Debian dla-3906 : libwireshark-data - security update

critical Nessus Plugin ID 207910

Synopsis

The remote Debian host is missing one or more security-related updates.

Description

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3906 advisory.

- ------------------------------------------------------------------------- Debian LTS Advisory DLA-3906-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk September 30, 2024 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package : wireshark Version : 3.4.16-0+deb11u1 CVE ID : CVE-2021-4181 CVE-2021-4182 CVE-2021-4184 CVE-2021-4185 CVE-2021-4186 CVE-2021-4190 CVE-2022-0581 CVE-2022-0582 CVE-2022-0583 CVE-2022-0585 CVE-2022-0586 CVE-2022-3190 CVE-2022-4344 CVE-2022-4345 CVE-2023-0411 CVE-2023-0412 CVE-2023-0413 CVE-2023-0415 CVE-2023-0416 CVE-2023-0417 CVE-2023-0666 CVE-2023-0667 CVE-2023-0668 CVE-2023-1161 CVE-2023-1992 CVE-2023-1993 CVE-2023-1994 CVE-2023-2855 CVE-2023-2856 CVE-2023-2858 CVE-2023-2879 CVE-2023-2906 CVE-2023-2952 CVE-2023-3648 CVE-2023-3649 CVE-2023-4511 CVE-2023-4512 CVE-2023-4513 CVE-2023-6175 CVE-2024-0208 CVE-2024-0209 CVE-2024-0211 CVE-2024-2955 CVE-2024-4853 CVE-2024-4854 CVE-2024-8250 CVE-2024-8645 Debian Bug : 1033756 1034721 1041101 1059925 1068111 1080298

Multiple vulnerabilities have been fixed in the network traffic analyzer Wireshark.

CVE-2021-4181

Sysdig Event dissector crash

CVE-2021-4182

RFC 7468 dissector crash

CVE-2021-4184

BitTorrent DHT dissector infinite loop

CVE-2021-4185

RTMPT dissector infinite loop

CVE-2021-4186

Gryphon dissector crash

CVE-2021-4190

Kafka dissector large loop DoS

CVE-2022-0581

CMS protocol dissector crash

CVE-2022-0582

CSN.1 protocol dissector unaligned access

CVE-2022-0583

PVFS protocol dissector crash

CVE-2022-0585

Large loops in multiple dissectors

CVE-2022-0586

RTMPT protocol dissector infinite loop

CVE-2022-3190

F5 Ethernet Trailer dissector infinite loop

CVE-2022-4344

Kafka protocol dissector memory exhaustion

CVE-2022-4345

Infinite loops in the BPv6, OpenFlow, and Kafka protocol dissectors

CVE-2023-0411

Excessive loops in the BPv6, NCP and RTPS protocol dissectors

CVE-2023-0412

TIPC dissector crash

CVE-2023-0413

Dissection engine bug DoS

CVE-2023-0415

iSCSI dissector crash

CVE-2023-0416

GNW dissector crash

CVE-2023-0417

NFS dissector memory leak

CVE-2023-0666

RTPS parsing heap overflow

CVE-2023-0667

MSMMS dissector buffer overflow

CVE-2023-0668

IEEE C37.118 Synchrophasor dissector crash

CVE-2023-1161

ISO 15765 dissector crash

CVE-2023-1992

RPCoRDMA dissector crash

CVE-2023-1993

LISP dissector large loop

CVE-2023-1994

GQUIC dissector crash

CVE-2023-2855

Candump log parser crash

CVE-2023-2856

VMS TCPIPtrace file parser crash

CVE-2023-2858

NetScaler file parser crash

CVE-2023-2879

GDSDB dissector infinite loop

CVE-2023-2906

CP2179 dissector crash

CVE-2023-2952

XRA dissector infinite loop

CVE-2023-3648

Kafka dissector crash

CVE-2023-3649

iSCSI dissector crash

CVE-2023-4511

BT SDP dissector infinite loop

CVE-2023-4512

CBOR dissector crash

CVE-2023-4513

BT SDP dissector memory leak

CVE-2023-6175

NetScreen file parser crash

CVE-2024-0208

GVCP dissector crash

CVE-2024-0209

IEEE 1609.2 dissector crash

CVE-2024-0211

DOCSIS dissector crash

CVE-2024-2955

T.38 dissector crash

CVE-2024-4853

Editcap byte chopping crash

CVE-2024-4854

MONGO dissector infinite loop

CVE-2024-8250

NTLMSSP dissector crash

CVE-2024-8645

SPRT dissector crash

For Debian 11 bullseye, these problems have been fixed in version 3.4.16-0+deb11u1.

We recommend that you upgrade your wireshark packages.

For the detailed security status of wireshark please refer to its security tracker page at:
https://security-tracker.debian.org/tracker/wireshark

Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade the libwireshark-data packages.

See Also

https://security-tracker.debian.org/tracker/source-package/wireshark

https://security-tracker.debian.org/tracker/CVE-2021-4181

https://security-tracker.debian.org/tracker/CVE-2021-4182

https://security-tracker.debian.org/tracker/CVE-2021-4184

https://security-tracker.debian.org/tracker/CVE-2021-4185

https://security-tracker.debian.org/tracker/CVE-2021-4186

https://security-tracker.debian.org/tracker/CVE-2021-4190

https://security-tracker.debian.org/tracker/CVE-2022-0581

https://security-tracker.debian.org/tracker/CVE-2022-0582

https://security-tracker.debian.org/tracker/CVE-2022-0583

https://security-tracker.debian.org/tracker/CVE-2022-0585

https://security-tracker.debian.org/tracker/CVE-2022-0586

https://security-tracker.debian.org/tracker/CVE-2022-3190

https://security-tracker.debian.org/tracker/CVE-2022-4344

https://security-tracker.debian.org/tracker/CVE-2022-4345

https://security-tracker.debian.org/tracker/CVE-2023-0411

https://security-tracker.debian.org/tracker/CVE-2023-0412

https://security-tracker.debian.org/tracker/CVE-2023-0413

https://security-tracker.debian.org/tracker/CVE-2023-0415

https://security-tracker.debian.org/tracker/CVE-2023-0416

https://security-tracker.debian.org/tracker/CVE-2023-0417

https://security-tracker.debian.org/tracker/CVE-2023-0666

https://security-tracker.debian.org/tracker/CVE-2023-0667

https://security-tracker.debian.org/tracker/CVE-2023-0668

https://security-tracker.debian.org/tracker/CVE-2023-1161

https://security-tracker.debian.org/tracker/CVE-2023-1992

https://security-tracker.debian.org/tracker/CVE-2023-1993

https://security-tracker.debian.org/tracker/CVE-2023-1994

https://security-tracker.debian.org/tracker/CVE-2023-2855

https://security-tracker.debian.org/tracker/CVE-2023-2856

https://security-tracker.debian.org/tracker/CVE-2023-2858

https://security-tracker.debian.org/tracker/CVE-2023-2879

https://security-tracker.debian.org/tracker/CVE-2023-2906

https://security-tracker.debian.org/tracker/CVE-2023-2952

https://security-tracker.debian.org/tracker/CVE-2023-3648

https://security-tracker.debian.org/tracker/CVE-2023-3649

https://security-tracker.debian.org/tracker/CVE-2023-4511

https://security-tracker.debian.org/tracker/CVE-2023-4512

https://security-tracker.debian.org/tracker/CVE-2023-4513

https://security-tracker.debian.org/tracker/CVE-2023-6175

https://security-tracker.debian.org/tracker/CVE-2024-0208

https://security-tracker.debian.org/tracker/CVE-2024-0209

https://security-tracker.debian.org/tracker/CVE-2024-0211

https://security-tracker.debian.org/tracker/CVE-2024-2955

https://security-tracker.debian.org/tracker/CVE-2024-4853

https://security-tracker.debian.org/tracker/CVE-2024-4854

https://security-tracker.debian.org/tracker/CVE-2024-8250

https://security-tracker.debian.org/tracker/CVE-2024-8645

https://packages.debian.org/source/bullseye/wireshark

Plugin Details

Severity: Critical

ID: 207910

File Name: debian_DLA-3906.nasl

Version: 1.2

Type: local

Agent: unix

Published: 9/30/2024

Updated: 10/11/2024

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2022-0582

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:debian:debian_linux:11.0, p-cpe:/a:debian:debian_linux:libwsutil-dev, p-cpe:/a:debian:debian_linux:libwiretap-dev, p-cpe:/a:debian:debian_linux:wireshark, p-cpe:/a:debian:debian_linux:wireshark-doc, p-cpe:/a:debian:debian_linux:libwireshark-dev, p-cpe:/a:debian:debian_linux:wireshark-dev, p-cpe:/a:debian:debian_linux:wireshark-qt, p-cpe:/a:debian:debian_linux:libwireshark-data, p-cpe:/a:debian:debian_linux:tshark, p-cpe:/a:debian:debian_linux:wireshark-common, p-cpe:/a:debian:debian_linux:libwsutil12, p-cpe:/a:debian:debian_linux:libwireshark14, p-cpe:/a:debian:debian_linux:wireshark-gtk, p-cpe:/a:debian:debian_linux:libwiretap11

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 9/30/2024

Vulnerability Publication Date: 12/29/2021

Reference Information

CVE: CVE-2021-4181, CVE-2021-4182, CVE-2021-4184, CVE-2021-4185, CVE-2021-4186, CVE-2021-4190, CVE-2022-0581, CVE-2022-0582, CVE-2022-0583, CVE-2022-0585, CVE-2022-0586, CVE-2022-3190, CVE-2022-4344, CVE-2022-4345, CVE-2023-0411, CVE-2023-0412, CVE-2023-0413, CVE-2023-0415, CVE-2023-0416, CVE-2023-0417, CVE-2023-0666, CVE-2023-0667, CVE-2023-0668, CVE-2023-1161, CVE-2023-1992, CVE-2023-1993, CVE-2023-1994, CVE-2023-2855, CVE-2023-2856, CVE-2023-2858, CVE-2023-2879, CVE-2023-2906, CVE-2023-2952, CVE-2023-3648, CVE-2023-3649, CVE-2023-4511, CVE-2023-4512, CVE-2023-4513, CVE-2023-6175, CVE-2024-0208, CVE-2024-0209, CVE-2024-0211, CVE-2024-2955, CVE-2024-4853, CVE-2024-4854, CVE-2024-8250, CVE-2024-8645

IAVB: 2021-B-0072-S, 2022-B-0004-S, 2022-B-0006-S, 2022-B-0035-S, 2023-B-0004-S, 2023-B-0008-S, 2023-B-0024-S, 2023-B-0036-S, 2023-B-0051-S, 2023-B-0063-S, 2023-B-0091-S, 2024-B-0001-S, 2024-B-0028-S, 2024-B-0061-S, 2024-B-0126-S