This script is Copyright (C) 2012-2013 Tenable Network Security, Inc.
The remote Windows host contains an application that is affected by
The installed version of Wireshark is 1.8.x before 1.8.2. This
version is affected by the following vulnerabilities :
- The 'DCP ETSI' dissector and 'pcap-ng' parser can
attempt a divide by zero operation leading to an
application crash. (CVE-2012-4285, CVE-2012-4286)
- The 'MongoDB', 'XTP', 'AFP', and 'CTDB' dissectors can
be caused to large or infinite loops. (CVE-2012-4287,
CVE-2012-4288, CVE-2012-4289, CVE-2012-4290)
- The 'CIP' dissector can be caused to exhaust system
- The 'STUN' dissector can be caused to crash.
- The 'EtherCAT Mailbox' dissector can be caused to
- A buffer overflow exists related to the 'ERF', 'RTPS2'
and 'GSM RLC MAC' dissectors. (CVE-2012-4294,
CVE-2012-4295, CVE-2012-4296, CVE-2012-4297)
- A file parsing error related to 'Ixia IxVeriWave'
processing can allow a buffer overflow. (CVE-2012-4298)
See also :
Upgrade to Wireshark version 1.8.2 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.1
Public Exploit Available : false
Nessus Plugin ID: 61573 ()
Bugtraq ID: 55035
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now