SuSE 11.2 / 11.3 Security Update : wireshark (SAT Patch Numbers 8318 / 8319)

high Nessus Plugin ID 69893

Synopsis

The remote SuSE 11 host is missing a security update.

Description

This wireshark version update from 1.8.8 to 1.8.9 includes several security and general bug fixes. (bnc#831718)

http://www.wireshark.org/docs/relnotes/wireshark-1.8.9.html

- The Bluetooth SDP dissector could go into a large loop CVE-2013-4927 wnpa-sec-2013-45

- The DIS dissector could go into a large loop CVE-2013-4929 wnpa-sec-2013-47

- The DVB-CI dissector could crash CVE-2013-4930 wnpa-sec-2013-48

- The GSM RR dissector (and possibly others) could go into a large loop CVE-2013-4931 wnpa-sec-2013-49

- The GSM A Common dissector could crash CVE-2013-4932 wnpa-sec-2013-50

- The Netmon file parser could crash CVE-2013-4933 / CVE-2013-4934 wnpa-sec-2013-51

- The ASN.1 PER dissector could crash CVE-2013-4935 wnpa-sec-2013-52 The release also fixes various non-security issues. Please see the package changelog for details.

Solution

Apply SAT patch number 8318 / 8319 as appropriate.

See Also

https://bugzilla.novell.com/show_bug.cgi?id=831718

http://support.novell.com/security/cve/CVE-2013-4927.html

http://support.novell.com/security/cve/CVE-2013-4929.html

http://support.novell.com/security/cve/CVE-2013-4930.html

http://support.novell.com/security/cve/CVE-2013-4931.html

http://support.novell.com/security/cve/CVE-2013-4932.html

http://support.novell.com/security/cve/CVE-2013-4933.html

http://support.novell.com/security/cve/CVE-2013-4934.html

http://support.novell.com/security/cve/CVE-2013-4935.html

Plugin Details

Severity: High

ID: 69893

File Name: suse_11_wireshark-130812.nasl

Version: 1.7

Type: local

Agent: unix

Published: 9/14/2013

Updated: 1/19/2021

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: High

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:11:wireshark, cpe:/o:novell:suse_linux:11

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 8/12/2013

Reference Information

CVE: CVE-2013-4927, CVE-2013-4929, CVE-2013-4930, CVE-2013-4931, CVE-2013-4932, CVE-2013-4933, CVE-2013-4934, CVE-2013-4935