Detections
Analytics
SuSE 10 Security Update : wireshark (ZYPP Patch Number 8500)
high Nessus Plugin ID 66255
Language:
Synopsis
The remote SuSE 10 host is missing a security-related patch.Description
wireshark has been updated to 1.6.14 to fix bugs and security issues :Vulnerabilities fixed :
- The sFlow dissector could go into an infinite loop.
wnpa-sec-2012-32 CVE-2012-6054: * The SCTP dissector could go into an infinite loop. wnpa-sec-2012-33 CVE-2012-6056: * The MS-MMS dissector could crash.
wnpa-sec-2013-13 CVE-2013-2478
- The RTPS and RTPS2 dissectors could crash.
wnpa-sec-2013-15 CVE-2013-2480: * The Mount dissector could crash. wnpa-sec-2013-16 CVE-2013-2481
- The AMPQ dissector could go into an infinite loop.
wnpa-sec-2013-17 CVE-2013-2482: * The ACN dissector could attempt to divide by zero. wnpa-sec-2013-18 CVE-2013-2483: * The CIMD dissector could crash.
wnpa-sec-2013-19 CVE-2013-2484
- The FCSP dissector could go into an infinite loop.
wnpa-sec-2013-20 CVE-2013-2485: * The DTLS dissector could crash. wnpa-sec-2013-22 CVE-2013-2488
Further bug fixes and updated protocol support are listed in :
http://www.wireshark.org/docs/relnotes/wireshark-1.6.14.html
Solution
Apply ZYPP patch number 8500.See Also
http://support.novell.com/security/cve/CVE-2012-6054.html
http://support.novell.com/security/cve/CVE-2012-6056.html
http://support.novell.com/security/cve/CVE-2013-2475.html
http://support.novell.com/security/cve/CVE-2013-2476.html
http://support.novell.com/security/cve/CVE-2013-2477.html
http://support.novell.com/security/cve/CVE-2013-2478.html
http://support.novell.com/security/cve/CVE-2013-2479.html
http://support.novell.com/security/cve/CVE-2013-2480.html
http://support.novell.com/security/cve/CVE-2013-2481.html
http://support.novell.com/security/cve/CVE-2013-2482.html
http://support.novell.com/security/cve/CVE-2013-2483.html
http://support.novell.com/security/cve/CVE-2013-2484.html
http://support.novell.com/security/cve/CVE-2013-2485.html
http://support.novell.com/security/cve/CVE-2013-2486.html
Plugin Details
Severity: High
ID: 66255
File Name: suse_wireshark-8500.nasl
Version: 1.6
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 4/29/2013
Updated: 1/19/2021
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Low
Score: 3.6
CVSS v2
Risk Factor: High
Base Score: 7.8
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C
Vulnerability Information
CPE: cpe:/o:suse:suse_linux
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Patch Publication Date: 3/13/2013
Vulnerability Publication Date: 12/5/2012
Reference Information
CVE: CVE-2012-6054, CVE-2012-6056, CVE-2013-2475, CVE-2013-2476, CVE-2013-2477, CVE-2013-2478, CVE-2013-2479, CVE-2013-2480, CVE-2013-2481, CVE-2013-2482, CVE-2013-2483, CVE-2013-2484, CVE-2013-2485, CVE-2013-2486, CVE-2013-2487, CVE-2013-2488