openSUSE Security Update : wireshark (openSUSE-2020-362)

high Nessus Plugin ID 134755

Language:

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for wireshark and libmaxminddb fixes the following issues :

Update wireshark to new major version 3.2.2 and introduce libmaxminddb for GeoIP support (bsc#1156288).

New features include :

- Added support for 111 new protocols, including WireGuard, LoRaWAN, TPM 2.0, 802.11ax and QUIC

- Improved support for existing protocols, like HTTP/2

- Improved analytics and usability functionalities

This update was imported from the SUSE:SLE-15:Update update project.

Solution

Update the affected wireshark packages.

Plugin Details

Severity: High

ID: 134755

File Name: openSUSE-2020-362.nasl

Version: 1.3

Type: local

Agent: unix

Family: SuSE Local Security Checks

Published: 3/20/2020

Updated: 3/21/2024

Supported Sensors: Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS Score Source: CVE-2019-16319

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2020-9431

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:libmaxminddb-debugsource, p-cpe:/a:novell:opensuse:libmaxminddb-devel, p-cpe:/a:novell:opensuse:libmaxminddb0, p-cpe:/a:novell:opensuse:libmaxminddb0-32bit, p-cpe:/a:novell:opensuse:libmaxminddb0-32bit-debuginfo, p-cpe:/a:novell:opensuse:libmaxminddb0-debuginfo, p-cpe:/a:novell:opensuse:libspandsp2, p-cpe:/a:novell:opensuse:libspandsp2-32bit, p-cpe:/a:novell:opensuse:libspandsp2-32bit-debuginfo, p-cpe:/a:novell:opensuse:libspandsp2-debuginfo, p-cpe:/a:novell:opensuse:libwireshark13, p-cpe:/a:novell:opensuse:libwireshark13-debuginfo, p-cpe:/a:novell:opensuse:libwiretap10, p-cpe:/a:novell:opensuse:libwiretap10-debuginfo, p-cpe:/a:novell:opensuse:libwsutil11, p-cpe:/a:novell:opensuse:libwsutil11-debuginfo, p-cpe:/a:novell:opensuse:mmdblookup, p-cpe:/a:novell:opensuse:mmdblookup-debuginfo, p-cpe:/a:novell:opensuse:spandsp-debugsource, p-cpe:/a:novell:opensuse:spandsp-devel, p-cpe:/a:novell:opensuse:wireshark, p-cpe:/a:novell:opensuse:wireshark-debuginfo, p-cpe:/a:novell:opensuse:wireshark-debugsource, p-cpe:/a:novell:opensuse:wireshark-devel, p-cpe:/a:novell:opensuse:wireshark-ui-qt, p-cpe:/a:novell:opensuse:wireshark-ui-qt-debuginfo, cpe:/o:novell:opensuse:15.1

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 3/19/2020

Vulnerability Publication Date: 5/22/2018

Reference Information

CVE: CVE-2018-11354, CVE-2018-11355, CVE-2018-11356, CVE-2018-11357, CVE-2018-11358, CVE-2018-11359, CVE-2018-11360, CVE-2018-11361, CVE-2018-11362, CVE-2018-12086, CVE-2018-14339, CVE-2018-14340, CVE-2018-14341, CVE-2018-14342, CVE-2018-14343, CVE-2018-14344, CVE-2018-14367, CVE-2018-14368, CVE-2018-14369, CVE-2018-14370, CVE-2018-16056, CVE-2018-16057, CVE-2018-16058, CVE-2018-18225, CVE-2018-18226, CVE-2018-18227, CVE-2018-19622, CVE-2018-19623, CVE-2018-19624, CVE-2018-19625, CVE-2018-19626, CVE-2018-19627, CVE-2018-19628, CVE-2019-10894, CVE-2019-10895, CVE-2019-10896, CVE-2019-10897, CVE-2019-10898, CVE-2019-10899, CVE-2019-10900, CVE-2019-10901, CVE-2019-10902, CVE-2019-10903, CVE-2019-13619, CVE-2019-16319, CVE-2019-19553, CVE-2019-5716, CVE-2019-5717, CVE-2019-5718, CVE-2019-5719, CVE-2019-5721, CVE-2019-9208, CVE-2019-9209, CVE-2019-9214, CVE-2020-7044, CVE-2020-9428, CVE-2020-9429, CVE-2020-9430, CVE-2020-9431

Detections

Analytics