This script is Copyright (C) 2016 Tenable Network Security, Inc.
The remote openSUSE host is missing a security update.
Wireshark was updated to 1.12.10, fixing a number issues in protocol
dissectors that could have allowed a remote attacker to crash
Wireshark or cause excessive CPU usage through specially crafted
packages inserted into the network or a capture file, specifically :
- CVE-2016-2523: DNP dissector infinite loop
- CVE-2016-2530: RSL dissector crash (wnpa-sec-2016-10)
- CVE-2016-2531: RSL dissector crash (wnpa-sec-2016-10)
- CVE-2016-2532: LLRP dissector crash (wnpa-sec-2016-11)
- GSM A-bis OML dissector crash (wnpa-sec-2016-14)
- ASN.1 BER dissector crash (wnpa-sec-2016-15)
- ASN.1 BER dissector crash (wnpa-sec-2016-18)
Further bug fixes and updated protocol support as listed in:
The following non-security bugs were fixed :
- boo#961170: Recommend wireshark-ui instead of requiring
it to support text-only used
See also :
Update the affected wireshark packages.
Risk factor :
High / CVSS Base Score : 7.1