GLSA-201110-02 : Wireshark: Multiple vulnerabilities

Critical Nessus Plugin ID 56426


The remote Gentoo host is missing one or more security-related patches.


The remote host is affected by the vulnerability described in GLSA-201110-02 (Wireshark: Multiple vulnerabilities)

Multiple vulnerabilities have been discovered in Wireshark. Please review the CVE identifiers referenced below for details.
Impact :

A remote attacker could send specially crafted packets on a network being monitored by Wireshark, entice a user to open a malformed packet trace file using Wireshark, or deploy a specially crafted Lua script for use by Wireshark, possibly resulting in the execution of arbitrary code, or a Denial of Service condition.
Workaround :

There is no known workaround at this time.


All Wireshark users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=net-analyzer/wireshark-1.4.9'

See Also

Plugin Details

Severity: Critical

ID: 56426

File Name: gentoo_GLSA-201110-02.nasl

Version: $Revision: 1.17 $

Type: local

Published: 2011/10/10

Modified: 2016/12/21

Dependencies: 12634

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:gentoo:linux:wireshark, cpe:/o:gentoo:linux

Required KB Items: Host/local_checks_enabled, Host/Gentoo/release, Host/Gentoo/qpkg-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2011/10/09

Exploitable With

CANVAS (White_Phosphorus)

Core Impact

Metasploit (Wireshark console.lua Pre-Loading Script Execution)

Reference Information

CVE: CVE-2010-2283, CVE-2010-2284, CVE-2010-2285, CVE-2010-2286, CVE-2010-2287, CVE-2010-2992, CVE-2010-2993, CVE-2010-2994, CVE-2010-2995, CVE-2010-3133, CVE-2010-3445, CVE-2010-4300, CVE-2010-4301, CVE-2010-4538, CVE-2011-0024, CVE-2011-0444, CVE-2011-0445, CVE-2011-0538, CVE-2011-0713, CVE-2011-1138, CVE-2011-1139, CVE-2011-1140, CVE-2011-1141, CVE-2011-1142, CVE-2011-1143, CVE-2011-1590, CVE-2011-1591, CVE-2011-1592, CVE-2011-1956, CVE-2011-1957, CVE-2011-1958, CVE-2011-1959, CVE-2011-2174, CVE-2011-2175, CVE-2011-2597, CVE-2011-2698, CVE-2011-3266, CVE-2011-3360, CVE-2011-3482, CVE-2011-3483

OSVDB: 65371, 65372, 65373, 65374, 65375, 66792, 66793, 67191, 67504, 68129, 69354, 69355, 70244, 70402, 70403, 71548, 71549, 71550, 71551, 71552, 71553, 71554, 71555, 71556, 71846, 71847, 71848, 72974, 72975, 72976, 72977, 72978, 72979, 73403, 73687, 74731, 74732, 75346, 75347, 75348

GLSA: 201110-02