CVE-2018-9272

2018-04-04T00:00:00

Description

In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-h223.c has a memory leak.

Affected Package

OS	OS Version	Package Name	Package Version
ubuntu	18.04	wireshark	2.6.3-1~ubuntu18.04.1
ubuntu	14.04	wireshark	2.6.3-1~ubuntu14.04.1
ubuntu	upstream	wireshark	any
ubuntu	16.04	wireshark	2.6.3-1~ubuntu16.04.1

{"id": "UB:CVE-2018-9272", "vendorId": null, "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2018-9272", "description": "In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13,\nepan/dissectors/packet-h223.c has a memory leak.", "published": "2018-04-04T00:00:00", "modified": "2018-04-04T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0}, "severity": "MEDIUM", "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, "href": "https://ubuntu.com/security/CVE-2018-9272", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9272", "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14487", "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6e3b90824a82724f445a0374e99f0b76e4cf5e8b", "https://www.wireshark.org/security/wnpa-sec-2018-24.html", "https://nvd.nist.gov/vuln/detail/CVE-2018-9272", "https://launchpad.net/bugs/cve/CVE-2018-9272", "https://security-tracker.debian.org/tracker/CVE-2018-9272"], "cvelist": ["CVE-2018-9272"], "immutableFields": [], "lastseen": "2022-08-04T13:50:50", "viewCount": 4, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2018-9272"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2018-9272"]}, {"type": "mageia", "idList": ["MGASA-2018-0151"]}, {"type": "nessus", "idList": ["MACOS_WIRESHARK_2_4_6.NASL", "OPENSUSE-2018-347.NASL", "SUSE_SU-2018-0980-1.NASL", "SUSE_SU-2018-0981-1.NASL", "WIRESHARK_2_4_6.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310813066", "OPENVAS:1361412562310813067"]}, {"type": "redhatcve", "idList": ["RH:CVE-2018-9272"]}]}, "score": {"value": 1.5, "vector": "NONE"}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2018-9272"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2018-9272"]}, {"type": "nessus", "idList": ["MACOS_WIRESHARK_2_4_6.NASL", "OPENSUSE-2018-347.NASL", "WIRESHARK_2_4_6.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310813066", "OPENVAS:1361412562310813067"]}, {"type": "redhatcve", "idList": ["RH:CVE-2018-9272"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2018-9272", "epss": "0.002250000", "percentile": "0.589810000", "modified": "2023-03-17"}], "vulnersScore": 1.5}, "_state": {"dependencies": 1659998956, "score": 1659903019, "epss": 1679077263}, "_internal": {"score_hash": "247506d55d877bef3b46eda36afd0538"}, "affectedPackage": [{"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "2.6.3-1~ubuntu18.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "wireshark"}, {"OS": "ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "2.6.3-1~ubuntu14.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "wireshark"}, {"OS": "ubuntu", "OSVersion": "upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needs triage", "packageName": "wireshark"}, {"OS": "ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "2.6.3-1~ubuntu16.04.1", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "wireshark"}], "bugs": []}

{"debiancve": [{"lastseen": "2023-01-23T06:10:04", "description": "In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-h223.c has a memory leak.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-04T07:29:00", "type": "debiancve", "title": "CVE-2018-9272", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-9272"], "modified": "2018-04-04T07:29:00", "id": "DEBIANCVE:CVE-2018-9272", "href": "https://security-tracker.debian.org/tracker/CVE-2018-9272", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "redhatcve": [{"lastseen": "2022-07-07T11:10:52", "description": "In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-h223.c has a memory leak.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-10T21:50:33", "type": "redhatcve", "title": "CVE-2018-9272", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-9272"], "modified": "2022-07-07T11:09:08", "id": "RH:CVE-2018-9272", "href": "https://access.redhat.com/security/cve/cve-2018-9272", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "cve": [{"lastseen": "2023-02-09T14:34:02", "description": "In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-h223.c has a memory leak.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-04T07:29:00", "type": "cve", "title": "CVE-2018-9272", "cwe": ["CWE-772"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-9272"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/a:wireshark:wireshark:2.2.13", "cpe:/a:wireshark:wireshark:2.4.5"], "id": "CVE-2018-9272", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-9272", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wireshark:wireshark:2.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.13:*:*:*:*:*:*:*"]}], "nessus": [{"lastseen": "2023-01-26T14:39:55", "description": "This update for wireshark fixes the following issues :\n\nMinor vulnerabilities that could be used to trigger dissector crashes or cause dissectors to go into large infinite loops by making Wireshark read specially crafted packages from the network or capture files (boo#1088200) :\n\n - CVE-2018-9264: ADB dissector crash \n\n - CVE-2018-9260: IEEE 802.15.4 dissector crash \n\n - CVE-2018-9261: NBAP dissector crash \n\n - CVE-2018-9262: VLAN dissector crash\n\n - CVE-2018-9256: LWAPP dissector crash\n\n - CVE-2018-9263: Kerberos dissector crash\n\n - CVE-2018-9259: MP4 dissector crash\n\n - Memory leaks in multiple dissectors: CVE-2018-9265, CVE-2018-9266, CVE-2018-9267, CVE-2018-9268, CVE-2018-9269, CVE-2018-9270, CVE-2018-9271, CVE-2018-9272, CVE-2018-9273, CVE-2018-9274\n\nThis update also contains all upstream bug fixes and updated protocol support as listed in :\n\nhttps://www.wireshark.org/docs/relnotes/wireshark-2.2.14.html", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-10T00:00:00", "type": "nessus", "title": "openSUSE Security Update : wireshark (openSUSE-2018-347)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-9256", "CVE-2018-9259", "CVE-2018-9260", "CVE-2018-9261", "CVE-2018-9262", "CVE-2018-9263", "CVE-2018-9264", "CVE-2018-9265", "CVE-2018-9266", "CVE-2018-9267", "CVE-2018-9268", "CVE-2018-9269", "CVE-2018-9270", "CVE-2018-9271", "CVE-2018-9272", "CVE-2018-9273", "CVE-2018-9274"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:wireshark", "p-cpe:/a:novell:opensuse:wireshark-debuginfo", "p-cpe:/a:novell:opensuse:wireshark-debugsource", "p-cpe:/a:novell:opensuse:wireshark-devel", "p-cpe:/a:novell:opensuse:wireshark-ui-gtk", "p-cpe:/a:novell:opensuse:wireshark-ui-gtk-debuginfo", "p-cpe:/a:novell:opensuse:wireshark-ui-qt", "p-cpe:/a:novell:opensuse:wireshark-ui-qt-debuginfo", "cpe:/o:novell:opensuse:42.3"], "id": "OPENSUSE-2018-347.NASL", "href": "https://www.tenable.com/plugins/nessus/108937", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-347.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(108937);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-9256\", \"CVE-2018-9259\", \"CVE-2018-9260\", \"CVE-2018-9261\", \"CVE-2018-9262\", \"CVE-2018-9263\", \"CVE-2018-9264\", \"CVE-2018-9265\", \"CVE-2018-9266\", \"CVE-2018-9267\", \"CVE-2018-9268\", \"CVE-2018-9269\", \"CVE-2018-9270\", \"CVE-2018-9271\", \"CVE-2018-9272\", \"CVE-2018-9273\", \"CVE-2018-9274\");\n\n script_name(english:\"openSUSE Security Update : wireshark (openSUSE-2018-347)\");\n script_summary(english:\"Check for the openSUSE-2018-347 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for wireshark fixes the following issues :\n\nMinor vulnerabilities that could be used to trigger dissector crashes\nor cause dissectors to go into large infinite loops by making\nWireshark read specially crafted packages from the network or capture\nfiles (boo#1088200) :\n\n - CVE-2018-9264: ADB dissector crash \n\n - CVE-2018-9260: IEEE 802.15.4 dissector crash \n\n - CVE-2018-9261: NBAP dissector crash \n\n - CVE-2018-9262: VLAN dissector crash\n\n - CVE-2018-9256: LWAPP dissector crash\n\n - CVE-2018-9263: Kerberos dissector crash\n\n - CVE-2018-9259: MP4 dissector crash\n\n - Memory leaks in multiple dissectors: CVE-2018-9265,\n CVE-2018-9266, CVE-2018-9267, CVE-2018-9268,\n CVE-2018-9269, CVE-2018-9270, CVE-2018-9271,\n CVE-2018-9272, CVE-2018-9273, CVE-2018-9274\n\nThis update also contains all upstream bug fixes and updated protocol\nsupport as listed in :\n\nhttps://www.wireshark.org/docs/relnotes/wireshark-2.2.14.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1088200\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.wireshark.org/docs/relnotes/wireshark-2.2.14.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wireshark packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-ui-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-ui-gtk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-ui-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-ui-qt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"wireshark-2.2.14-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"wireshark-debuginfo-2.2.14-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"wireshark-debugsource-2.2.14-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"wireshark-devel-2.2.14-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"wireshark-ui-gtk-2.2.14-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"wireshark-ui-gtk-debuginfo-2.2.14-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"wireshark-ui-qt-2.2.14-38.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"wireshark-ui-qt-debuginfo-2.2.14-38.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark / wireshark-debuginfo / wireshark-debugsource / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-25T14:36:01", "description": "This update for wireshark fixes the following issues :\n\n - Update to wireshark 2.2.14, fix such issues :\n\n - bsc#1088200 VUL-0: wireshark: multiple vulnerabilities fixed in 2.2.14, 2.4.6\n\n - CVE-2018-9256: LWAPP dissector crash\n\n - CVE-2018-9260: IEEE 802.15.4 dissector crash\n\n - CVE-2018-9261: NBAP dissector crash\n\n - CVE-2018-9262: VLAN dissector crash\n\n - CVE-2018-9263: Kerberos dissector crash\n\n - CVE-2018-9264: ADB dissector crash\n\n - CVE-2018-9265: tn3270 dissector has a memory leak\n\n - CVE-2018-9266: ISUP dissector memory leak\n\n - CVE-2018-9267: LAPD dissector memory leak\n\n - CVE-2018-9268: SMB2 dissector memory leak\n\n - CVE-2018-9269: GIOP dissector memory leak\n\n - CVE-2018-9270: OIDS dissector memory leak\n\n - CVE-2018-9271: multipart dissector memory leak\n\n - CVE-2018-9272: h223 dissector memory leak\n\n - CVE-2018-9273: pcp dissector memory leak\n\n - CVE-2018-9274: failure message memory leak\n\n - CVE-2018-9259: MP4 dissector crash\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-20T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : wireshark (SUSE-SU-2018:0981-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-9256", "CVE-2018-9259", "CVE-2018-9260", "CVE-2018-9261", "CVE-2018-9262", "CVE-2018-9263", "CVE-2018-9264", "CVE-2018-9265", "CVE-2018-9266", "CVE-2018-9267", "CVE-2018-9268", "CVE-2018-9269", "CVE-2018-9270", "CVE-2018-9271", "CVE-2018-9272", "CVE-2018-9273", "CVE-2018-9274"], "modified": "2019-09-10T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libwireshark8", "p-cpe:/a:novell:suse_linux:libwireshark8-debuginfo", "p-cpe:/a:novell:suse_linux:libwiretap6", "p-cpe:/a:novell:suse_linux:libwiretap6-debuginfo", "p-cpe:/a:novell:suse_linux:libwscodecs1", "p-cpe:/a:novell:suse_linux:libwscodecs1-debuginfo", "p-cpe:/a:novell:suse_linux:libwsutil7", "p-cpe:/a:novell:suse_linux:libwsutil7-debuginfo", "p-cpe:/a:novell:suse_linux:wireshark", "p-cpe:/a:novell:suse_linux:wireshark-debuginfo", "p-cpe:/a:novell:suse_linux:wireshark-debugsource", "p-cpe:/a:novell:suse_linux:wireshark-gtk", "p-cpe:/a:novell:suse_linux:wireshark-gtk-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2018-0981-1.NASL", "href": "https://www.tenable.com/plugins/nessus/109198", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:0981-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109198);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/09/10 13:51:47\");\n\n script_cve_id(\"CVE-2018-9256\", \"CVE-2018-9259\", \"CVE-2018-9260\", \"CVE-2018-9261\", \"CVE-2018-9262\", \"CVE-2018-9263\", \"CVE-2018-9264\", \"CVE-2018-9265\", \"CVE-2018-9266\", \"CVE-2018-9267\", \"CVE-2018-9268\", \"CVE-2018-9269\", \"CVE-2018-9270\", \"CVE-2018-9271\", \"CVE-2018-9272\", \"CVE-2018-9273\", \"CVE-2018-9274\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : wireshark (SUSE-SU-2018:0981-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for wireshark fixes the following issues :\n\n - Update to wireshark 2.2.14, fix such issues :\n\n - bsc#1088200 VUL-0: wireshark: multiple vulnerabilities\n fixed in 2.2.14, 2.4.6\n\n - CVE-2018-9256: LWAPP dissector crash\n\n - CVE-2018-9260: IEEE 802.15.4 dissector crash\n\n - CVE-2018-9261: NBAP dissector crash\n\n - CVE-2018-9262: VLAN dissector crash\n\n - CVE-2018-9263: Kerberos dissector crash\n\n - CVE-2018-9264: ADB dissector crash\n\n - CVE-2018-9265: tn3270 dissector has a memory leak\n\n - CVE-2018-9266: ISUP dissector memory leak\n\n - CVE-2018-9267: LAPD dissector memory leak\n\n - CVE-2018-9268: SMB2 dissector memory leak\n\n - CVE-2018-9269: GIOP dissector memory leak\n\n - CVE-2018-9270: OIDS dissector memory leak\n\n - CVE-2018-9271: multipart dissector memory leak\n\n - CVE-2018-9272: h223 dissector memory leak\n\n - CVE-2018-9273: pcp dissector memory leak\n\n - CVE-2018-9274: failure message memory leak\n\n - CVE-2018-9259: MP4 dissector crash\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1088200\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9256/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9259/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9260/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9261/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9262/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9263/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9264/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9265/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9266/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9267/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9268/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9269/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9270/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9271/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9272/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9273/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9274/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20180981-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?45fc2dd2\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t\npatch SUSE-SLE-SDK-12-SP3-2018-658=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2018-658=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2018-658=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwireshark8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwireshark8-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwiretap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwiretap6-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwscodecs1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwscodecs1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwsutil7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwsutil7-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-gtk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/04/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwireshark8-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwireshark8-debuginfo-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwiretap6-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwiretap6-debuginfo-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwscodecs1-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwscodecs1-debuginfo-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwsutil7-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwsutil7-debuginfo-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"wireshark-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"wireshark-debuginfo-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"wireshark-debugsource-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"wireshark-gtk-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"wireshark-gtk-debuginfo-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwireshark8-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwireshark8-debuginfo-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwiretap6-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwiretap6-debuginfo-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwscodecs1-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwscodecs1-debuginfo-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwsutil7-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwsutil7-debuginfo-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"wireshark-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"wireshark-debuginfo-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"wireshark-debugsource-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"wireshark-gtk-2.2.14-48.24.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"wireshark-gtk-debuginfo-2.2.14-48.24.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-26T14:40:10", "description": "This update for wireshark fixes the following issues :\n\n - Update to wireshark 2.2.14, fix such issues :\n\n - bsc#1088200 VUL-0: wireshark: multiple vulnerabilities fixed in 2.2.14, 2.4.6\n\n - CVE-2018-9256: LWAPP dissector crash\n\n - CVE-2018-9260: IEEE 802.15.4 dissector crash\n\n - CVE-2018-9261: NBAP dissector crash\n\n - CVE-2018-9262: VLAN dissector crash\n\n - CVE-2018-9263: Kerberos dissector crash\n\n - CVE-2018-9264: ADB dissector crash\n\n - CVE-2018-9265: tn3270 dissector has a memory leak\n\n - CVE-2018-9266: ISUP dissector memory leak\n\n - CVE-2018-9267: LAPD dissector memory leak\n\n - CVE-2018-9268: SMB2 dissector memory leak\n\n - CVE-2018-9269: GIOP dissector memory leak\n\n - CVE-2018-9270: OIDS dissector memory leak\n\n - CVE-2018-9271: multipart dissector memory leak\n\n - CVE-2018-9272: h223 dissector memory leak\n\n - CVE-2018-9273: pcp dissector memory leak\n\n - CVE-2018-9274: failure message memory leak\n\n - CVE-2018-9259: MP4 dissector crash\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-20T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : wireshark (SUSE-SU-2018:0980-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-9256", "CVE-2018-9259", "CVE-2018-9260", "CVE-2018-9261", "CVE-2018-9262", "CVE-2018-9263", "CVE-2018-9264", "CVE-2018-9265", "CVE-2018-9266", "CVE-2018-9267", "CVE-2018-9268", "CVE-2018-9269", "CVE-2018-9270", "CVE-2018-9271", "CVE-2018-9272", "CVE-2018-9273", "CVE-2018-9274"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libwireshark8", "p-cpe:/a:novell:suse_linux:libwiretap6", "p-cpe:/a:novell:suse_linux:libwscodecs1", "p-cpe:/a:novell:suse_linux:libwsutil7", "p-cpe:/a:novell:suse_linux:wireshark", "p-cpe:/a:novell:suse_linux:wireshark-gtk", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2018-0980-1.NASL", "href": "https://www.tenable.com/plugins/nessus/109197", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:0980-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(109197);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-9256\", \"CVE-2018-9259\", \"CVE-2018-9260\", \"CVE-2018-9261\", \"CVE-2018-9262\", \"CVE-2018-9263\", \"CVE-2018-9264\", \"CVE-2018-9265\", \"CVE-2018-9266\", \"CVE-2018-9267\", \"CVE-2018-9268\", \"CVE-2018-9269\", \"CVE-2018-9270\", \"CVE-2018-9271\", \"CVE-2018-9272\", \"CVE-2018-9273\", \"CVE-2018-9274\");\n\n script_name(english:\"SUSE SLES11 Security Update : wireshark (SUSE-SU-2018:0980-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for wireshark fixes the following issues :\n\n - Update to wireshark 2.2.14, fix such issues :\n\n - bsc#1088200 VUL-0: wireshark: multiple vulnerabilities\n fixed in 2.2.14, 2.4.6\n\n - CVE-2018-9256: LWAPP dissector crash\n\n - CVE-2018-9260: IEEE 802.15.4 dissector crash\n\n - CVE-2018-9261: NBAP dissector crash\n\n - CVE-2018-9262: VLAN dissector crash\n\n - CVE-2018-9263: Kerberos dissector crash\n\n - CVE-2018-9264: ADB dissector crash\n\n - CVE-2018-9265: tn3270 dissector has a memory leak\n\n - CVE-2018-9266: ISUP dissector memory leak\n\n - CVE-2018-9267: LAPD dissector memory leak\n\n - CVE-2018-9268: SMB2 dissector memory leak\n\n - CVE-2018-9269: GIOP dissector memory leak\n\n - CVE-2018-9270: OIDS dissector memory leak\n\n - CVE-2018-9271: multipart dissector memory leak\n\n - CVE-2018-9272: h223 dissector memory leak\n\n - CVE-2018-9273: pcp dissector memory leak\n\n - CVE-2018-9274: failure message memory leak\n\n - CVE-2018-9259: MP4 dissector crash\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1088200\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9256/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9259/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9260/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9261/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9262/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9263/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9264/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9265/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9266/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9267/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9268/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9269/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9270/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9271/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9272/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9273/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9274/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20180980-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?93daedc9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t\npatch sdksp4-wireshark-13566=1\n\nSUSE Linux Enterprise Server 11-SP4:zypper in -t patch\nslessp4-wireshark-13566=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch\ndbgsp4-wireshark-13566=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwireshark8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwiretap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwscodecs1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwsutil7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/04/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libwireshark8-2.2.14-40.25.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libwiretap6-2.2.14-40.25.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libwscodecs1-2.2.14-40.25.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libwsutil7-2.2.14-40.25.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"wireshark-2.2.14-40.25.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"wireshark-gtk-2.2.14-40.25.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-26T14:40:10", "description": "The version of Wireshark installed on the remote Windows host is 2.2.x prior to 2.2.14 or 2.4.x prior to 2.4.6. It is, therefore, affected by multiple vulnerabilities.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-06T00:00:00", "type": "nessus", "title": "Wireshark 2.2.x < 2.2.14 / 2.4.x < 2.4.6 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-9616", "CVE-2018-9256", "CVE-2018-9257", "CVE-2018-9258", "CVE-2018-9259", "CVE-2018-9260", "CVE-2018-9261", "CVE-2018-9262", "CVE-2018-9263", "CVE-2018-9264", "CVE-2018-9265", "CVE-2018-9266", "CVE-2018-9267", "CVE-2018-9268", "CVE-2018-9269", "CVE-2018-9270", "CVE-2018-9271", "CVE-2018-9272", "CVE-2018-9273", "CVE-2018-9274"], "modified": "2019-11-08T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "WIRESHARK_2_4_6.NASL", "href": "https://www.tenable.com/plugins/nessus/108885", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(108885);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/11/08\");\n\n script_cve_id(\n \"CVE-2017-9616\",\n \"CVE-2018-9256\",\n \"CVE-2018-9257\",\n \"CVE-2018-9258\",\n \"CVE-2018-9259\",\n \"CVE-2018-9260\",\n \"CVE-2018-9261\",\n \"CVE-2018-9262\",\n \"CVE-2018-9263\",\n \"CVE-2018-9264\",\n \"CVE-2018-9265\",\n \"CVE-2018-9266\",\n \"CVE-2018-9267\",\n \"CVE-2018-9268\",\n \"CVE-2018-9269\",\n \"CVE-2018-9270\",\n \"CVE-2018-9271\",\n \"CVE-2018-9272\",\n \"CVE-2018-9273\",\n \"CVE-2018-9274\"\n );\n script_bugtraq_id(99085);\n\n script_name(english:\"Wireshark 2.2.x < 2.2.14 / 2.4.x < 2.4.6 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of Wireshark.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote Windows host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Wireshark installed on the remote Windows host is \n2.2.x prior to 2.2.14 or 2.4.x prior to 2.4.6. It is, therefore,\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-15.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-16.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-17.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-18.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-19.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-21.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-22.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-23.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-24.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Wireshark version 2.2.14 / 2.4.6 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-9274\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"wireshark_installed.nasl\");\n script_require_keys(\"installed_sw/Wireshark\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\n\napp_info = vcf::get_app_info(app:\"Wireshark\", win_local:TRUE);\n\nconstraints = [\n { \"min_version\" : \"2.2.0\", \"fixed_version\" : \"2.2.14\" },\n { \"min_version\" : \"2.4.0\", \"fixed_version\" : \"2.4.6\" }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-26T14:39:57", "description": "The version of Wireshark installed on the remote MacOS/MacOSX host is 2.2.x prior to 2.2.14 or 2.4.x prior to 2.4.6. It is, therefore, affected by multiple vulnerabilities.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-06T00:00:00", "type": "nessus", "title": "Wireshark 2.2.x < 2.2.14 / 2.4.x < 2.4.6 Multiple Vulnerabilities (MacOS)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-9616", "CVE-2018-9256", "CVE-2018-9257", "CVE-2018-9258", "CVE-2018-9259", "CVE-2018-9260", "CVE-2018-9261", "CVE-2018-9262", "CVE-2018-9263", "CVE-2018-9264", "CVE-2018-9265", "CVE-2018-9266", "CVE-2018-9267", "CVE-2018-9268", "CVE-2018-9269", "CVE-2018-9270", "CVE-2018-9271", "CVE-2018-9272", "CVE-2018-9273", "CVE-2018-9274"], "modified": "2019-11-08T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "MACOS_WIRESHARK_2_4_6.NASL", "href": "https://www.tenable.com/plugins/nessus/108884", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(108884);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/11/08\");\n\n script_cve_id(\n \"CVE-2017-9616\",\n \"CVE-2018-9256\",\n \"CVE-2018-9257\",\n \"CVE-2018-9258\",\n \"CVE-2018-9259\",\n \"CVE-2018-9260\",\n \"CVE-2018-9261\",\n \"CVE-2018-9262\",\n \"CVE-2018-9263\",\n \"CVE-2018-9264\",\n \"CVE-2018-9265\",\n \"CVE-2018-9266\",\n \"CVE-2018-9267\",\n \"CVE-2018-9268\",\n \"CVE-2018-9269\",\n \"CVE-2018-9270\",\n \"CVE-2018-9271\",\n \"CVE-2018-9272\",\n \"CVE-2018-9273\",\n \"CVE-2018-9274\"\n );\n script_bugtraq_id(99085);\n\n script_name(english:\"Wireshark 2.2.x < 2.2.14 / 2.4.x < 2.4.6 Multiple Vulnerabilities (MacOS)\");\n script_summary(english:\"Checks the version of Wireshark.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote MacOS / MacOSX host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Wireshark installed on the remote MacOS/MacOSX host\nis 2.2.x prior to 2.2.14 or 2.4.x prior to 2.4.6. It is, therefore,\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-15.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-16.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-17.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-18.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-19.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-21.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-22.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-23.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-24.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Wireshark version 2.2.14 / 2.4.6 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-9274\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_wireshark_installed.nbin\");\n script_require_keys(\"installed_sw/Wireshark\", \"Host/MacOSX/Version\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\n\nget_kb_item_or_exit(\"Host/MacOSX/Version\");\n\napp_info = vcf::get_app_info(app:\"Wireshark\");\n\nconstraints = [\n { \"min_version\" : \"2.2.0\", \"fixed_version\" : \"2.2.14\" },\n { \"min_version\" : \"2.4.0\", \"fixed_version\" : \"2.4.6\" }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "openvas": [{"lastseen": "2019-05-29T18:32:34", "description": "This host is installed with Wireshark\n and is prone to multiple denial of service vulnerabilities.", "cvss3": {}, "published": "2018-04-05T00:00:00", "type": "openvas", "title": "Wireshark Multiple Denial of Service Vulnerabilities Apr18 (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-9261", "CVE-2018-9268", "CVE-2018-9259", "CVE-2018-9265", "CVE-2018-9269", "CVE-2018-9273", "CVE-2018-9266", "CVE-2018-9270", "CVE-2018-9272", "CVE-2018-9256", "CVE-2018-9260", "CVE-2018-9263", "CVE-2018-9267", "CVE-2018-9271", "CVE-2018-9262", "CVE-2018-9274", "CVE-2018-9264"], "modified": "2019-05-17T00:00:00", "id": "OPENVAS:1361412562310813067", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813067", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Wireshark Multiple Denial of Service Vulnerabilities Apr18 (Mac OS X)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:wireshark:wireshark\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813067\");\n script_version(\"2019-05-17T10:45:27+0000\");\n script_cve_id(\"CVE-2018-9274\", \"CVE-2018-9272\", \"CVE-2018-9273\", \"CVE-2018-9270\",\n \"CVE-2018-9271\", \"CVE-2018-9268\", \"CVE-2018-9269\", \"CVE-2018-9267\",\n \"CVE-2018-9265\", \"CVE-2018-9266\", \"CVE-2018-9263\", \"CVE-2018-9264\",\n \"CVE-2018-9262\", \"CVE-2018-9261\", \"CVE-2018-9259\", \"CVE-2018-9260\",\n \"CVE-2018-9256\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-17 10:45:27 +0000 (Fri, 17 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-04-05 16:18:35 +0530 (Thu, 05 Apr 2018)\");\n script_name(\"Wireshark Multiple Denial of Service Vulnerabilities Apr18 (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark\n and is prone to multiple denial of service vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - Multiple memory leak errors in 'ui/failure_message.c', 'epan/dissectors/packet-h223.c',\n 'epan/dissectors/packet-pcp.c', 'epan/oids.c', 'epan/dissectors/packet-multipart.c',\n 'epan/dissectors/packet-smb2.c', 'epan/dissectors/packet-lapd.c',\n 'epan/dissectors/packet-isup.c', 'epan/dissectors/packet-tn3270.c',\n 'epan/dissectors/packet-kerberos.c', 'epan/dissectors/packet-vlan.c',\n 'epan/dissectors/packet-ieee802154.c', 'epan/dissectors/file-mp4.c' and\n 'epan/dissectors/packet-lwapp.c' scripts.\n\n - Multiple heap-based buffer overflow errors in 'epan/dissectors/packet-nbap.c'\n and 'epan/dissectors/packet-adb.c' scripts.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will make Wireshark\n crash by injecting malformed packets.\");\n\n script_tag(name:\"affected\", value:\"Wireshark version 2.4.0 to 2.4.5,\n 2.2.0 to 2.2.13 on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark version 2.4.6, 2.2.14 or later. Please see the references for more information.\");\n\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/#download\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-15\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-16\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-17\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-18\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-19\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-24\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-23\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-20\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_wireshark_detect_macosx.nasl\");\n script_mandatory_keys(\"Wireshark/MacOSX/Version\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nvers = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version:vers, test_version:\"2.2.0\", test_version2:\"2.2.13\")) {\n fix = \"2.2.14\";\n}\n\nelse if(version_in_range(version:vers, test_version:\"2.4.0\", test_version2:\"2.4.5\")){\n fix = \"2.4.6\";\n}\n\nif(fix)\n{\n report = report_fixed_ver(installed_version:vers, fixed_version:fix, install_path:path);\n security_message(data:report);\n exit(0);\n}\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:32:34", "description": "This host is installed with Wireshark\n and is prone to multiple denial of service vulnerabilities.", "cvss3": {}, "published": "2018-04-05T00:00:00", "type": "openvas", "title": "Wireshark Multiple Denial of Service Vulnerabilities Apr18 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-9261", "CVE-2018-9268", "CVE-2018-9259", "CVE-2018-9265", "CVE-2018-9269", "CVE-2018-9273", "CVE-2018-9266", "CVE-2018-9270", "CVE-2018-9272", "CVE-2018-9256", "CVE-2018-9260", "CVE-2018-9263", "CVE-2018-9267", "CVE-2018-9271", "CVE-2018-9262", "CVE-2018-9274", "CVE-2018-9264"], "modified": "2019-05-17T00:00:00", "id": "OPENVAS:1361412562310813066", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813066", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Wireshark Multiple Denial of Service Vulnerabilities Apr18 (Windows)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:wireshark:wireshark\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813066\");\n script_version(\"2019-05-17T10:45:27+0000\");\n script_cve_id(\"CVE-2018-9274\", \"CVE-2018-9272\", \"CVE-2018-9273\", \"CVE-2018-9270\",\n \"CVE-2018-9271\", \"CVE-2018-9268\", \"CVE-2018-9269\", \"CVE-2018-9267\",\n \"CVE-2018-9265\", \"CVE-2018-9266\", \"CVE-2018-9263\", \"CVE-2018-9264\",\n \"CVE-2018-9262\", \"CVE-2018-9261\", \"CVE-2018-9259\", \"CVE-2018-9260\",\n \"CVE-2018-9256\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-17 10:45:27 +0000 (Fri, 17 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-04-05 16:18:35 +0530 (Thu, 05 Apr 2018)\");\n script_name(\"Wireshark Multiple Denial of Service Vulnerabilities Apr18 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Wireshark\n and is prone to multiple denial of service vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - Multiple memory leak errors in 'ui/failure_message.c', 'epan/dissectors/packet-h223.c',\n 'epan/dissectors/packet-pcp.c', 'epan/oids.c', 'epan/dissectors/packet-multipart.c',\n 'epan/dissectors/packet-smb2.c', 'epan/dissectors/packet-lapd.c',\n 'epan/dissectors/packet-isup.c', 'epan/dissectors/packet-tn3270.c',\n 'epan/dissectors/packet-kerberos.c', 'epan/dissectors/packet-vlan.c',\n 'epan/dissectors/packet-ieee802154.c', 'epan/dissectors/file-mp4.c' and\n 'epan/dissectors/packet-lwapp.c' scripts.\n\n - Multiple heap-based buffer overflow errors in 'epan/dissectors/packet-nbap.c'\n and 'epan/dissectors/packet-adb.c' scripts.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will make Wireshark\n crash by injecting malformed packets.\");\n\n script_tag(name:\"affected\", value:\"Wireshark version 2.4.0 to 2.4.5, 2.2.0 to 2.2.13 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Wireshark version 2.4.6, 2.2.14 or later. Please see the references for more information.\");\n\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/#download\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-15\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-16\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-17\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-18\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-19\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-24\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-23\");\n script_xref(name:\"URL\", value:\"https://www.wireshark.org/security/wnpa-sec-2018-20\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_wireshark_detect_win.nasl\");\n script_mandatory_keys(\"Wireshark/Win/Ver\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nvers = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version:vers, test_version:\"2.2.0\", test_version2:\"2.2.13\")) {\n fix = \"2.2.14\";\n}\n\nelse if(version_in_range(version:vers, test_version:\"2.4.0\", test_version2:\"2.4.5\")){\n fix = \"2.4.6\";\n}\n\nif(fix)\n{\n report = report_fixed_ver(installed_version:vers, fixed_version:fix, install_path:path);\n security_message(data:report);\n exit(0);\n}\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "mageia": [{"lastseen": "2022-04-18T11:19:34", "description": "The SIGCOMP dissector could crash (CVE-2018-7320). Multiple dissectors could go into large infinite loops. All ASN.1 BER dissectors, along with the DICOM, DMP, LLTD, OpenFlow, RELOAD, RPCoRDMA, RPKI-Router, S7COMM, SCCP, Thread, Thrift, USB, and WCCP dissectors were susceptible (CVE-2018-7321,CVE-2018-7322, CVE-2018-7323, CVE-2018-7324, CVE-2018-7325, CVE-2018-7326, CVE-2018-7327, CVE-2018-7328, CVE-2018-7329, CVE-2018-7330, CVE-2018-7331, CVE-2018-7332, CVE-2018-7333). The UMTS MAC dissector could crash (CVE-2018-7334). The IEEE 802.11 dissector could crash (CVE-2018-7335) The FCP dissector could crash (CVE-2018-7336). The IPMI dissector could crash (CVE-2018-7417). The SIGCOMP dissector could crash (CVE-2018-7418). The NBAP disssector could crash (CVE-2018-7419). The pcapng file parser could crash (CVE-2018-7420). The LWAPP dissector could crash (CVE-2018-9256). The MP4 dissector could crash (CVE-2018-9259). The IEEE 802.15.4 dissector could crash (CVE-2018-9260). The NBAP dissector could crash (CVE-2018-9261). The VLAN dissector could crash (CVE-2018-9262). The Kerberos dissector could crash (CVE-2018-9263). The ADB dissector could crash (CVE-2018-9264). Memory leaks in multiple dissectors (CVE-2018-9265, CVE-2018-9266, CVE-2018-9267, CVE-2018-9268, CVE-2018-9269, CVE-2018-9270, CVE-2018-9271, CVE-2018-9272, CVE-2018-9273, CVE-2018-9274). \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-02-28T13:55:21", "type": "mageia", "title": "Updated wireshark packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7320", "CVE-2018-7321", "CVE-2018-7322", "CVE-2018-7323", "CVE-2018-7324", "CVE-2018-7325", "CVE-2018-7326", "CVE-2018-7327", "CVE-2018-7328", "CVE-2018-7329", "CVE-2018-7330", "CVE-2018-7331", "CVE-2018-7332", "CVE-2018-7333", "CVE-2018-7334", "CVE-2018-7335", "CVE-2018-7336", "CVE-2018-7417", "CVE-2018-7418", "CVE-2018-7419", "CVE-2018-7420", "CVE-2018-9256", "CVE-2018-9259", "CVE-2018-9260", "CVE-2018-9261", "CVE-2018-9262", "CVE-2018-9263", "CVE-2018-9264", "CVE-2018-9265", "CVE-2018-9266", "CVE-2018-9267", "CVE-2018-9268", "CVE-2018-9269", "CVE-2018-9270", "CVE-2018-9271", "CVE-2018-9272", "CVE-2018-9273", "CVE-2018-9274"], "modified": "2018-02-28T13:55:21", "id": "MGASA-2018-0151", "href": "https://advisories.mageia.org/MGASA-2018-0151.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}]}

CVE-2018-9272

Description

Affected Package

Related