Fedora 13 : wireshark-1.2.15-1.fc13 (2011-2620)

This script is Copyright (C) 2011-2015 Tenable Network Security, Inc.


Synopsis :

The remote Fedora host is missing a security update.

Description :

Several security bugs were fixed in this release :

- CVE-2011-0538: memory corruption when reading a
malformed pcap file

- CVE-2010-3445: stack overflow in BER dissector

- CVE-2011-1143: NULL pointer dereference causing
application crash when reading malformed pcap file

- CVE-2011-1140: Multiple stack consumption
vulnerabilities caused DoS via crafted SMB or CLDAP
packet

- CVE-2011-1141: Malformed LDAP filter string causes
Denial of Service via excessive memory consumption

- CVE-2011-1138: Off-by-one error in the
dissect_6lowpan_iphc function causes application crash
(Denial Of Service)

- CVE-2011-1139: Denial Of Service (application crash)
via a pcap-ng file that contains a large packet-length
field

- CVE-2011-0713: heap-based buffer overflow when reading
malformed Nokia DCT3 phone signaling traces

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

https://bugzilla.redhat.com/show_bug.cgi?id=639486
https://bugzilla.redhat.com/show_bug.cgi?id=676232
https://bugzilla.redhat.com/show_bug.cgi?id=678198
https://bugzilla.redhat.com/show_bug.cgi?id=681748
https://bugzilla.redhat.com/show_bug.cgi?id=681753
https://bugzilla.redhat.com/show_bug.cgi?id=681754
https://bugzilla.redhat.com/show_bug.cgi?id=681756
https://bugzilla.redhat.com/show_bug.cgi?id=681760
http://www.nessus.org/u?1bf89204

Solution :

Update the affected wireshark package.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)

Family: Fedora Local Security Checks

Nessus Plugin ID: 52640 ()

Bugtraq ID:

CVE ID: CVE-2010-3445
CVE-2011-0538
CVE-2011-0713
CVE-2011-1138
CVE-2011-1139
CVE-2011-1140
CVE-2011-1141
CVE-2011-1143

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now