE-2021-2080", "CVE-2021-2081", "CVE-2021-2082", "CVE-2021-2083", "CVE-2021-2084", "CVE-2021-2085", "CVE-2021-2086", "CVE-2021-2087", "CVE-2021-2088", "CVE-2021-2089", "CVE-2021-2090", "CVE-2021-2091", "CVE-2021-2092", "CVE-2021-2093", "CVE-2021-2094", "CVE-2021-2096", "CVE-2021-2097", "CVE-2021-2098", "CVE-2021-2099", "CVE-2021-2100", "CVE-2021-2101", "CVE-2021-2102", "CVE-2021-2103", "CVE-2021-2104", "CVE-2021-2105", "CVE-2021-2106", "CVE-2021-2107", "CVE-2021-2108", "CVE-2021-2109", "CVE-2021-2110", "CVE-2021-2111", "CVE-2021-2112", "CVE-2021-2113", "CVE-2021-2114", "CVE-2021-2115", "CVE-2021-2116", "CVE-2021-2117", "CVE-2021-2118", "CVE-2021-2119", "CVE-2021-2120", "CVE-2021-2121", "CVE-2021-2122", "CVE-2021-2123", "CVE-2021-2124", "CVE-2021-2125", "CVE-2021-2126", "CVE-2021-2127", "CVE-2021-2128", "CVE-2021-2129", "CVE-2021-2130", "CVE-2021-2131"], "modified": "2021-02-22T00:00:00", "id": "ORACLE:CPUJAN2021", "href": "https://www.oracle.com/security-alerts/cpujan2021.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}]}