Detections
Analytics
Wireshark / Ethereal 0.99.2 to 1.0.6 Multiple Vulnerabilities
high Nessus Plugin ID 36127
Synopsis
The remote host has an application that is affected by multiple vulnerabilities.Description
The installed version of Wireshark or Ethereal is affected by multiple issues :- The PROFINET dissector is affected by a format string vulnerability which an attacker could exploit to execute arbitrary code. (Bug 3372)
- Wireshark could crash while reading a malformed LDAP capture file. (Bug 3262)
- Wireshark could crash while reading a malformed Check Point High-Availability Protocol capture file. (Bug 3269)
- Wireshark could crash while reading a Tektronix .rf5 capture file. (Bug 3366)
Solution
Upgrade to Wireshark 1.0.7 or later.See Also
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3382
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3262
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3269
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3366
http://www.wireshark.org/security/wnpa-sec-2009-02.html
https://www.wireshark.org/docs/relnotes/wireshark-1.0.7.html
Plugin Details
Severity: High
ID: 36127
File Name: wireshark_1_0_7.nasl
Version: 1.19
Type: local
Agent: windows
Family: Windows
Published: 4/10/2009
Updated: 3/9/2023
Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: High
Score: 7.4
CVSS v2
Risk Factor: High
Base Score: 7.6
Temporal Score: 6.3
Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: cpe:/a:wireshark:wireshark
Required KB Items: SMB/Wireshark/Installed
Exploit Available: true
Exploit Ease: Exploits are available
Exploitable With
Core Impact
Reference Information
CVE: CVE-2009-1210, CVE-2009-1267, CVE-2009-1268, CVE-2009-1269