This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
Multiple buffer overflow flaws were found in Wireshark. If Wireshark
read a malformed packet off a network, it could crash or, possibly,
execute arbitrary code as the user running Wireshark. (CVE-2008-3146)
Several denial of service flaws were found in Wireshark. Wireshark
could crash or stop responding if it read a malformed packet off a
network, or opened a malformed dump file. (CVE-2008-1070,
CVE-2008-1071, CVE-2008-1072, CVE-2008-1561, CVE-2008-1562,
CVE-2008-1563, CVE-2008-3137, CVE-2008-3138, CVE-2008-3141,
CVE-2008-3145, CVE-2008-3932, CVE-2008-3933, CVE-2008-3934)
Additionally, this update changes the default Pluggable Authentication
Modules (PAM) configuration to always prompt for the root password
before each start of Wireshark. This avoids unintentionally running
Wireshark with root privileges.
See also :
Update the affected wireshark and / or wireshark-gnome packages.
Risk factor :
Critical / CVSS Base Score : 10.0
Public Exploit Available : true
Family: Scientific Linux Local Security Checks
Nessus Plugin ID: 60479 ()
CVE ID: CVE-2008-1070CVE-2008-1071CVE-2008-1072CVE-2008-1561CVE-2008-1562CVE-2008-1563CVE-2008-3137CVE-2008-3138CVE-2008-3141CVE-2008-3145CVE-2008-3146CVE-2008-3932CVE-2008-3933CVE-2008-3934
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.