RHEL 2.1 / 3 / 4 : wireshark (RHSA-2006:0726)

This script is Copyright (C) 2006-2014 Tenable Network Security, Inc.


Synopsis :

The remote Red Hat host is missing one or more security updates.

Description :

New Wireshark packages that fix various security vulnerabilities are
now available.

This update has been rated as having moderate security impact by the
Red Hat Security Response Team.

Wireshark is a program for monitoring network traffic.

Several flaws were found in Wireshark's HTTP, WBXML, LDAP, and XOT
protocol dissectors. Wireshark could crash or stop responding if it
read a malformed packet off the network. (CVE-2006-4805,
CVE-2006-5468, CVE-2006-5469, CVE-2006-5740)

A single NULL byte heap based buffer overflow was found in Wireshark's
MIME Multipart dissector. Wireshark could crash or possibly execute
arbitrary arbitrary code as the user running Wireshark.
(CVE-2006-4574)

Users of Wireshark should upgrade to these updated packages containing
Wireshark version 0.99.4, which is not vulnerable to these issues.

See also :

https://www.redhat.com/security/data/cve/CVE-2006-4574.html
https://www.redhat.com/security/data/cve/CVE-2006-4805.html
https://www.redhat.com/security/data/cve/CVE-2006-5468.html
https://www.redhat.com/security/data/cve/CVE-2006-5469.html
https://www.redhat.com/security/data/cve/CVE-2006-5740.html
http://rhn.redhat.com/errata/RHSA-2006-0726.html

Solution :

Update the affected wireshark and / or wireshark-gnome packages.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)

Family: Red Hat Local Security Checks

Nessus Plugin ID: 23677 ()

Bugtraq ID:

CVE ID: CVE-2006-4574
CVE-2006-4805
CVE-2006-5468
CVE-2006-5469
CVE-2006-5740