openSUSE Security Update : wireshark (openSUSE-2020-362)

high Nessus Plugin ID 134755

Language:

New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for wireshark and libmaxminddb fixes the following issues :

Update wireshark to new major version 3.2.2 and introduce libmaxminddb for GeoIP support (bsc#1156288).

New features include :

- Added support for 111 new protocols, including WireGuard, LoRaWAN, TPM 2.0, 802.11ax and QUIC

- Improved support for existing protocols, like HTTP/2

- Improved analytics and usability functionalities

This update was imported from the SUSE:SLE-15:Update update project.

Solution

Update the affected wireshark packages.

See Also

https://bugzilla.opensuse.org/show_bug.cgi?id=1101776

https://bugzilla.opensuse.org/show_bug.cgi?id=1101777

https://bugzilla.opensuse.org/show_bug.cgi?id=1101786

https://bugzilla.opensuse.org/show_bug.cgi?id=1101788

https://bugzilla.opensuse.org/show_bug.cgi?id=1101791

https://bugzilla.opensuse.org/show_bug.cgi?id=1101794

https://bugzilla.opensuse.org/show_bug.cgi?id=1101800

https://bugzilla.opensuse.org/show_bug.cgi?id=1101802

https://bugzilla.opensuse.org/show_bug.cgi?id=1101804

https://bugzilla.opensuse.org/show_bug.cgi?id=1101810

https://bugzilla.opensuse.org/show_bug.cgi?id=1111647

https://bugzilla.opensuse.org/show_bug.cgi?id=1094301

https://bugzilla.opensuse.org/show_bug.cgi?id=1121232

https://bugzilla.opensuse.org/show_bug.cgi?id=1121233

https://bugzilla.opensuse.org/show_bug.cgi?id=1121234

https://bugzilla.opensuse.org/show_bug.cgi?id=1121235

https://bugzilla.opensuse.org/show_bug.cgi?id=1106514

https://bugzilla.opensuse.org/show_bug.cgi?id=1117740

https://bugzilla.opensuse.org/show_bug.cgi?id=1127367

https://bugzilla.opensuse.org/show_bug.cgi?id=1127369

https://bugzilla.opensuse.org/show_bug.cgi?id=1127370

https://bugzilla.opensuse.org/show_bug.cgi?id=1136021

https://bugzilla.opensuse.org/show_bug.cgi?id=1141980

https://bugzilla.opensuse.org/show_bug.cgi?id=1131945

https://bugzilla.opensuse.org/show_bug.cgi?id=1093733

https://bugzilla.opensuse.org/show_bug.cgi?id=1121231

https://bugzilla.opensuse.org/show_bug.cgi?id=1131941

https://bugzilla.opensuse.org/show_bug.cgi?id=1150690

https://bugzilla.opensuse.org/show_bug.cgi?id=1156288

https://bugzilla.opensuse.org/show_bug.cgi?id=1158505

https://bugzilla.opensuse.org/show_bug.cgi?id=1161052

https://bugzilla.opensuse.org/show_bug.cgi?id=1165241

https://bugzilla.opensuse.org/show_bug.cgi?id=1165710

https://bugzilla.opensuse.org/show_bug.cgi?id=957624

Plugin Details

Severity: High

ID: 134755

File Name: openSUSE-2020-362.nasl

Version: 1.2

Type: local

Agent: unix

Published: 3/20/2020

Updated: 3/24/2020

Dependencies: ssh_get_info.nasl

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: cpe:2.3:o:novell:opensuse:15.1:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:wireshark:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:wireshark-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:wireshark-debugsource:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:wireshark-devel:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:wireshark-ui-qt:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:wireshark-ui-qt-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libmaxminddb-debugsource:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libmaxminddb-devel:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libmaxminddb0:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libmaxminddb0-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libmaxminddb0-32bit-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libmaxminddb0-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libspandsp2:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libspandsp2-32bit:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libspandsp2-32bit-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libspandsp2-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libwireshark13:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libwireshark13-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libwiretap10:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libwiretap10-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libwsutil11:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:libwsutil11-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:mmdblookup:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:mmdblookup-debuginfo:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:spandsp-debugsource:*:*:*:*:*:*:*, p-cpe:2.3:a:novell:opensuse:spandsp-devel:*:*:*:*:*:*:*

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 3/19/2020

Vulnerability Publication Date: 5/22/2018

Reference Information

CVE: CVE-2018-11354, CVE-2018-11355, CVE-2018-11356, CVE-2018-11357, CVE-2018-11358, CVE-2018-11359, CVE-2018-11360, CVE-2018-11361, CVE-2018-11362, CVE-2018-14339, CVE-2018-14340, CVE-2018-14341, CVE-2018-14342, CVE-2018-14343, CVE-2018-14344, CVE-2018-14367, CVE-2018-14368, CVE-2018-14369, CVE-2018-14370, CVE-2018-16056, CVE-2018-16057, CVE-2018-16058, CVE-2018-12086, CVE-2018-18227, CVE-2018-19622, CVE-2018-19623, CVE-2018-19624, CVE-2018-19625, CVE-2018-19626, CVE-2018-19627, CVE-2019-5717, CVE-2019-5718, CVE-2019-5719, CVE-2019-5721, CVE-2019-9208, CVE-2019-9209, CVE-2019-9214, CVE-2019-10894, CVE-2019-10895, CVE-2019-10896, CVE-2019-10899, CVE-2019-10901, CVE-2019-10903, CVE-2019-13619, CVE-2019-16319, CVE-2018-18225, CVE-2018-18226, CVE-2018-19628, CVE-2019-5716, CVE-2019-10897, CVE-2019-10898, CVE-2019-10900, CVE-2019-10902, CVE-2019-19553, CVE-2020-7044, CVE-2020-9429, CVE-2020-9428, CVE-2020-9431, CVE-2020-9430