Wireshark 1.6.x < 1.6.12 Multiple Vulnerabilities

This script is Copyright (C) 2012-2013 Tenable Network Security, Inc.


Synopsis :

The remote Windows host contains an application that is affected by
multiple vulnerabilities.

Description :

The installed version of Wireshark 1.6 is earlier than 1.6.12. It is,
therefore, affected by the following vulnerabilities :

- Errors exist related to the USB, ICMPv6, iSCSI, WTP,
and RTCP dissectors that could allow denial of service
attacks by putting the application into an infinite
loop. (Bug 7787, 7844, 7858, 7869, 7879)

- An error exists in the ISAKMP dissector that could allow
a malformed packet to crash the application. (Bug 7855)

See also :

http://www.wireshark.org/security/wnpa-sec-2012-31.html
http://www.wireshark.org/security/wnpa-sec-2012-35.html
http://www.wireshark.org/security/wnpa-sec-2012-36.html
http://www.wireshark.org/security/wnpa-sec-2012-37.html
http://www.wireshark.org/security/wnpa-sec-2012-38.html
http://www.wireshark.org/security/wnpa-sec-2012-40.html
http://www.wireshark.org/docs/relnotes/wireshark-1.6.12.html

Solution :

Upgrade to Wireshark version 1.6.12 or later.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 3.7
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 63095 ()

Bugtraq ID: 56729

CVE ID: CVE-2012-6053
CVE-2012-6058
CVE-2012-6059
CVE-2012-6060
CVE-2012-6061
CVE-2012-6062

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now