FreeBSD : Wireshark -- Multiple vulnerabilities (3ebb2dc8-4609-11e1-9f47-00e0815b8da8)

This script is Copyright (C) 2012-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

Wireshark reports :

Laurent Butti discovered that Wireshark failed to properly check
record sizes for many packet capture file formats

Wireshark could dereference a NULL pointer and crash.

The RLC dissector could overflow a buffer.

See also :

http://www.wireshark.org/security/wnpa-sec-2012-01.html
http://www.wireshark.org/security/wnpa-sec-2012-02.html
http://www.wireshark.org/security/wnpa-sec-2012-03.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6663
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6666
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6667
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6668
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6669
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6670
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6634
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6391
http://www.nessus.org/u?776d97f8

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 57646 ()

Bugtraq ID:

CVE ID: CVE-2012-0041
CVE-2012-0066
CVE-2012-0067
CVE-2012-0068

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now