Detections
Analytics

Debian dsa-6249 : libwireshark-data - security update

high Nessus Plugin ID 313009

Synopsis

The remote Debian host is missing one or more security-related updates.

Description

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6249 advisory.

 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6249-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 06, 2026 https://www.debian.org/security/faq
 - -------------------------------------------------------------------------

 Package : wireshark CVE ID : CVE-2026-5299 CVE-2026-5401 CVE-2026-5403 CVE-2026-5404 CVE-2026-5405 CVE-2026-5406 CVE-2026-5407 CVE-2026-5408 CVE-2026-5409 CVE-2026-5653 CVE-2026-5654 CVE-2026-5656 CVE-2026-5657 CVE-2026-6519 CVE-2026-6520 CVE-2026-6521 CVE-2026-6522 CVE-2026-6523 CVE-2026-6524 CVE-2026-6527 CVE-2026-6529 CVE-2026-6530 CVE-2026-6531 CVE-2026-6532 CVE-2026-6533 CVE-2026-6534 CVE-2026-6535 CVE-2026-6537 CVE-2026-6538 CVE-2026-6867 CVE-2026-6868 CVE-2026-6869 CVE-2026-6870 CVE-2026-7375 CVE-2026-7376 CVE-2026-7378 CVE-2026-7379

 Multiple vulnerabilities have been discocvered in Wireshark, a network protocol analyzer which could result in denial of service or the execution of arbitrary code.

 For the oldstable distribution (bookworm), a subset of these problems have been fixed in version 4.0.17-0+deb12u3.

 For the stable distribution (trixie), these problems have been fixed in version 4.4.15-0+deb13u1.

 We recommend that you upgrade your wireshark packages.

 For the detailed security status of wireshark please refer to its security tracker page at:
 https://security-tracker.debian.org/tracker/wireshark

 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

 Mailing list: [email protected]

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade the libwireshark-data packages.

See Also

https://security-tracker.debian.org/tracker/source-package/wireshark

https://security-tracker.debian.org/tracker/CVE-2026-5299

https://security-tracker.debian.org/tracker/CVE-2026-5401

https://security-tracker.debian.org/tracker/CVE-2026-5403

https://security-tracker.debian.org/tracker/CVE-2026-5404

https://security-tracker.debian.org/tracker/CVE-2026-5405

https://security-tracker.debian.org/tracker/CVE-2026-5406

https://security-tracker.debian.org/tracker/CVE-2026-5407

https://security-tracker.debian.org/tracker/CVE-2026-5408

https://security-tracker.debian.org/tracker/CVE-2026-5409

https://security-tracker.debian.org/tracker/CVE-2026-5653

https://security-tracker.debian.org/tracker/CVE-2026-5654

https://security-tracker.debian.org/tracker/CVE-2026-5656

https://security-tracker.debian.org/tracker/CVE-2026-5657

https://security-tracker.debian.org/tracker/CVE-2026-6519

https://security-tracker.debian.org/tracker/CVE-2026-6520

https://security-tracker.debian.org/tracker/CVE-2026-6521

https://security-tracker.debian.org/tracker/CVE-2026-6522

https://security-tracker.debian.org/tracker/CVE-2026-6523

https://security-tracker.debian.org/tracker/CVE-2026-6524

https://security-tracker.debian.org/tracker/CVE-2026-6527

https://security-tracker.debian.org/tracker/CVE-2026-6529

https://security-tracker.debian.org/tracker/CVE-2026-6530

https://security-tracker.debian.org/tracker/CVE-2026-6531

https://security-tracker.debian.org/tracker/CVE-2026-6532

https://security-tracker.debian.org/tracker/CVE-2026-6533

https://security-tracker.debian.org/tracker/CVE-2026-6534

https://security-tracker.debian.org/tracker/CVE-2026-6535

https://security-tracker.debian.org/tracker/CVE-2026-6537

https://security-tracker.debian.org/tracker/CVE-2026-6538

https://security-tracker.debian.org/tracker/CVE-2026-6867

https://security-tracker.debian.org/tracker/CVE-2026-6868

https://security-tracker.debian.org/tracker/CVE-2026-6869

https://security-tracker.debian.org/tracker/CVE-2026-6870

https://security-tracker.debian.org/tracker/CVE-2026-7375

https://security-tracker.debian.org/tracker/CVE-2026-7376

https://security-tracker.debian.org/tracker/CVE-2026-7378

https://security-tracker.debian.org/tracker/CVE-2026-7379

https://packages.debian.org/source/bookworm/wireshark

https://packages.debian.org/source/trixie/wireshark

Plugin Details

Severity: High

ID: 313009

File Name: debian_DSA-6249.nasl

Version: 1.1

Type: Local

Agent: unix

Published: 5/7/2026

Updated: 5/7/2026

Supported Sensors: Continuous Assessment, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2026-6870

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2026-5656

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:libwsutil-dev, p-cpe:/a:debian:debian_linux:libwiretap-dev, p-cpe:/a:debian:debian_linux:libwiretap15, p-cpe:/a:debian:debian_linux:wireshark-doc, p-cpe:/a:debian:debian_linux:libwireshark-dev, p-cpe:/a:debian:debian_linux:libwireshark-data, p-cpe:/a:debian:debian_linux:tshark, p-cpe:/a:debian:debian_linux:libwsutil16, p-cpe:/a:debian:debian_linux:wireshark-common, p-cpe:/a:debian:debian_linux:wireshark-dev, p-cpe:/a:debian:debian_linux:wireshark, p-cpe:/a:debian:debian_linux:libwireshark18, cpe:/o:debian:debian_linux:13.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 5/6/2026

Vulnerability Publication Date: 10/8/2024

Reference Information

CVE: CVE-2026-5299, CVE-2026-5401, CVE-2026-5403, CVE-2026-5404, CVE-2026-5405, CVE-2026-5406, CVE-2026-5407, CVE-2026-5408, CVE-2026-5409, CVE-2026-5653, CVE-2026-5654, CVE-2026-5656, CVE-2026-5657, CVE-2026-6519, CVE-2026-6520, CVE-2026-6521, CVE-2026-6522, CVE-2026-6523, CVE-2026-6524, CVE-2026-6527, CVE-2026-6529, CVE-2026-6530, CVE-2026-6531, CVE-2026-6532, CVE-2026-6533, CVE-2026-6534, CVE-2026-6535, CVE-2026-6537, CVE-2026-6538, CVE-2026-6867, CVE-2026-6868, CVE-2026-6869, CVE-2026-6870, CVE-2026-7375, CVE-2026-7376, CVE-2026-7378, CVE-2026-7379

IAVB: 2026-B-0112