DATABASE RESOURCES PRICING ABOUT US

{"id": "VERACODE:33960", "vendorId": null, "type": "veracode", "bulletinFamily": "software", "title": "Denial Of Service (DoS)", "description": "wireshark:edge is vulnerable to denial of service. Crash in the RFC 7468 dissector allows denial of service via packet injection or crafted capture file.\n", "published": "2022-01-29T22:24:07", "modified": "2022-11-04T20:44:13", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0}, "severity": "MEDIUM", "exploitabilityScore": 10.0, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-33960/summary", "reporter": "Veracode Vulnerability Database", "references": ["https://secdb.alpinelinux.org/edge/community.yaml", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R5AEK3XTOIOGCGUILUFISMGX54YJXWGJ/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6XGBKWSQFCVYUN4ZK3O3NJIFP3OAFVT/", "https://security.gentoo.org/glsa/202210-04", "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-4182.json", "https://gitlab.com/wireshark/wireshark/-/issues/17801", "https://www.oracle.com/security-alerts/cpuapr2022.html", "https://www.wireshark.org/security/wnpa-sec-2021-20.html"], "cvelist": ["CVE-2021-4182"], "immutableFields": [], "lastseen": "2022-11-07T13:00:53", "viewCount": 7, "enchantments": {"score": {"value": 2.9, "vector": "NONE"}, "dependencies": {"references": [{"type": "alpinelinux", "idList": ["ALPINE:CVE-2021-4182"]}, {"type": "cnvd", "idList": ["CNVD-2022-11201"]}, {"type": "cve", "idList": ["CVE-2021-4182"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-4182"]}, {"type": "fedora", "idList": ["FEDORA:538BB3108D82", "FEDORA:B573030E403A"]}, {"type": "gentoo", "idList": ["GLSA-202210-04"]}, {"type": "mageia", "idList": ["MGASA-2022-0004"]}, {"type": "nessus", "idList": ["AL2022_ALAS2022-2022-079.NASL", "GENTOO_GLSA-202210-04.NASL", "MACOSX_WIRESHARK_3_4_11.NASL", "MACOSX_WIRESHARK_3_6_1.NASL", "OPENSUSE-2022-0375-1.NASL", "SUSE_SU-2022-0375-1.NASL", "WIRESHARK_3_4_11.NASL", "WIRESHARK_3_6_1.NASL"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2022"]}, {"type": "photon", "idList": ["PHSA-2022-0145", "PHSA-2022-0352"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-4182"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2022:0375-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-4182"]}]}, "epss": [{"cve": "CVE-2021-4182", "epss": "0.001080000", "percentile": "0.420100000", "modified": "2023-03-19"}], "vulnersScore": 2.9}, "_state": {"score": 1684014194, "dependencies": 1667826150, "affected_software_major_version": 1667827688, "epss": 1679291388}, "_internal": {"score_hash": "7f91b4aae090517050a782b629138947"}, "affectedSoftware": [{"version": "3.4.8-r0", "operator": "eq", "name": "wireshark:edge"}, {"version": "3.4.6-r0", "operator": "eq", "name": "wireshark:edge"}, {"version": "3.4.7-r0", "operator": "eq", "name": "wireshark:edge"}, {"version": "3.4.3-r0", "operator": "eq", "name": "wireshark:edge"}, {"version": "3.4.5-r0", "operator": "eq", "name": "wireshark:edge"}, {"version": "3.2.2-r0", "operator": "eq", "name": "wireshark:edge"}, {"version": "3.4.4-r0", "operator": "eq", "name": "wireshark:edge"}, {"version": "3.2.4-r0", "operator": "eq", "name": "wireshark:edge"}, {"version": "3.2.3-r1", "operator": "eq", "name": "wireshark:edge"}, {"version": "3.4.9-r0", "operator": "eq", "name": "wireshark:edge"}, {"version": "3.4.3-1", "operator": "eq", "name": "wireshark:sid"}, {"version": "3.2.8-0.1", "operator": "eq", "name": "wireshark:sid"}, {"version": "3.4.9-r0", "operator": "eq", "name": "wireshark:3.15"}, {"version": "3.4.8-r0", "operator": "eq", "name": "wireshark:edge"}, {"version": "3.4.6-r0", "operator": "eq", "name": "wireshark:edge"}, {"version": "3.4.7-r0", "operator": "eq", "name": "wireshark:edge"}, {"version": "3.4.3-r0", "operator": "eq", "name": "wireshark:edge"}, {"version": "3.4.5-r0", "operator": "eq", "name": "wireshark:edge"}, {"version": "3.2.2-r0", "operator": "eq", "name": "wireshark:edge"}, {"version": "3.4.4-r0", "operator": "eq", "name": "wireshark:edge"}, {"version": "3.2.4-r0", "operator": "eq", "name": "wireshark:edge"}, {"version": "3.2.3-r1", "operator": "eq", "name": "wireshark:edge"}, {"version": "3.4.9-r0", "operator": "eq", "name": "wireshark:edge"}, {"version": "3.4.3-1", "operator": "eq", "name": "wireshark:sid"}, {"version": "3.2.8-0.1", "operator": "eq", "name": "wireshark:sid"}, {"version": "3.4.9-r0", "operator": "eq", "name": "wireshark:3.15"}]}

{"cnvd": [{"lastseen": "2022-08-27T05:08:10", "description": "Wireshark (formerly Ethereal) is a set of network packet analysis software from the Wireshark team. Gryphon dissector is one of the Gryphon protocol parsers. An attacker could exploit this vulnerability to cause a denial of service via packet injection or specially crafted capture files.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-01-04T00:00:00", "type": "cnvd", "title": "Wireshark Injection Vulnerability (CNVD-2022-11201)", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4182"], "modified": "2022-02-17T00:00:00", "id": "CNVD-2022-11201", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2022-11201", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "cve": [{"lastseen": "2023-05-23T15:45:23", "description": "Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-12-30T22:15:00", "type": "cve", "title": "CVE-2021-4182", "cwe": ["CWE-835"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4182"], "modified": "2022-11-04T19:42:00", "cpe": ["cpe:/o:fedoraproject:fedora:34", "cpe:/o:fedoraproject:fedora:35", "cpe:/a:oracle:zfs_storage_appliance_kit:8.8", "cpe:/a:wireshark:wireshark:3.6.0", "cpe:/a:oracle:http_server:12.2.1.3.0", "cpe:/a:oracle:http_server:12.2.1.4.0"], "id": "CVE-2021-4182", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-4182", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:3.6.0:*:*:*:*:*:*:*"]}], "ubuntucve": [{"lastseen": "2023-07-27T22:10:24", "description": "Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10\nallows denial of service via packet injection or crafted capture file", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-12-30T00:00:00", "type": "ubuntucve", "title": "CVE-2021-4182", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4182"], "modified": "2021-12-30T00:00:00", "id": "UB:CVE-2021-4182", "href": "https://ubuntu.com/security/CVE-2021-4182", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "alpinelinux": [{"lastseen": "2023-06-23T11:06:16", "description": "Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-12-30T22:15:00", "type": "alpinelinux", "title": "CVE-2021-4182", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4182"], "modified": "2022-11-04T19:42:00", "id": "ALPINE:CVE-2021-4182", "href": "https://security.alpinelinux.org/vuln/CVE-2021-4182", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "debiancve": [{"lastseen": "2023-09-09T02:57:13", "description": "Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file", "cvss3": {}, "published": "2021-12-30T22:15:00", "type": "debiancve", "title": "CVE-2021-4182", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-4182"], "modified": "2021-12-30T22:15:00", "id": "DEBIANCVE:CVE-2021-4182", "href": "https://security-tracker.debian.org/tracker/CVE-2021-4182", "cvss": {"score": 0.0, "vector": "NONE"}}], "prion": [{"lastseen": "2023-08-16T07:30:48", "description": "Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-12-30T22:15:00", "type": "prion", "title": "CVE-2021-4182", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4182"], "modified": "2022-11-04T19:42:00", "id": "PRION:CVE-2021-4182", "href": "https://kb.prio-n.com/vulnerability/CVE-2021-4182", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "redhatcve": [{"lastseen": "2023-07-08T02:22:30", "description": "A parser infinite-loop flaw was found in wireshark. An attacker with local network access could pass specially crafted capture files causing an application to halt, crash, or infinite loop.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-01-10T18:26:03", "type": "redhatcve", "title": "CVE-2021-4182", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4182"], "modified": "2023-07-08T02:14:46", "id": "RH:CVE-2021-4182", "href": "https://access.redhat.com/security/cve/cve-2021-4182", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2023-05-18T15:36:40", "description": "The version of Wireshark installed on the remote Windows host is prior to 3.4.11. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-3.4.11 advisory.\n\n - The Gryphon dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2021-4186)\n\n - The RTMPT dissector could go into an infinite loop. It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2021-4185)\n\n - The BitTorrent DHT dissector could go into an infinite loop. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.\n (CVE-2021-4184)\n\n - The RFC 7468 file parser could go into an infinite loop. It may be possible to make Wireshark consume excessive CPU resources by convincing someone to read a malformed packet trace file. (CVE-2021-4182)\n\n - The Sysdig Event dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.\n (CVE-2021-4181)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-12-29T00:00:00", "type": "nessus", "title": "Wireshark 3.4.x < 3.4.11 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4181", "CVE-2021-4182", "CVE-2021-4184", "CVE-2021-4185", "CVE-2021-4186"], "modified": "2023-02-16T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "WIRESHARK_3_4_11.NASL", "href": "https://www.tenable.com/plugins/nessus/156390", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156390);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/16\");\n\n script_cve_id(\n \"CVE-2021-4181\",\n \"CVE-2021-4182\",\n \"CVE-2021-4184\",\n \"CVE-2021-4185\",\n \"CVE-2021-4186\"\n );\n script_xref(name:\"IAVB\", value:\"2021-B-0072-S\");\n script_xref(name:\"IAVB\", value:\"2022-B-0035-S\");\n\n script_name(english:\"Wireshark 3.4.x < 3.4.11 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Wireshark installed on the remote Windows host is prior to 3.4.11. It is, therefore, affected by multiple\nvulnerabilities as referenced in the wireshark-3.4.11 advisory.\n\n - The Gryphon dissector could crash. It may be possible to make Wireshark crash by injecting a malformed\n packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2021-4186)\n\n - The RTMPT dissector could go into an infinite loop. It may be possible to make Wireshark consume excessive\n CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed\n packet trace file. (CVE-2021-4185)\n\n - The BitTorrent DHT dissector could go into an infinite loop. It may be possible to make Wireshark crash by\n injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.\n (CVE-2021-4184)\n\n - The RFC 7468 file parser could go into an infinite loop. It may be possible to make Wireshark consume\n excessive CPU resources by convincing someone to read a malformed packet trace file. (CVE-2021-4182)\n\n - The Sysdig Event dissector could crash. It may be possible to make Wireshark crash by injecting a\n malformed packet onto the wire or by convincing someone to read a malformed packet trace file.\n (CVE-2021-4181)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-3.4.11.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2021-16\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2021-17\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2021-18\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2021-20\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2021-21\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Wireshark version 3.4.11 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4186\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"wireshark_installed.nasl\");\n script_require_keys(\"installed_sw/Wireshark\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\nget_kb_item_or_exit('SMB/Registry/Enumerated');\n\nvar app_info = vcf::get_app_info(app:'Wireshark', win_local:TRUE);\n\nvar constraints = [\n { 'min_version' : '3.4.0', 'max_version' : '3.4.10', 'fixed_version' : '3.4.11' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T15:00:25", "description": "The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 3.4.11. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-3.4.11 advisory.\n\n - The Gryphon dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2021-4186)\n\n - The RTMPT dissector could go into an infinite loop. It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2021-4185)\n\n - The BitTorrent DHT dissector could go into an infinite loop. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.\n (CVE-2021-4184)\n\n - The RFC 7468 file parser could go into an infinite loop. It may be possible to make Wireshark consume excessive CPU resources by convincing someone to read a malformed packet trace file. (CVE-2021-4182)\n\n - The Sysdig Event dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.\n (CVE-2021-4181)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-12-29T00:00:00", "type": "nessus", "title": "Wireshark 3.4.x < 3.4.11 Multiple Vulnerabilities (macOS)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4181", "CVE-2021-4182", "CVE-2021-4184", "CVE-2021-4185", "CVE-2021-4186"], "modified": "2023-02-16T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "MACOSX_WIRESHARK_3_4_11.NASL", "href": "https://www.tenable.com/plugins/nessus/156389", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156389);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/16\");\n\n script_cve_id(\n \"CVE-2021-4181\",\n \"CVE-2021-4182\",\n \"CVE-2021-4184\",\n \"CVE-2021-4185\",\n \"CVE-2021-4186\"\n );\n script_xref(name:\"IAVB\", value:\"2021-B-0072-S\");\n script_xref(name:\"IAVB\", value:\"2022-B-0035-S\");\n\n script_name(english:\"Wireshark 3.4.x < 3.4.11 Multiple Vulnerabilities (macOS)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote macOS / Mac OS X host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 3.4.11. It is, therefore, affected by\nmultiple vulnerabilities as referenced in the wireshark-3.4.11 advisory.\n\n - The Gryphon dissector could crash. It may be possible to make Wireshark crash by injecting a malformed\n packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2021-4186)\n\n - The RTMPT dissector could go into an infinite loop. It may be possible to make Wireshark consume excessive\n CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed\n packet trace file. (CVE-2021-4185)\n\n - The BitTorrent DHT dissector could go into an infinite loop. It may be possible to make Wireshark crash by\n injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.\n (CVE-2021-4184)\n\n - The RFC 7468 file parser could go into an infinite loop. It may be possible to make Wireshark consume\n excessive CPU resources by convincing someone to read a malformed packet trace file. (CVE-2021-4182)\n\n - The Sysdig Event dissector could crash. It may be possible to make Wireshark crash by injecting a\n malformed packet onto the wire or by convincing someone to read a malformed packet trace file.\n (CVE-2021-4181)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-3.4.11.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2021-16\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2021-17\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2021-18\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2021-20\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2021-21\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Wireshark version 3.4.11 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4186\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_wireshark_installed.nbin\");\n script_require_keys(\"installed_sw/Wireshark\", \"Host/MacOSX/Version\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\nvar app_info = vcf::get_app_info(app:'Wireshark');\n\nvar constraints = [\n { 'min_version' : '3.4.0', 'max_version' : '3.4.10', 'fixed_version' : '3.4.11' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:36:49", "description": "The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 3.6.1. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-3.6.1 advisory.\n\n - The RTMPT dissector could go into an infinite loop. It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2021-4185)\n\n - The BitTorrent DHT dissector could go into an infinite loop. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.\n (CVE-2021-4184)\n\n - The pcapng file parser could crash. It may be possible to make Wireshark crash by convincing someone to read a malformed packet trace file. (CVE-2021-4183)\n\n - The RFC 7468 file parser could go into an infinite loop. It may be possible to make Wireshark consume excessive CPU resources by convincing someone to read a malformed packet trace file. (CVE-2021-4182)\n\n - The Sysdig Event dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.\n (CVE-2021-4181)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-12-29T00:00:00", "type": "nessus", "title": "Wireshark 3.6.x < 3.6.1 Multiple Vulnerabilities (macOS)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4181", "CVE-2021-4182", "CVE-2021-4183", "CVE-2021-4184", "CVE-2021-4185", "CVE-2021-4190"], "modified": "2022-09-27T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "MACOSX_WIRESHARK_3_6_1.NASL", "href": "https://www.tenable.com/plugins/nessus/156387", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156387);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/09/27\");\n\n script_cve_id(\n \"CVE-2021-4181\",\n \"CVE-2021-4182\",\n \"CVE-2021-4183\",\n \"CVE-2021-4184\",\n \"CVE-2021-4185\",\n \"CVE-2021-4190\"\n );\n script_xref(name:\"IAVB\", value:\"2022-B-0004-S\");\n script_xref(name:\"IAVB\", value:\"2021-B-0072-S\");\n\n script_name(english:\"Wireshark 3.6.x < 3.6.1 Multiple Vulnerabilities (macOS)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote macOS / Mac OS X host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 3.6.1. It is, therefore, affected by\nmultiple vulnerabilities as referenced in the wireshark-3.6.1 advisory.\n\n - The RTMPT dissector could go into an infinite loop. It may be possible to make Wireshark consume excessive\n CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed\n packet trace file. (CVE-2021-4185)\n\n - The BitTorrent DHT dissector could go into an infinite loop. It may be possible to make Wireshark crash by\n injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.\n (CVE-2021-4184)\n\n - The pcapng file parser could crash. It may be possible to make Wireshark crash by convincing someone to\n read a malformed packet trace file. (CVE-2021-4183)\n\n - The RFC 7468 file parser could go into an infinite loop. It may be possible to make Wireshark consume\n excessive CPU resources by convincing someone to read a malformed packet trace file. (CVE-2021-4182)\n\n - The Sysdig Event dissector could crash. It may be possible to make Wireshark crash by injecting a\n malformed packet onto the wire or by convincing someone to read a malformed packet trace file.\n (CVE-2021-4181)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-3.6.1.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2021-17\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2021-18\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2021-19\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2021-20\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2021-21\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Wireshark version 3.6.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4190\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_wireshark_installed.nbin\");\n script_require_keys(\"installed_sw/Wireshark\", \"Host/MacOSX/Version\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\nvar app_info = vcf::get_app_info(app:'Wireshark');\n\nvar constraints = [\n { 'min_version' : '3.6.0', 'fixed_version' : '3.6.1' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-14T14:51:56", "description": "The remote SUSE Linux SLED15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0375-1 advisory.\n\n - Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file (CVE-2021-4181)\n\n - Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file (CVE-2021-4182)\n\n - Crash in the pcapng file parser in Wireshark 3.6.0 allows denial of service via crafted capture file (CVE-2021-4183)\n\n - Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file (CVE-2021-4184)\n\n - Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file (CVE-2021-4185)\n\n - Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or crafted capture file (CVE-2021-4190)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-15T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : wireshark (SUSE-SU-2022:0375-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4181", "CVE-2021-4182", "CVE-2021-4183", "CVE-2021-4184", "CVE-2021-4185", "CVE-2021-4190"], "modified": "2023-07-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libvirt", "p-cpe:/a:novell:suse_linux:libvirt-admin", "p-cpe:/a:novell:suse_linux:libvirt-bash-completion", "p-cpe:/a:novell:suse_linux:libvirt-client", "p-cpe:/a:novell:suse_linux:libvirt-daemon", "p-cpe:/a:novell:suse_linux:libvirt-daemon-config-network", "p-cpe:/a:novell:suse_linux:libvirt-daemon-config-nwfilter", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-core", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-disk", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi-direct", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-logical", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-rbd", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:novell:suse_linux:libvirt-daemon-hooks", "p-cpe:/a:novell:suse_linux:libvirt-daemon-lxc", "p-cpe:/a:novell:suse_linux:libvirt-daemon-qemu", "p-cpe:/a:novell:suse_linux:libvirt-daemon-xen", "p-cpe:/a:novell:suse_linux:libvirt-devel", "p-cpe:/a:novell:suse_linux:libvirt-doc", "p-cpe:/a:novell:suse_linux:libvirt-libs", "p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock", "p-cpe:/a:novell:suse_linux:libvirt-nss", "p-cpe:/a:novell:suse_linux:libwireshark15", "p-cpe:/a:novell:suse_linux:libwiretap12", "p-cpe:/a:novell:suse_linux:libwsutil13", "p-cpe:/a:novell:suse_linux:wireshark", "p-cpe:/a:novell:suse_linux:wireshark-devel", "p-cpe:/a:novell:suse_linux:wireshark-ui-qt", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-0375-1.NASL", "href": "https://www.tenable.com/plugins/nessus/158062", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:0375-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158062);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/13\");\n\n script_cve_id(\n \"CVE-2021-4181\",\n \"CVE-2021-4182\",\n \"CVE-2021-4183\",\n \"CVE-2021-4184\",\n \"CVE-2021-4185\",\n \"CVE-2021-4190\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:0375-1\");\n script_xref(name:\"IAVB\", value:\"2022-B-0004-S\");\n script_xref(name:\"IAVB\", value:\"2021-B-0072-S\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : wireshark (SUSE-SU-2022:0375-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple\nvulnerabilities as referenced in the SUSE-SU-2022:0375-1 advisory.\n\n - Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via\n packet injection or crafted capture file (CVE-2021-4181)\n\n - Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet\n injection or crafted capture file (CVE-2021-4182)\n\n - Crash in the pcapng file parser in Wireshark 3.6.0 allows denial of service via crafted capture file\n (CVE-2021-4183)\n\n - Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of\n service via packet injection or crafted capture file (CVE-2021-4184)\n\n - Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via\n packet injection or crafted capture file (CVE-2021-4185)\n\n - Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or\n crafted capture file (CVE-2021-4190)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194166\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194167\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194168\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194169\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194170\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194171\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194780\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4181\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4182\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4183\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4184\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4185\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4190\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-February/010221.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?99d777b3\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4190\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-iscsi-direct\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-hooks\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwireshark15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwiretap12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwsutil13\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:wireshark-ui-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)(?:_SAP)?\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15|SLES_SAP15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLES15 / SLES_SAP15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLED15 SP3\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0|1|2|3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP0/1/2/3\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES_SAP15\" && (! preg(pattern:\"^(0|1|2)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES_SAP15 SP0/1/2\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'libwireshark15-3.6.1-3.68.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15']},\n {'reference':'libwiretap12-3.6.1-3.68.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15']},\n {'reference':'libwsutil13-3.6.1-3.68.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15']},\n {'reference':'wireshark-3.6.1-3.68.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15']},\n {'reference':'wireshark-devel-3.6.1-3.68.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15']},\n {'reference':'wireshark-ui-qt-3.6.1-3.68.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15']},\n {'reference':'libwireshark15-3.6.1-3.68.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'libwiretap12-3.6.1-3.68.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'libwsutil13-3.6.1-3.68.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'wireshark-3.6.1-3.68.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'wireshark-devel-3.6.1-3.68.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'wireshark-ui-qt-3.6.1-3.68.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'libwireshark15-3.6.1-3.68.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'libwiretap12-3.6.1-3.68.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'libwsutil13-3.6.1-3.68.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'wireshark-3.6.1-3.68.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'wireshark-devel-3.6.1-3.68.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'wireshark-ui-qt-3.6.1-3.68.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'libwireshark15-3.6.1-3.68.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'libwireshark15-3.6.1-3.68.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'libwiretap12-3.6.1-3.68.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'libwiretap12-3.6.1-3.68.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'libwsutil13-3.6.1-3.68.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'libwsutil13-3.6.1-3.68.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'wireshark-3.6.1-3.68.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'wireshark-3.6.1-3.68.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'wireshark-devel-3.6.1-3.68.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'wireshark-devel-3.6.1-3.68.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'wireshark-ui-qt-3.6.1-3.68.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'wireshark-ui-qt-3.6.1-3.68.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'libwireshark15-3.6.1-3.68.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libwireshark15-3.6.1-3.68.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libwireshark15-3.6.1-3.68.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libwireshark15-3.6.1-3.68.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libwiretap12-3.6.1-3.68.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libwiretap12-3.6.1-3.68.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libwiretap12-3.6.1-3.68.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libwiretap12-3.6.1-3.68.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libwsutil13-3.6.1-3.68.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libwsutil13-3.6.1-3.68.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libwsutil13-3.6.1-3.68.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libwsutil13-3.6.1-3.68.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'wireshark-3.6.1-3.68.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'wireshark-3.6.1-3.68.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'wireshark-3.6.1-3.68.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'wireshark-3.6.1-3.68.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'wireshark-devel-3.6.1-3.68.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'wireshark-devel-3.6.1-3.68.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'wireshark-devel-3.6.1-3.68.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'wireshark-devel-3.6.1-3.68.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'wireshark-ui-qt-3.6.1-3.68.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'wireshark-ui-qt-3.6.1-3.68.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'wireshark-ui-qt-3.6.1-3.68.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'wireshark-ui-qt-3.6.1-3.68.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libwireshark15-3.6.1-3.68.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'libwireshark15-3.6.1-3.68.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2', 'sles-release-15.2']},\n {'reference':'libwiretap12-3.6.1-3.68.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'libwiretap12-3.6.1-3.68.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2', 'sles-release-15.2']},\n {'reference':'libwsutil13-3.6.1-3.68.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'libwsutil13-3.6.1-3.68.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2', 'sles-release-15.2']},\n {'reference':'wireshark-3.6.1-3.68.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'wireshark-3.6.1-3.68.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2', 'sles-release-15.2']},\n {'reference':'wireshark-devel-3.6.1-3.68.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'wireshark-devel-3.6.1-3.68.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2', 'sles-release-15.2']},\n {'reference':'wireshark-ui-qt-3.6.1-3.68.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'wireshark-ui-qt-3.6.1-3.68.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2', 'sles-release-15.2']},\n {'reference':'libwireshark15-3.6.1-3.68.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'libwireshark15-3.6.1-3.68.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'libwiretap12-3.6.1-3.68.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'libwiretap12-3.6.1-3.68.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'libwsutil13-3.6.1-3.68.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'libwsutil13-3.6.1-3.68.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'wireshark-3.6.1-3.68.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'wireshark-3.6.1-3.68.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'wireshark-devel-3.6.1-3.68.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'wireshark-devel-3.6.1-3.68.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'wireshark-ui-qt-3.6.1-3.68.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'wireshark-ui-qt-3.6.1-3.68.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'libwireshark15-3.6.1-3.68.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'libwireshark15-3.6.1-3.68.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'libwiretap12-3.6.1-3.68.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'libwiretap12-3.6.1-3.68.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'libwsutil13-3.6.1-3.68.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'libwsutil13-3.6.1-3.68.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'wireshark-3.6.1-3.68.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'wireshark-3.6.1-3.68.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'wireshark-devel-3.6.1-3.68.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'wireshark-devel-3.6.1-3.68.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'wireshark-ui-qt-3.6.1-3.68.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'wireshark-ui-qt-3.6.1-3.68.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'libvirt-libs-7.1.0-150300.6.23.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'libvirt-libs-7.1.0-150300.6.23.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'libwireshark15-3.6.1-3.68.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'libwireshark15-3.6.1-3.68.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'libwiretap12-3.6.1-3.68.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'libwiretap12-3.6.1-3.68.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'libwsutil13-3.6.1-3.68.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'libwsutil13-3.6.1-3.68.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'wireshark-3.6.1-3.68.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'wireshark-3.6.1-3.68.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'wireshark-devel-3.6.1-3.68.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-desktop-applications-release-15.3']},\n {'reference':'wireshark-devel-3.6.1-3.68.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-desktop-applications-release-15.3']},\n {'reference':'wireshark-ui-qt-3.6.1-3.68.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-desktop-applications-release-15.3']},\n {'reference':'wireshark-ui-qt-3.6.1-3.68.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-desktop-applications-release-15.3']},\n {'reference':'libvirt-7.1.0-150300.6.23.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-server-applications-release-15.3']},\n {'reference':'libvirt-admin-7.1.0-150300.6.23.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-server-applications-release-15.3']},\n {'reference':'libvirt-bash-completion-7.1.0-150300.6.23.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-server-applications-release-15.3']},\n {'reference':'libvirt-client-7.1.0-150300.6.23.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-server-applications-release-15.3']},\n {'reference':'libvirt-daemon-7.1.0-150300.6.23.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-server-applications-release-15.3']},\n {'reference':'libvirt-daemon-config-network-7.1.0-150300.6.23.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-server-applications-release-15.3']},\n {'reference':'libvirt-daemon-config-nwfilter-7.1.0-150300.6.23.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-server-applications-release-15.3']},\n {'reference':'libvirt-daemon-driver-interface-7.1.0-150300.6.23.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-server-applications-release-15.3']},\n {'reference':'libvirt-daemon-driver-libxl-7.1.0-150300.6.23.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-server-applications-release-15.3']},\n {'reference':'libvirt-daemon-driver-lxc-7.1.0-150300.6.23.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-server-applications-release-15.3']},\n {'reference':'libvirt-daemon-driver-network-7.1.0-150300.6.23.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-server-applications-release-15.3']},\n {'reference':'libvirt-daemon-driver-nodedev-7.1.0-150300.6.23.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-server-applications-release-15.3']},\n {'reference':'libvirt-daemon-driver-nwfilter-7.1.0-150300.6.23.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-server-applications-release-15.3']},\n {'reference':'libvirt-daemon-driver-qemu-7.1.0-150300.6.23.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-server-applications-release-15.3']},\n {'reference':'libvirt-daemon-driver-secret-7.1.0-150300.6.23.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-server-applications-release-15.3']},\n {'reference':'libvirt-daemon-driver-storage-7.1.0-150300.6.23.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-server-applications-release-15.3']},\n {'reference':'libvirt-daemon-driver-storage-core-7.1.0-150300.6.23.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-server-applications-release-15.3']},\n {'reference':'libvirt-daemon-driver-storage-disk-7.1.0-150300.6.23.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-server-applications-release-15.3']},\n {'reference':'libvirt-daemon-driver-storage-iscsi-7.1.0-150300.6.23.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-server-applications-release-15.3']},\n {'reference':'libvirt-daemon-driver-storage-iscsi-direct-7.1.0-150300.6.23.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-server-applications-release-15.3']},\n {'reference':'libvirt-daemon-driver-storage-logical-7.1.0-150300.6.23.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-server-applications-release-15.3']},\n {'reference':'libvirt-daemon-driver-storage-mpath-7.1.0-150300.6.23.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-server-applications-release-15.3']},\n {'reference':'libvirt-daemon-driver-storage-rbd-7.1.0-150300.6.23.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-server-applications-release-15.3']},\n {'reference':'libvirt-daemon-driver-storage-rbd-7.1.0-150300.6.23.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-server-applications-release-15.3']},\n {'reference':'libvirt-daemon-driver-storage-scsi-7.1.0-150300.6.23.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-server-applications-release-15.3']},\n {'reference':'libvirt-daemon-hooks-7.1.0-150300.6.23.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-server-applications-release-15.3']},\n {'reference':'libvirt-daemon-lxc-7.1.0-150300.6.23.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-server-applications-release-15.3']},\n {'reference':'libvirt-daemon-qemu-7.1.0-150300.6.23.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-server-applications-release-15.3']},\n {'reference':'libvirt-daemon-xen-7.1.0-150300.6.23.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-server-applications-release-15.3']},\n {'reference':'libvirt-devel-7.1.0-150300.6.23.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-server-applications-release-15.3']},\n {'reference':'libvirt-doc-7.1.0-150300.6.23.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-server-applications-release-15.3']},\n {'reference':'libvirt-lock-sanlock-7.1.0-150300.6.23.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-server-applications-release-15.3']},\n {'reference':'libvirt-nss-7.1.0-150300.6.23.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-server-applications-release-15.3']},\n {'reference':'libwireshark15-3.6.1-3.68.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'libwiretap12-3.6.1-3.68.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'libwsutil13-3.6.1-3.68.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'wireshark-3.6.1-3.68.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'wireshark-devel-3.6.1-3.68.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'wireshark-ui-qt-3.6.1-3.68.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'libwireshark15-3.6.1-3.68.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'libwiretap12-3.6.1-3.68.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'libwsutil13-3.6.1-3.68.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'wireshark-3.6.1-3.68.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'wireshark-devel-3.6.1-3.68.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'wireshark-ui-qt-3.6.1-3.68.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'libwireshark15-3.6.1-3.68.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']},\n {'reference':'libwiretap12-3.6.1-3.68.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']},\n {'reference':'libwsutil13-3.6.1-3.68.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']},\n {'reference':'wireshark-3.6.1-3.68.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']},\n {'reference':'wireshark-devel-3.6.1-3.68.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']},\n {'reference':'wireshark-ui-qt-3.6.1-3.68.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libvirt / libvirt-admin / libvirt-bash-completion / libvirt-client / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:36:50", "description": "The version of Wireshark installed on the remote Windows host is prior to 3.6.1. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-3.6.1 advisory.\n\n - The RTMPT dissector could go into an infinite loop. It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (CVE-2021-4185)\n\n - The BitTorrent DHT dissector could go into an infinite loop. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.\n (CVE-2021-4184)\n\n - The pcapng file parser could crash. It may be possible to make Wireshark crash by convincing someone to read a malformed packet trace file. (CVE-2021-4183)\n\n - The RFC 7468 file parser could go into an infinite loop. It may be possible to make Wireshark consume excessive CPU resources by convincing someone to read a malformed packet trace file. (CVE-2021-4182)\n\n - The Sysdig Event dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.\n (CVE-2021-4181)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-12-29T00:00:00", "type": "nessus", "title": "Wireshark 3.6.x < 3.6.1 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4181", "CVE-2021-4182", "CVE-2021-4183", "CVE-2021-4184", "CVE-2021-4185", "CVE-2021-4190"], "modified": "2022-09-27T00:00:00", "cpe": ["cpe:/a:wireshark:wireshark"], "id": "WIRESHARK_3_6_1.NASL", "href": "https://www.tenable.com/plugins/nessus/156388", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156388);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/09/27\");\n\n script_cve_id(\n \"CVE-2021-4181\",\n \"CVE-2021-4182\",\n \"CVE-2021-4183\",\n \"CVE-2021-4184\",\n \"CVE-2021-4185\",\n \"CVE-2021-4190\"\n );\n script_xref(name:\"IAVB\", value:\"2022-B-0004-S\");\n script_xref(name:\"IAVB\", value:\"2021-B-0072-S\");\n\n script_name(english:\"Wireshark 3.6.x < 3.6.1 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Wireshark installed on the remote Windows host is prior to 3.6.1. It is, therefore, affected by multiple\nvulnerabilities as referenced in the wireshark-3.6.1 advisory.\n\n - The RTMPT dissector could go into an infinite loop. It may be possible to make Wireshark consume excessive\n CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed\n packet trace file. (CVE-2021-4185)\n\n - The BitTorrent DHT dissector could go into an infinite loop. It may be possible to make Wireshark crash by\n injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.\n (CVE-2021-4184)\n\n - The pcapng file parser could crash. It may be possible to make Wireshark crash by convincing someone to\n read a malformed packet trace file. (CVE-2021-4183)\n\n - The RFC 7468 file parser could go into an infinite loop. It may be possible to make Wireshark consume\n excessive CPU resources by convincing someone to read a malformed packet trace file. (CVE-2021-4182)\n\n - The Sysdig Event dissector could crash. It may be possible to make Wireshark crash by injecting a\n malformed packet onto the wire or by convincing someone to read a malformed packet trace file.\n (CVE-2021-4181)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/docs/relnotes/wireshark-3.6.1.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2021-17\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2021-18\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2021-19\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2021-20\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.wireshark.org/security/wnpa-sec-2021-21\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Wireshark version 3.6.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4190\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wireshark:wireshark\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"wireshark_installed.nasl\");\n script_require_keys(\"installed_sw/Wireshark\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\nget_kb_item_or_exit('SMB/Registry/Enumerated');\n\nvar app_info = vcf::get_app_info(app:'Wireshark', win_local:TRUE);\n\nvar constraints = [\n { 'min_version' : '3.6.0', 'fixed_version' : '3.6.1' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:14:56", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0375-1 advisory.\n\n - Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file (CVE-2021-4181)\n\n - Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file (CVE-2021-4182)\n\n - Crash in the pcapng file parser in Wireshark 3.6.0 allows denial of service via crafted capture file (CVE-2021-4183)\n\n - Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file (CVE-2021-4184)\n\n - Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file (CVE-2021-4185)\n\n - Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or crafted capture file (CVE-2021-4190)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-15T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : wireshark (openSUSE-SU-2022:0375-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4181", "CVE-2021-4182", "CVE-2021-4183", "CVE-2021-4184", "CVE-2021-4185", "CVE-2021-4190"], "modified": "2022-09-27T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libvirt", "p-cpe:/a:novell:opensuse:libvirt-admin", "p-cpe:/a:novell:opensuse:libvirt-bash-completion", "p-cpe:/a:novell:opensuse:libvirt-client", "p-cpe:/a:novell:opensuse:libvirt-daemon", "p-cpe:/a:novell:opensuse:libvirt-daemon-config-network", "p-cpe:/a:novell:opensuse:libvirt-daemon-config-nwfilter", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-interface", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-libxl", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-lxc", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-network", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nodedev", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nwfilter", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-qemu", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-secret", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-core", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-disk", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-gluster", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-iscsi-direct", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-logical", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-rbd", "p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:novell:opensuse:libvirt-daemon-hooks", "p-cpe:/a:novell:opensuse:libvirt-daemon-lxc", "p-cpe:/a:novell:opensuse:libvirt-daemon-qemu", "p-cpe:/a:novell:opensuse:libvirt-daemon-xen", "p-cpe:/a:novell:opensuse:libvirt-devel", "p-cpe:/a:novell:opensuse:libvirt-devel-32bit", "p-cpe:/a:novell:opensuse:libvirt-libs", "p-cpe:/a:novell:opensuse:libvirt-lock-sanlock", "p-cpe:/a:novell:opensuse:libvirt-nss", "p-cpe:/a:novell:opensuse:libwireshark15", "p-cpe:/a:novell:opensuse:libwiretap12", "p-cpe:/a:novell:opensuse:libwsutil13", "p-cpe:/a:novell:opensuse:wireshark", "p-cpe:/a:novell:opensuse:wireshark-devel", "p-cpe:/a:novell:opensuse:wireshark-plugin-libvirt", "p-cpe:/a:novell:opensuse:wireshark-ui-qt", "cpe:/o:novell:opensuse:15.3"], "id": "OPENSUSE-2022-0375-1.NASL", "href": "https://www.tenable.com/plugins/nessus/158058", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2022:0375-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158058);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/09/27\");\n\n script_cve_id(\n \"CVE-2021-4181\",\n \"CVE-2021-4182\",\n \"CVE-2021-4183\",\n \"CVE-2021-4184\",\n \"CVE-2021-4185\",\n \"CVE-2021-4190\"\n );\n script_xref(name:\"IAVB\", value:\"2022-B-0004-S\");\n script_xref(name:\"IAVB\", value:\"2021-B-0072-S\");\n\n script_name(english:\"openSUSE 15 Security Update : wireshark (openSUSE-SU-2022:0375-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2022:0375-1 advisory.\n\n - Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via\n packet injection or crafted capture file (CVE-2021-4181)\n\n - Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet\n injection or crafted capture file (CVE-2021-4182)\n\n - Crash in the pcapng file parser in Wireshark 3.6.0 allows denial of service via crafted capture file\n (CVE-2021-4183)\n\n - Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of\n service via packet injection or crafted capture file (CVE-2021-4184)\n\n - Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via\n packet injection or crafted capture file (CVE-2021-4185)\n\n - Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or\n crafted capture file (CVE-2021-4190)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194166\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194167\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194168\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194169\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194170\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194171\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194780\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JAOH336QWFQFZUXO5FOHF4P6VJNY7R4L/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4c12c7da\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4181\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4182\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4183\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4184\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4185\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4190\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4190\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-libxl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-iscsi-direct\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-hooks\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-daemon-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-lock-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwireshark15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwiretap12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwsutil13\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-plugin-libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wireshark-ui-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.3\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nvar os_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.3', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\nvar pkgs = [\n {'reference':'libvirt-7.1.0-150300.6.23.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-admin-7.1.0-150300.6.23.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-bash-completion-7.1.0-150300.6.23.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-client-7.1.0-150300.6.23.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-7.1.0-150300.6.23.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-network-7.1.0-150300.6.23.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-nwfilter-7.1.0-150300.6.23.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-interface-7.1.0-150300.6.23.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-libxl-7.1.0-150300.6.23.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-lxc-7.1.0-150300.6.23.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-network-7.1.0-150300.6.23.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nodedev-7.1.0-150300.6.23.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nwfilter-7.1.0-150300.6.23.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-qemu-7.1.0-150300.6.23.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-secret-7.1.0-150300.6.23.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-7.1.0-150300.6.23.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-core-7.1.0-150300.6.23.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-disk-7.1.0-150300.6.23.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-gluster-7.1.0-150300.6.23.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-7.1.0-150300.6.23.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-direct-7.1.0-150300.6.23.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-logical-7.1.0-150300.6.23.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-mpath-7.1.0-150300.6.23.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-rbd-7.1.0-150300.6.23.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-rbd-7.1.0-150300.6.23.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-scsi-7.1.0-150300.6.23.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-hooks-7.1.0-150300.6.23.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-lxc-7.1.0-150300.6.23.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-qemu-7.1.0-150300.6.23.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-xen-7.1.0-150300.6.23.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-devel-32bit-7.1.0-150300.6.23.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-devel-7.1.0-150300.6.23.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-libs-7.1.0-150300.6.23.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-lock-sanlock-7.1.0-150300.6.23.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-nss-7.1.0-150300.6.23.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwireshark15-3.6.1-3.68.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwiretap12-3.6.1-3.68.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwsutil13-3.6.1-3.68.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-3.6.1-3.68.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-devel-3.6.1-3.68.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-plugin-libvirt-7.1.0-150300.6.23.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-ui-qt-3.6.1-3.68.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libvirt / libvirt-admin / libvirt-bash-completion / libvirt-client / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-24T12:46:35", "description": "The remote host is affected by the vulnerability described in GLSA-202210-04 (Wireshark: Multiple Vulnerabilities)\n\n - Crash in DNP dissector in Wireshark 3.4.0 to 3.4.6 and 3.2.0 to 3.2.14 allows denial of service via packet injection or crafted capture file (CVE-2021-22235)\n\n - NULL pointer exception in the IPPUSB dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file (CVE-2021-39920)\n\n - NULL pointer exception in the Modbus dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file (CVE-2021-39921)\n\n - Buffer overflow in the C12.22 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file (CVE-2021-39922)\n\n - Large loop in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file (CVE-2021-39924)\n\n - Buffer overflow in the Bluetooth SDP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file (CVE-2021-39925)\n\n - Buffer overflow in the Bluetooth HCI_ISO dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file (CVE-2021-39926)\n\n - NULL pointer exception in the IEEE 802.11 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file (CVE-2021-39928)\n\n - Uncontrolled Recursion in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file (CVE-2021-39929)\n\n - Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file (CVE-2021-4181)\n\n - Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file (CVE-2021-4182)\n\n - Crash in the pcapng file parser in Wireshark 3.6.0 allows denial of service via crafted capture file (CVE-2021-4183)\n\n - Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file (CVE-2021-4184)\n\n - Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file (CVE-2021-4185)\n\n - Crash in the Gryphon dissector in Wireshark 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file (CVE-2021-4186)\n\n - Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or crafted capture file (CVE-2021-4190)\n\n - Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file (CVE-2022-0581)\n\n - Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file (CVE-2022-0582)\n\n - Crash in the PVFS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file (CVE-2022-0583)\n\n - Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial of service via packet injection or crafted capture file (CVE-2022-0585)\n\n - Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file (CVE-2022-0586)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-10-16T00:00:00", "type": "nessus", "title": "GLSA-202210-04 : Wireshark: Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-22235", "CVE-2021-39920", "CVE-2021-39921", "CVE-2021-39922", "CVE-2021-39924", "CVE-2021-39925", "CVE-2021-39926", "CVE-2021-39928", "CVE-2021-39929", "CVE-2021-4181", "CVE-2021-4182", "CVE-2021-4183", "CVE-2021-4184", "CVE-2021-4185", "CVE-2021-4186", "CVE-2021-4190", "CVE-2022-0581", "CVE-2022-0582", "CVE-2022-0583", "CVE-2022-0585", "CVE-2022-0586"], "modified": "2022-10-16T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:wireshark", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-202210-04.NASL", "href": "https://www.tenable.com/plugins/nessus/166163", "sourceData": "#%NASL_MIN_LEVEL 80900\n#\n# (C) Tenable, Inc.\n#\n# @NOAGENT@\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202210-04.\n#\n# The advisory text is Copyright (C) 2001-2021 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike\n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166163);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/10/16\");\n\n script_cve_id(\n \"CVE-2021-4181\",\n \"CVE-2021-4182\",\n \"CVE-2021-4183\",\n \"CVE-2021-4184\",\n \"CVE-2021-4185\",\n \"CVE-2021-4186\",\n \"CVE-2021-4190\",\n \"CVE-2021-22235\",\n \"CVE-2021-39920\",\n \"CVE-2021-39921\",\n \"CVE-2021-39922\",\n \"CVE-2021-39924\",\n \"CVE-2021-39925\",\n \"CVE-2021-39926\",\n \"CVE-2021-39928\",\n \"CVE-2021-39929\",\n \"CVE-2022-0581\",\n \"CVE-2022-0582\",\n \"CVE-2022-0583\",\n \"CVE-2022-0585\",\n \"CVE-2022-0586\"\n );\n\n script_name(english:\"GLSA-202210-04 : Wireshark: Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is affected by the vulnerability described in GLSA-202210-04 (Wireshark: Multiple Vulnerabilities)\n\n - Crash in DNP dissector in Wireshark 3.4.0 to 3.4.6 and 3.2.0 to 3.2.14 allows denial of service via packet\n injection or crafted capture file (CVE-2021-22235)\n\n - NULL pointer exception in the IPPUSB dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via\n packet injection or crafted capture file (CVE-2021-39920)\n\n - NULL pointer exception in the Modbus dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows\n denial of service via packet injection or crafted capture file (CVE-2021-39921)\n\n - Buffer overflow in the C12.22 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of\n service via packet injection or crafted capture file (CVE-2021-39922)\n\n - Large loop in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of\n service via packet injection or crafted capture file (CVE-2021-39924)\n\n - Buffer overflow in the Bluetooth SDP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows\n denial of service via packet injection or crafted capture file (CVE-2021-39925)\n\n - Buffer overflow in the Bluetooth HCI_ISO dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service\n via packet injection or crafted capture file (CVE-2021-39926)\n\n - NULL pointer exception in the IEEE 802.11 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows\n denial of service via packet injection or crafted capture file (CVE-2021-39928)\n\n - Uncontrolled Recursion in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17\n allows denial of service via packet injection or crafted capture file (CVE-2021-39929)\n\n - Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via\n packet injection or crafted capture file (CVE-2021-4181)\n\n - Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet\n injection or crafted capture file (CVE-2021-4182)\n\n - Crash in the pcapng file parser in Wireshark 3.6.0 allows denial of service via crafted capture file\n (CVE-2021-4183)\n\n - Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of\n service via packet injection or crafted capture file (CVE-2021-4184)\n\n - Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via\n packet injection or crafted capture file (CVE-2021-4185)\n\n - Crash in the Gryphon dissector in Wireshark 3.4.0 to 3.4.10 allows denial of service via packet injection\n or crafted capture file (CVE-2021-4186)\n\n - Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or\n crafted capture file (CVE-2021-4190)\n\n - Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of\n service via packet injection or crafted capture file (CVE-2022-0581)\n\n - Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows\n denial of service via packet injection or crafted capture file (CVE-2022-0582)\n\n - Crash in the PVFS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of\n service via packet injection or crafted capture file (CVE-2022-0583)\n\n - Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial\n of service via packet injection or crafted capture file (CVE-2022-0585)\n\n - Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of\n service via packet injection or crafted capture file (CVE-2022-0586)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security.gentoo.org/glsa/202210-04\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=802216\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=824474\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=830343\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=833294\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=869140\");\n script_set_attribute(attribute:\"solution\", value:\n\"All Wireshark users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose >=net-analyzer/wireshark-3.6.8\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0582\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/07/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:wireshark\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar flag = 0;\n\nvar packages = [\n {\n 'name' : \"net-analyzer/wireshark\",\n 'unaffected' : make_list(\"ge 3.6.8\", \"lt 3.0.0\"),\n 'vulnerable' : make_list(\"lt 3.6.8\")\n }\n];\n\nforeach package( packages ) {\n if (isnull(package['unaffected'])) package['unaffected'] = make_list();\n if (isnull(package['vulnerable'])) package['vulnerable'] = make_list();\n if (qpkg_check(package: package['name'] , unaffected: package['unaffected'], vulnerable: package['vulnerable'])) flag++;\n}\n\n# This plugin has a different number of unaffected and vulnerable versions for\n# one or more packages. To ensure proper detection, a separate line should be \n# used for each fixed/vulnerable version pair.\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : qpkg_report_get()\n );\n exit(0);\n}\nelse\n{\n qpkg_tests = list_uniq(qpkg_tests);\n var tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Wireshark\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:34:40", "description": "It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-079 advisory.\n\n - NULL pointer exception in the IPPUSB dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file (CVE-2021-39920)\n\n - NULL pointer exception in the Modbus dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file (CVE-2021-39921)\n\n - Buffer overflow in the C12.22 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file (CVE-2021-39922)\n\n - Large loop in the PNRP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file (CVE-2021-39923)\n\n - Large loop in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file (CVE-2021-39924)\n\n - Buffer overflow in the Bluetooth SDP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file (CVE-2021-39925)\n\n - Buffer overflow in the Bluetooth HCI_ISO dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file (CVE-2021-39926)\n\n - NULL pointer exception in the IEEE 802.11 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file (CVE-2021-39928)\n\n - Uncontrolled Recursion in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file (CVE-2021-39929)\n\n - Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file (CVE-2021-4181)\n\n - Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file (CVE-2021-4182)\n\n - Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file (CVE-2021-4184)\n\n - Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file (CVE-2021-4185)\n\n - Crash in the Gryphon dissector in Wireshark 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file (CVE-2021-4186)\n\n - Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or crafted capture file (CVE-2021-4190)\n\n - Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file (CVE-2022-0581)\n\n - Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file (CVE-2022-0582)\n\n - Crash in the PVFS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file (CVE-2022-0583)\n\n - Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial of service via packet injection or crafted capture file (CVE-2022-0585)\n\n - Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file (CVE-2022-0586)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-09-06T00:00:00", "type": "nessus", "title": "Amazon Linux 2022 : (ALAS2022-2022-079)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-39920", "CVE-2021-39921", "CVE-2021-39922", "CVE-2021-39923", "CVE-2021-39924", "CVE-2021-39925", "CVE-2021-39926", "CVE-2021-39928", "CVE-2021-39929", "CVE-2021-4181", "CVE-2021-4182", "CVE-2021-4184", "CVE-2021-4185", "CVE-2021-4186", "CVE-2021-4190", "CVE-2022-0581", "CVE-2022-0582", "CVE-2022-0583", "CVE-2022-0585", "CVE-2022-0586"], "modified": "2023-02-16T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:wireshark-cli", "p-cpe:/a:amazon:linux:wireshark-cli-debuginfo", "p-cpe:/a:amazon:linux:wireshark-debugsource", "p-cpe:/a:amazon:linux:wireshark-devel", "cpe:/o:amazon:linux:2022"], "id": "AL2022_ALAS2022-2022-079.NASL", "href": "https://www.tenable.com/plugins/nessus/164754", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2022 Security Advisory ALAS2022-2022-079.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(164754);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/16\");\n\n script_cve_id(\n \"CVE-2021-4181\",\n \"CVE-2021-4182\",\n \"CVE-2021-4184\",\n \"CVE-2021-4185\",\n \"CVE-2021-4186\",\n \"CVE-2021-4190\",\n \"CVE-2021-39920\",\n \"CVE-2021-39921\",\n \"CVE-2021-39922\",\n \"CVE-2021-39923\",\n \"CVE-2021-39924\",\n \"CVE-2021-39925\",\n \"CVE-2021-39926\",\n \"CVE-2021-39928\",\n \"CVE-2021-39929\",\n \"CVE-2022-0581\",\n \"CVE-2022-0582\",\n \"CVE-2022-0583\",\n \"CVE-2022-0585\",\n \"CVE-2022-0586\"\n );\n script_xref(name:\"IAVB\", value:\"2022-B-0035-S\");\n\n script_name(english:\"Amazon Linux 2022 : (ALAS2022-2022-079)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2022 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-079 advisory.\n\n - NULL pointer exception in the IPPUSB dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via\n packet injection or crafted capture file (CVE-2021-39920)\n\n - NULL pointer exception in the Modbus dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows\n denial of service via packet injection or crafted capture file (CVE-2021-39921)\n\n - Buffer overflow in the C12.22 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of\n service via packet injection or crafted capture file (CVE-2021-39922)\n\n - Large loop in the PNRP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service\n via packet injection or crafted capture file (CVE-2021-39923)\n\n - Large loop in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of\n service via packet injection or crafted capture file (CVE-2021-39924)\n\n - Buffer overflow in the Bluetooth SDP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows\n denial of service via packet injection or crafted capture file (CVE-2021-39925)\n\n - Buffer overflow in the Bluetooth HCI_ISO dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service\n via packet injection or crafted capture file (CVE-2021-39926)\n\n - NULL pointer exception in the IEEE 802.11 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows\n denial of service via packet injection or crafted capture file (CVE-2021-39928)\n\n - Uncontrolled Recursion in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17\n allows denial of service via packet injection or crafted capture file (CVE-2021-39929)\n\n - Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via\n packet injection or crafted capture file (CVE-2021-4181)\n\n - Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet\n injection or crafted capture file (CVE-2021-4182)\n\n - Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of\n service via packet injection or crafted capture file (CVE-2021-4184)\n\n - Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via\n packet injection or crafted capture file (CVE-2021-4185)\n\n - Crash in the Gryphon dissector in Wireshark 3.4.0 to 3.4.10 allows denial of service via packet injection\n or crafted capture file (CVE-2021-4186)\n\n - Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or\n crafted capture file (CVE-2021-4190)\n\n - Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of\n service via packet injection or crafted capture file (CVE-2022-0581)\n\n - Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows\n denial of service via packet injection or crafted capture file (CVE-2022-0582)\n\n - Crash in the PVFS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of\n service via packet injection or crafted capture file (CVE-2022-0583)\n\n - Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial\n of service via packet injection or crafted capture file (CVE-2022-0585)\n\n - Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of\n service via packet injection or crafted capture file (CVE-2022-0586)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2022/ALAS-2022-079.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-39920.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-39921.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-39922.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-39923.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-39924.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-39925.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-39926.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-39928.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-39929.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4181.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4182.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4184.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4185.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4186.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4190.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0581.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0582.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0583.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0585.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0586.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'dnf update --releasever=2022.0.20220518 wireshark' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0582\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:wireshark-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:wireshark-cli-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:wireshark-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2022\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nvar os_ver = os_ver[1];\nif (os_ver != \"-2022\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2022\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'wireshark-cli-3.6.2-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-cli-3.6.2-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-cli-3.6.2-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-cli-debuginfo-3.6.2-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-cli-debuginfo-3.6.2-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-cli-debuginfo-3.6.2-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-debugsource-3.6.2-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-debugsource-3.6.2-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-debugsource-3.6.2-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-devel-3.6.2-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-devel-3.6.2-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-devel-3.6.2-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark-cli / wireshark-cli-debuginfo / wireshark-debugsource / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-24T12:49:51", "description": "It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-226 advisory.\n\n - NULL pointer exception in the IPPUSB dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file (CVE-2021-39920)\n\n - NULL pointer exception in the Modbus dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file (CVE-2021-39921)\n\n - Buffer overflow in the C12.22 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file (CVE-2021-39922)\n\n - Large loop in the PNRP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file (CVE-2021-39923)\n\n - Large loop in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file (CVE-2021-39924)\n\n - Buffer overflow in the Bluetooth SDP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file (CVE-2021-39925)\n\n - Buffer overflow in the Bluetooth HCI_ISO dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file (CVE-2021-39926)\n\n - NULL pointer exception in the IEEE 802.11 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file (CVE-2021-39928)\n\n - Uncontrolled Recursion in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file (CVE-2021-39929)\n\n - Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file (CVE-2021-4181)\n\n - Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file (CVE-2021-4182)\n\n - Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file (CVE-2021-4184)\n\n - Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file (CVE-2021-4185)\n\n - Crash in the Gryphon dissector in Wireshark 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file (CVE-2021-4186)\n\n - Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or crafted capture file (CVE-2021-4190)\n\n - Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file (CVE-2022-0581)\n\n - Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file (CVE-2022-0582)\n\n - Crash in the PVFS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file (CVE-2022-0583)\n\n - Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial of service via packet injection or crafted capture file (CVE-2022-0585)\n\n - Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file (CVE-2022-0586)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-12-09T00:00:00", "type": "nessus", "title": "Amazon Linux 2022 : wireshark (ALAS2022-2022-226)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-39920", "CVE-2021-39921", "CVE-2021-39922", "CVE-2021-39923", "CVE-2021-39924", "CVE-2021-39925", "CVE-2021-39926", "CVE-2021-39928", "CVE-2021-39929", "CVE-2021-4181", "CVE-2021-4182", "CVE-2021-4184", "CVE-2021-4185", "CVE-2021-4186", "CVE-2021-4190", "CVE-2022-0581", "CVE-2022-0582", "CVE-2022-0583", "CVE-2022-0585", "CVE-2022-0586"], "modified": "2023-09-20T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:wireshark-cli", "p-cpe:/a:amazon:linux:wireshark-cli-debuginfo", "p-cpe:/a:amazon:linux:wireshark-debugsource", "p-cpe:/a:amazon:linux:wireshark-devel", "cpe:/o:amazon:linux:2022"], "id": "AL2022_ALAS2022-2022-226.NASL", "href": "https://www.tenable.com/plugins/nessus/168574", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2022 Security Advisory ALAS2022-2022-226.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(168574);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/20\");\n\n script_cve_id(\n \"CVE-2021-4181\",\n \"CVE-2021-4182\",\n \"CVE-2021-4184\",\n \"CVE-2021-4185\",\n \"CVE-2021-4186\",\n \"CVE-2021-4190\",\n \"CVE-2021-39920\",\n \"CVE-2021-39921\",\n \"CVE-2021-39922\",\n \"CVE-2021-39923\",\n \"CVE-2021-39924\",\n \"CVE-2021-39925\",\n \"CVE-2021-39926\",\n \"CVE-2021-39928\",\n \"CVE-2021-39929\",\n \"CVE-2022-0581\",\n \"CVE-2022-0582\",\n \"CVE-2022-0583\",\n \"CVE-2022-0585\",\n \"CVE-2022-0586\"\n );\n\n script_name(english:\"Amazon Linux 2022 : wireshark (ALAS2022-2022-226)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2022 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-226 advisory.\n\n - NULL pointer exception in the IPPUSB dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via\n packet injection or crafted capture file (CVE-2021-39920)\n\n - NULL pointer exception in the Modbus dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows\n denial of service via packet injection or crafted capture file (CVE-2021-39921)\n\n - Buffer overflow in the C12.22 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of\n service via packet injection or crafted capture file (CVE-2021-39922)\n\n - Large loop in the PNRP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service\n via packet injection or crafted capture file (CVE-2021-39923)\n\n - Large loop in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of\n service via packet injection or crafted capture file (CVE-2021-39924)\n\n - Buffer overflow in the Bluetooth SDP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows\n denial of service via packet injection or crafted capture file (CVE-2021-39925)\n\n - Buffer overflow in the Bluetooth HCI_ISO dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service\n via packet injection or crafted capture file (CVE-2021-39926)\n\n - NULL pointer exception in the IEEE 802.11 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows\n denial of service via packet injection or crafted capture file (CVE-2021-39928)\n\n - Uncontrolled Recursion in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17\n allows denial of service via packet injection or crafted capture file (CVE-2021-39929)\n\n - Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via\n packet injection or crafted capture file (CVE-2021-4181)\n\n - Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet\n injection or crafted capture file (CVE-2021-4182)\n\n - Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of\n service via packet injection or crafted capture file (CVE-2021-4184)\n\n - Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via\n packet injection or crafted capture file (CVE-2021-4185)\n\n - Crash in the Gryphon dissector in Wireshark 3.4.0 to 3.4.10 allows denial of service via packet injection\n or crafted capture file (CVE-2021-4186)\n\n - Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or\n crafted capture file (CVE-2021-4190)\n\n - Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of\n service via packet injection or crafted capture file (CVE-2022-0581)\n\n - Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows\n denial of service via packet injection or crafted capture file (CVE-2022-0582)\n\n - Crash in the PVFS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of\n service via packet injection or crafted capture file (CVE-2022-0583)\n\n - Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial\n of service via packet injection or crafted capture file (CVE-2022-0585)\n\n - Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of\n service via packet injection or crafted capture file (CVE-2022-0586)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2022/ALAS-2022-226.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-39920.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-39921.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-39922.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-39923.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-39924.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-39925.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-39926.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-39928.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-39929.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4181.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4182.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4184.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4185.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4186.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4190.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0581.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0582.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0583.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0585.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0586.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update wireshark' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0582\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/12/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/12/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:wireshark-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:wireshark-cli-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:wireshark-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2022\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"-2022\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2022\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'wireshark-cli-3.6.7-1.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-cli-3.6.7-1.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-cli-3.6.7-1.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-cli-debuginfo-3.6.7-1.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-cli-debuginfo-3.6.7-1.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-cli-debuginfo-3.6.7-1.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-debugsource-3.6.7-1.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-debugsource-3.6.7-1.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-debugsource-3.6.7-1.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-devel-3.6.7-1.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-devel-3.6.7-1.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-devel-3.6.7-1.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark-cli / wireshark-cli-debuginfo / wireshark-debugsource / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-24T12:57:28", "description": "It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-038 advisory.\n\n - NULL pointer exception in the IPPUSB dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file (CVE-2021-39920)\n\n - NULL pointer exception in the Modbus dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file (CVE-2021-39921)\n\n - Buffer overflow in the C12.22 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file (CVE-2021-39922)\n\n - Large loop in the PNRP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file (CVE-2021-39923)\n\n - Large loop in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file (CVE-2021-39924)\n\n - Buffer overflow in the Bluetooth SDP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file (CVE-2021-39925)\n\n - Buffer overflow in the Bluetooth HCI_ISO dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file (CVE-2021-39926)\n\n - NULL pointer exception in the IEEE 802.11 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file (CVE-2021-39928)\n\n - Uncontrolled Recursion in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file (CVE-2021-39929)\n\n - Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file (CVE-2021-4181)\n\n - Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file (CVE-2021-4182)\n\n - Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file (CVE-2021-4184)\n\n - Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file (CVE-2021-4185)\n\n - Crash in the Gryphon dissector in Wireshark 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file (CVE-2021-4186)\n\n - Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or crafted capture file (CVE-2021-4190)\n\n - Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file (CVE-2022-0581)\n\n - Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file (CVE-2022-0582)\n\n - Crash in the PVFS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file (CVE-2022-0583)\n\n - Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial of service via packet injection or crafted capture file (CVE-2022-0585)\n\n - Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file (CVE-2022-0586)\n\n - Infinite loop in the F5 Ethernet Trailer protocol dissector in Wireshark 3.6.0 to 3.6.7 and 3.4.0 to 3.4.15 allows denial of service via packet injection or crafted capture file (CVE-2022-3190)\n\n - Crash in the OPUS protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file (CVE-2022-3725)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-03-21T00:00:00", "type": "nessus", "title": "Amazon Linux 2023 : wireshark-cli, wireshark-devel (ALAS2023-2023-038)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-39920", "CVE-2021-39921", "CVE-2021-39922", "CVE-2021-39923", "CVE-2021-39924", "CVE-2021-39925", "CVE-2021-39926", "CVE-2021-39928", "CVE-2021-39929", "CVE-2021-4181", "CVE-2021-4182", "CVE-2021-4184", "CVE-2021-4185", "CVE-2021-4186", "CVE-2021-4190", "CVE-2022-0581", "CVE-2022-0582", "CVE-2022-0583", "CVE-2022-0585", "CVE-2022-0586", "CVE-2022-3190", "CVE-2022-3725"], "modified": "2023-04-21T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:wireshark-cli", "p-cpe:/a:amazon:linux:wireshark-cli-debuginfo", "p-cpe:/a:amazon:linux:wireshark-debugsource", "p-cpe:/a:amazon:linux:wireshark-devel", "cpe:/o:amazon:linux:2023"], "id": "AL2023_ALAS2023-2023-038.NASL", "href": "https://www.tenable.com/plugins/nessus/173123", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2023 Security Advisory ALAS2023-2023-038.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(173123);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/21\");\n\n script_cve_id(\n \"CVE-2021-4181\",\n \"CVE-2021-4182\",\n \"CVE-2021-4184\",\n \"CVE-2021-4185\",\n \"CVE-2021-4186\",\n \"CVE-2021-4190\",\n \"CVE-2021-39920\",\n \"CVE-2021-39921\",\n \"CVE-2021-39922\",\n \"CVE-2021-39923\",\n \"CVE-2021-39924\",\n \"CVE-2021-39925\",\n \"CVE-2021-39926\",\n \"CVE-2021-39928\",\n \"CVE-2021-39929\",\n \"CVE-2022-0581\",\n \"CVE-2022-0582\",\n \"CVE-2022-0583\",\n \"CVE-2022-0585\",\n \"CVE-2022-0586\",\n \"CVE-2022-3190\",\n \"CVE-2022-3725\"\n );\n\n script_name(english:\"Amazon Linux 2023 : wireshark-cli, wireshark-devel (ALAS2023-2023-038)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2023 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-038 advisory.\n\n - NULL pointer exception in the IPPUSB dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via\n packet injection or crafted capture file (CVE-2021-39920)\n\n - NULL pointer exception in the Modbus dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows\n denial of service via packet injection or crafted capture file (CVE-2021-39921)\n\n - Buffer overflow in the C12.22 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of\n service via packet injection or crafted capture file (CVE-2021-39922)\n\n - Large loop in the PNRP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service\n via packet injection or crafted capture file (CVE-2021-39923)\n\n - Large loop in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of\n service via packet injection or crafted capture file (CVE-2021-39924)\n\n - Buffer overflow in the Bluetooth SDP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows\n denial of service via packet injection or crafted capture file (CVE-2021-39925)\n\n - Buffer overflow in the Bluetooth HCI_ISO dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service\n via packet injection or crafted capture file (CVE-2021-39926)\n\n - NULL pointer exception in the IEEE 802.11 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows\n denial of service via packet injection or crafted capture file (CVE-2021-39928)\n\n - Uncontrolled Recursion in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17\n allows denial of service via packet injection or crafted capture file (CVE-2021-39929)\n\n - Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via\n packet injection or crafted capture file (CVE-2021-4181)\n\n - Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet\n injection or crafted capture file (CVE-2021-4182)\n\n - Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of\n service via packet injection or crafted capture file (CVE-2021-4184)\n\n - Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via\n packet injection or crafted capture file (CVE-2021-4185)\n\n - Crash in the Gryphon dissector in Wireshark 3.4.0 to 3.4.10 allows denial of service via packet injection\n or crafted capture file (CVE-2021-4186)\n\n - Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or\n crafted capture file (CVE-2021-4190)\n\n - Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of\n service via packet injection or crafted capture file (CVE-2022-0581)\n\n - Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows\n denial of service via packet injection or crafted capture file (CVE-2022-0582)\n\n - Crash in the PVFS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of\n service via packet injection or crafted capture file (CVE-2022-0583)\n\n - Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial\n of service via packet injection or crafted capture file (CVE-2022-0585)\n\n - Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of\n service via packet injection or crafted capture file (CVE-2022-0586)\n\n - Infinite loop in the F5 Ethernet Trailer protocol dissector in Wireshark 3.6.0 to 3.6.7 and 3.4.0 to\n 3.4.15 allows denial of service via packet injection or crafted capture file (CVE-2022-3190)\n\n - Crash in the OPUS protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet\n injection or crafted capture file (CVE-2022-3725)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2023/ALAS-2023-038.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-39920.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-39921.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-39922.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-39923.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-39924.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-39925.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-39926.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-39928.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-39929.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4181.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4182.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4184.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4185.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4186.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4190.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0581.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0582.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0583.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0585.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0586.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-3190.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-3725.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/faqs.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'dnf update wireshark --releasever=2023.0.20230222 ' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0582\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/02/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/03/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:wireshark-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:wireshark-cli-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:wireshark-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:wireshark-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2023\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"-2023\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2023\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'wireshark-cli-4.0.2-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-cli-4.0.2-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-cli-4.0.2-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-cli-debuginfo-4.0.2-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-cli-debuginfo-4.0.2-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-cli-debuginfo-4.0.2-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-debugsource-4.0.2-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-debugsource-4.0.2-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-debugsource-4.0.2-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-devel-4.0.2-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-devel-4.0.2-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wireshark-devel-4.0.2-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wireshark-cli / wireshark-cli-debuginfo / wireshark-debugsource / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}], "altlinux": [{"lastseen": "2023-05-07T11:49:28", "description": "Jan. 3, 2022 Anton Farygin 3.6.1-alt1\n \n \n - 3.6.1 (Fixes: CVE-2021-4185, CVE-2021-4184, CVE-2021-4183, CVE-2021-4182, CVE-2021-4181)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-01-03T00:00:00", "type": "altlinux", "title": "Security fix for the ALT Linux 9 package wireshark version 3.6.1-alt1", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4181", "CVE-2021-4182", "CVE-2021-4183", "CVE-2021-4184", "CVE-2021-4185"], "modified": "2022-01-03T00:00:00", "id": "242E5DE0ADBFA9E02D43846E48E8768C", "href": "https://packages.altlinux.org/en/p9/srpms/wireshark/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-05-10T03:22:42", "description": "3.6.1-alt1 built Jan. 20, 2022 Anton Farygin in task #293173\n\nJan. 3, 2022 Anton Farygin\n \n \n - 3.6.1 (Fixes: CVE-2021-4185, CVE-2021-4184, CVE-2021-4183, CVE-2021-4182, CVE-2021-4181)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-01-20T00:00:00", "type": "altlinux", "title": "Security fix for the ALT Linux 10 package wireshark version 3.6.1-alt1", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4181", "CVE-2021-4182", "CVE-2021-4183", "CVE-2021-4184", "CVE-2021-4185"], "modified": "2022-01-20T00:00:00", "id": "E5208013968233E94EE6AE58D18FABE8", "href": "https://packages.altlinux.org/en/p10/srpms/wireshark/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "mageia": [{"lastseen": "2023-05-23T16:24:17", "description": "Several wireshark vulnerabilities have been fixed. See the release notes for details. \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-01-03T07:36:40", "type": "mageia", "title": "Updated wireshark packages fix security vulnerability\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4181", "CVE-2021-4182", "CVE-2021-4184", "CVE-2021-4185", "CVE-2021-4186"], "modified": "2022-01-03T07:36:40", "id": "MGASA-2022-0004", "href": "https://advisories.mageia.org/MGASA-2022-0004.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "suse": [{"lastseen": "2022-04-18T12:39:45", "description": "An update that solves 6 vulnerabilities, contains one\n feature and has one errata is now available.\n\nDescription:\n\n This update for wireshark fixes the following issues:\n\n Update to version 3.6.1:\n\n - CVE-2021-4185: RTMPT dissector infinite loop (bsc#1194166)\n - CVE-2021-4184: BitTorrent DHT dissector infinite loop (bsc#1194167)\n - CVE-2021-4183: pcapng file parser crash (bsc#1194168)\n - CVE-2021-4182: RFC 7468 file parser infinite loop (bsc#1194169)\n - CVE-2021-4181: Sysdig Event dissector crash (bsc#1194170)\n - CVE-2021-4190: Kafka dissector infinite loop (bsc#1194171)\n - Support for Shared Memory Communications (SMC) (jsc#SLE-18727)\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.3:\n\n zypper in -t patch openSUSE-SLE-15.3-2022-375=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-02-14T00:00:00", "type": "suse", "title": "Security update for wireshark (moderate)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4181", "CVE-2021-4182", "CVE-2021-4183", "CVE-2021-4184", "CVE-2021-4185", "CVE-2021-4190"], "modified": "2022-02-14T00:00:00", "id": "OPENSUSE-SU-2022:0375-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JAOH336QWFQFZUXO5FOHF4P6VJNY7R4L/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "photon": [{"lastseen": "2022-05-12T18:38:02", "description": "Updates of ['wireshark'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-01-13T00:00:00", "type": "photon", "title": "Important Photon OS Security Update - PHSA-2022-0352", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4181", "CVE-2021-4182", "CVE-2021-4183", "CVE-2021-4184", "CVE-2021-4185", "CVE-2021-4190"], "modified": "2022-01-13T00:00:00", "id": "PHSA-2022-0352", "href": "https://github.com/vmware/photon/wiki/Security-Update-3.0-352", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-09-23T07:47:33", "description": "Updates of ['etcd-3.3.27', 'wireshark'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 3.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 7.7, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2022-01-17T00:00:00", "type": "photon", "title": "Important Photon OS Security Update - PHSA-2022-3.0-0352", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15113", "CVE-2020-15114", "CVE-2020-15115", "CVE-2020-15136", "CVE-2021-4181", "CVE-2021-4182", "CVE-2021-4183", "CVE-2021-4184", "CVE-2021-4185", "CVE-2021-4190"], "modified": "2022-01-17T00:00:00", "id": "PHSA-2022-3.0-0352", "href": "https://github.com/vmware/photon/wiki/Security-Update-3.0-352", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2022-05-12T18:53:26", "description": "Updates of ['systemd', 'linux-aws', 'linux-secure', 'aide', 'ImageMagick', 'linux-rt', 'linux', 'expat', 'linux-esx', 'cryptsetup', 'wireshark'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-22T00:00:00", "type": "photon", "title": "Critical Photon OS Security Update - PHSA-2022-0145", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-39212", "CVE-2021-3997", "CVE-2021-4122", "CVE-2021-4155", "CVE-2021-4181", "CVE-2021-4182", "CVE-2021-4183", "CVE-2021-4184", "CVE-2021-4185", "CVE-2021-4190", "CVE-2021-4204", "CVE-2021-45417", "CVE-2021-45960", "CVE-2021-46143", "CVE-2022-22822", "CVE-2022-22823", "CVE-2022-22824", "CVE-2022-22825", "CVE-2022-22826", "CVE-2022-22827", "CVE-2022-23222"], "modified": "2022-01-22T00:00:00", "id": "PHSA-2022-0145", "href": "https://github.com/vmware/photon/wiki/Security-Update-4.0-145", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-09-24T13:03:20", "description": "Updates of ['wireshark', 'linux-secure', 'systemd', 'linux-rt', 'cryptsetup', 'expat', 'linux', 'linux-aws', 'linux-esx', 'aide', 'ImageMagick'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-22T00:00:00", "type": "photon", "title": "Critical Photon OS Security Update - PHSA-2022-4.0-0145", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-39212", "CVE-2021-3997", "CVE-2021-4122", "CVE-2021-4155", "CVE-2021-4181", "CVE-2021-4182", "CVE-2021-4183", "CVE-2021-4184", "CVE-2021-4185", "CVE-2021-4190", "CVE-2021-4204", "CVE-2021-45417", "CVE-2021-45960", "CVE-2021-46143", "CVE-2022-22822", "CVE-2022-22823", "CVE-2022-22824", "CVE-2022-22825", "CVE-2022-22826", "CVE-2022-22827", "CVE-2022-23222"], "modified": "2022-01-22T00:00:00", "id": "PHSA-2022-4.0-0145", "href": "https://github.com/vmware/photon/wiki/Security-Update-4.0-145", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2023-05-23T16:36:18", "description": "Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless (WiFi or Bluetooth) networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful features including a rich display filter language and the ability to reassemble multiple protocol packets in order to, for example, view a complete TCP stream, save the contents of a file which was transferred over HTTP or CIFS, or play back an RTP audio stream. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-01-20T14:55:14", "type": "fedora", "title": "[SECURITY] Fedora 35 Update: wireshark-3.6.1-1.fc35", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4181", "CVE-2021-4182", "CVE-2021-4183", "CVE-2021-4184", "CVE-2021-4185", "CVE-2021-4186", "CVE-2021-4190"], "modified": "2022-01-20T14:55:14", "id": "FEDORA:538BB3108D82", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/Q6XGBKWSQFCVYUN4ZK3O3NJIFP3OAFVT/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-05-23T16:36:18", "description": "Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless (WiFi or Bluetooth) networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful features including a rich display filter language and the ability to reassemble multiple protocol packets in order to, for example, view a complete TCP stream, save the contents of a file which was transferred over HTTP or CIFS, or play back an RTP audio stream. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-01-20T08:34:44", "type": "fedora", "title": "[SECURITY] Fedora 34 Update: wireshark-3.6.1-1.fc34", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4181", "CVE-2021-4182", "CVE-2021-4183", "CVE-2021-4184", "CVE-2021-4185", "CVE-2021-4186", "CVE-2021-4190"], "modified": "2022-01-20T08:34:44", "id": "FEDORA:B573030E403A", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/R5AEK3XTOIOGCGUILUFISMGX54YJXWGJ/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "gentoo": [{"lastseen": "2023-06-17T16:42:01", "description": "### Background\n\nWireshark is a versatile network protocol analyzer.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Wireshark. Please review the CVE identifiers referenced below for details.\n\n### Impact\n\nPlease review the referenced CVE identifiers for details.\n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Wireshark users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-analyzer/wireshark-3.6.8\"", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-16T00:00:00", "type": "gentoo", "title": "Wireshark: Multiple Vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-22235", "CVE-2021-39920", "CVE-2021-39921", "CVE-2021-39922", "CVE-2021-39924", "CVE-2021-39925", "CVE-2021-39926", "CVE-2021-39928", "CVE-2021-39929", "CVE-2021-4181", "CVE-2021-4182", "CVE-2021-4183", "CVE-2021-4184", "CVE-2021-4185", "CVE-2021-4186", "CVE-2021-4190", "CVE-2022-0581", "CVE-2022-0582", "CVE-2022-0583", "CVE-2022-0585", "CVE-2022-0586"], "modified": "2022-10-16T00:00:00", "id": "GLSA-202210-04", "href": "https://security.gentoo.org/glsa/202210-04", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "oracle": [{"lastseen": "2023-09-23T08:08:31", "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches address vulnerabilities in Oracle code and in third-party components included in Oracle products. These patches are usually cumulative, but each advisory describes only the security patches added since the previous Critical Patch Update Advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security patches. Refer to [\u201cCritical Patch Updates, Security Alerts and Bulletins\u201d](<https://www.oracle.com/security-alerts/>) for information about Oracle Security advisories. \n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released security patches. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update security patches without delay.**\n\nThis Critical Patch Update contains 520 new security patches across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ April 2022 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/rs?type=doc&id=2857016.1>).\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-04-19T00:00:00", "type": "oracle", "title": "Oracle Critical Patch Update Advisory - April 2022", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000353", "CVE-2017-14159", "CVE-2017-17740", "CVE-2017-9287", "CVE-2018-1000067", "CVE-2018-1000068", "CVE-2018-1000192", "CVE-2018-1000193", "CVE-2018-1000194", "CVE-2018-1000195", "CVE-2018-11212", "CVE-2018-1285", "CVE-2018-1999001", "CVE-2018-1999002", "CVE-2018-1999003", "CVE-2018-1999004", "CVE-2018-1999005", "CVE-2018-1999007", "CVE-2018-2601", "CVE-2018-6356", "CVE-2018-8032", "CVE-2019-0227", "CVE-2019-1003049", "CVE-2019-1003050", "CVE-2019-10086", "CVE-2019-10247", "CVE-2019-10383", "CVE-2019-10384", "CVE-2019-12086", "CVE-2019-12399", "CVE-2019-12402", "CVE-2019-13038", "CVE-2019-13057", "CVE-2019-13565", "CVE-2019-13750", "CVE-2019-13751", "CVE-2019-14822", "CVE-2019-14862", "CVE-2019-16785", "CVE-2019-16786", "CVE-2019-16789", "CVE-2019-16792", "CVE-2019-17195", "CVE-2019-17571", "CVE-2019-18218", "CVE-2019-18276", "CVE-2019-19603", "CVE-2019-20388", "CVE-2019-20838", "CVE-2019-20916", "CVE-2019-3738", "CVE-2019-3739", "CVE-2019-3740", "CVE-2019-3799", "CVE-2019-5827", "CVE-2020-10531", "CVE-2020-10543", "CVE-2020-10693", "CVE-2020-10878", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-11080", "CVE-2020-11612", "CVE-2020-11971", "CVE-2020-11979", "CVE-2020-12243", "CVE-2020-12723", "CVE-2020-13434", "CVE-2020-13435", "CVE-2020-13935", "CVE-2020-13936", "CVE-2020-13956", "CVE-2020-14155", "CVE-2020-14340", "CVE-2020-14343", "CVE-2020-15250", "CVE-2020-15358", "CVE-2020-15719", "CVE-2020-16135", "CVE-2020-17521", "CVE-2020-17527", "CVE-2020-17530", "CVE-2020-1968", "CVE-2020-1971", "CVE-2020-24616", "CVE-2020-24750", "CVE-2020-24977", "CVE-2020-25638", "CVE-2020-25649", "CVE-2020-25659", "CVE-2020-27218", "CVE-2020-28052", "CVE-2020-28196", "CVE-2020-28895", "CVE-2020-29363", "CVE-2020-29582", "CVE-2020-35198", "CVE-2020-35490", "CVE-2020-35491", "CVE-2020-35728", "CVE-2020-36179", "CVE-2020-36180", "CVE-2020-36181", "CVE-2020-36182", "CVE-2020-36183", "CVE-2020-36184", "CVE-2020-36185", "CVE-2020-36186", "CVE-2020-36187", "CVE-2020-36188", "CVE-2020-36189", "CVE-2020-36242", "CVE-2020-36518", "CVE-2020-5245", "CVE-2020-5413", "CVE-2020-5421", "CVE-2020-6950", "CVE-2020-7226", "CVE-2020-7595", "CVE-2020-7760", "CVE-2020-8172", "CVE-2020-8174", "CVE-2020-8203", "CVE-2020-8231", "CVE-2020-8277", "CVE-2020-8284", "CVE-2020-8285", "CVE-2020-8286", "CVE-2020-8554", "CVE-2020-8908", "CVE-2020-9488", "CVE-2021-20231", "CVE-2021-20232", "CVE-2021-20289", "CVE-2021-21275", "CVE-2021-21290", "CVE-2021-21295", "CVE-2021-21409", "CVE-2021-21703", "CVE-2021-22096", "CVE-2021-22118", "CVE-2021-22132", "CVE-2021-22134", "CVE-2021-22144", "CVE-2021-22145", "CVE-2021-22569", "CVE-2021-22570", "CVE-2021-22696", "CVE-2021-22897", "CVE-2021-22898", "CVE-2021-22901", "CVE-2021-22946", "CVE-2021-22947", "CVE-2021-23017", "CVE-2021-23450", "CVE-2021-2351", "CVE-2021-23839", "CVE-2021-23840", "CVE-2021-23841", "CVE-2021-2427", "CVE-2021-2464", "CVE-2021-2471", "CVE-2021-25219", "CVE-2021-26291", "CVE-2021-27568", "CVE-2021-27645", "CVE-2021-27807", "CVE-2021-27906", "CVE-2021-28168", "CVE-2021-28169", "CVE-2021-28170", "CVE-2021-28657", "CVE-2021-29425", "CVE-2021-29505", "CVE-2021-29921", "CVE-2021-30129", "CVE-2021-30468", "CVE-2021-3156", "CVE-2021-31799", "CVE-2021-31810", "CVE-2021-31811", "CVE-2021-31812", "CVE-2021-3200", "CVE-2021-32066", "CVE-2021-32626", "CVE-2021-32627", "CVE-2021-32628", "CVE-2021-32672", "CVE-2021-32675", "CVE-2021-32687", "CVE-2021-32762", "CVE-2021-32785", "CVE-2021-32786", "CVE-2021-32791", "CVE-2021-32792", "CVE-2021-33037", "CVE-2021-33193", "CVE-2021-33560", "CVE-2021-33574", "CVE-2021-33813", "CVE-2021-33880", "CVE-2021-34429", "CVE-2021-3445", "CVE-2021-3449", "CVE-2021-3450", "CVE-2021-34798", "CVE-2021-35043", "CVE-2021-3517", "CVE-2021-3518", "CVE-2021-3520", "CVE-2021-3521", "CVE-2021-3537", "CVE-2021-35515", "CVE-2021-35516", "CVE-2021-35517", "CVE-2021-35574", "CVE-2021-3572", "CVE-2021-3580", "CVE-2021-35942", "CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087", "CVE-2021-36090", "CVE-2021-36160", "CVE-2021-36373", "CVE-2021-36374", "CVE-2021-3690", "CVE-2021-3711", "CVE-2021-3712", "CVE-2021-37136", "CVE-2021-37137", "CVE-2021-37714", "CVE-2021-3807", "CVE-2021-38153", "CVE-2021-39139", "CVE-2021-39140", "CVE-2021-39141", "CVE-2021-39144", "CVE-2021-39145", "CVE-2021-39146", "CVE-2021-39147", "CVE-2021-39148", "CVE-2021-39149", "CVE-2021-39150", "CVE-2021-39151", "CVE-2021-39152", "CVE-2021-39153", "CVE-2021-39154", "CVE-2021-39275", "CVE-2021-4034", "CVE-2021-40438", "CVE-2021-40690", "CVE-2021-4104", "CVE-2021-41099", "CVE-2021-41164", "CVE-2021-41165", "CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184", "CVE-2021-4160", "CVE-2021-41617", "CVE-2021-4181", "CVE-2021-4182", "CVE-2021-4183", "CVE-2021-4184", "CVE-2021-4185", "CVE-2021-41973", "CVE-2021-42013", "CVE-2021-42340", "CVE-2021-42392", "CVE-2021-42717", "CVE-2021-43395", "CVE-2021-43527", "CVE-2021-43797", "CVE-2021-43818", "CVE-2021-43859", "CVE-2021-44224", "CVE-2021-44531", "CVE-2021-44532", "CVE-2021-44533", "CVE-2021-44790", "CVE-2021-44832", "CVE-2021-45105", "CVE-2022-0391", "CVE-2022-0778", "CVE-2022-20612", "CVE-2022-20613", "CVE-2022-20614", "CVE-2022-20615", "CVE-2022-21271", "CVE-2022-21375", "CVE-2022-21384", "CVE-2022-21404", "CVE-2022-21405", "CVE-2022-21409", "CVE-2022-21410", "CVE-2022-21411", "CVE-2022-21412", "CVE-2022-21413", "CVE-2022-21414", "CVE-2022-21415", "CVE-2022-21416", "CVE-2022-21417", "CVE-2022-21418", "CVE-2022-21419", "CVE-2022-21420", "CVE-2022-21421", "CVE-2022-21422", "CVE-2022-21423", "CVE-2022-21424", "CVE-2022-21425", "CVE-2022-21426", "CVE-2022-21427", "CVE-2022-21430", "CVE-2022-21431", "CVE-2022-21434", "CVE-2022-21435", "CVE-2022-21436", "CVE-2022-21437", "CVE-2022-21438", "CVE-2022-21440", "CVE-2022-21441", "CVE-2022-21442", "CVE-2022-21443", "CVE-2022-21444", "CVE-2022-21445", "CVE-2022-21446", "CVE-2022-21447", "CVE-2022-21448", "CVE-2022-21449", "CVE-2022-21450", "CVE-2022-21451", "CVE-2022-21452", "CVE-2022-21453", "CVE-2022-21454", "CVE-2022-21457", "CVE-2022-21458", "CVE-2022-21459", "CVE-2022-21460", "CVE-2022-21461", "CVE-2022-21462", "CVE-2022-21463", "CVE-2022-21464", "CVE-2022-21465", "CVE-2022-21466", "CVE-2022-21467", "CVE-2022-21468", "CVE-2022-21469", "CVE-2022-21470", "CVE-2022-21471", "CVE-2022-21472", "CVE-2022-21473", "CVE-2022-21474", "CVE-2022-21475", "CVE-2022-21476", "CVE-2022-21477", "CVE-2022-21478", "CVE-2022-21479", "CVE-2022-21480", "CVE-2022-21481", "CVE-2022-21482", "CVE-2022-21483", "CVE-2022-21484", "CVE-2022-21485", "CVE-2022-21486", "CVE-2022-21487", "CVE-2022-21488", "CVE-2022-21489", "CVE-2022-21490", "CVE-2022-21491", "CVE-2022-21492", "CVE-2022-21493", "CVE-2022-21494", "CVE-2022-21496", "CVE-2022-21497", "CVE-2022-21498", "CVE-2022-21716", "CVE-2022-21824", "CVE-2022-22719", "CVE-2022-22720", "CVE-2022-22721", "CVE-2022-22947", "CVE-2022-22963", "CVE-2022-22965", "CVE-2022-22968", "CVE-2022-23181", "CVE-2022-23221", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307", "CVE-2022-23437", "CVE-2022-23852", "CVE-2022-23943", "CVE-2022-23990", "CVE-2022-24329", "CVE-2022-25235", "CVE-2022-25236", "CVE-2022-25313", "CVE-2022-25314", "CVE-2022-25315"], "modified": "2022-06-16T00:00:00", "id": "ORACLE:CPUAPR2022", "href": "https://www.oracle.com/security-alerts/cpuapr2022.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}