This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.
The remote Gentoo host is missing one or more security-related
The remote host is affected by the vulnerability described in GLSA-200909-16
(Wireshark: Denial of Service)
Multiple vulnerabilities were discovered in Wireshark:
buffer overflow in the IPMI dissector related to an array index error
Multiple unspecified vulnerabilities in the
Bluetooth L2CAP, RADIUS, and MIOP dissectors (CVE-2009-2560).
An unspecified vulnerability in the sFlow dissector
An unspecified vulnerability in the AFS
An unspecified vulnerability in the
Infiniband dissector when running on unspecified platforms
A remote attacker could exploit these vulnerabilities by sending
specially crafted packets on a network being monitored by Wireshark or
by enticing a user to read a malformed packet trace file to cause a
Denial of Service.
There is no known workaround at this time.
See also :
All Wireshark users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=net-analyzer/wireshark-1.2.1'
Risk factor :
High / CVSS Base Score : 7.1
CVSS Temporal Score : 6.2
Public Exploit Available : false
Family: Gentoo Local Security Checks
Nessus Plugin ID: 40963 (gentoo_GLSA-200909-16.nasl)
Bugtraq ID: 35748
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now