openSUSE Security Update : wireshark (openSUSE-2016-737)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

This update for wireshark fixes an number of security issues.

Issues in protocol dissectors could have allowed a remote attacker to
crash Wireshark or cause excessive CPU usage through specially crafted
packages inserted into the network or a capture file.

- CVE-2016-5350: The SPOOLS dissector could go into an
infinite loop

- CVE-2016-5351: The IEEE 802.11 dissector could crash

- CVE-2016-5353: The UMTS FP dissector could crash

- CVE-2016-5354: Some USB dissectors could crash

- CVE-2016-5355: The Toshiba file parser could crash

- CVE-2016-5356: The CoSine file parser could crash

- CVE-2016-5357: The NetScreen file parser could crash

- CVE-2016-5358: The Ethernet dissector could crash

See also :

https://bugzilla.opensuse.org/show_bug.cgi?id=983671

Solution :

Update the affected wireshark packages.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P)

Family: SuSE Local Security Checks

Nessus Plugin ID: 91705 ()

Bugtraq ID:

CVE ID: CVE-2016-5350
CVE-2016-5351
CVE-2016-5353
CVE-2016-5354
CVE-2016-5355
CVE-2016-5356
CVE-2016-5357
CVE-2016-5358

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now