New! Vulnerability Priority Rating (VPR)
Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.
VPR Score: 3.6
SynopsisThe remote SuSE 11 host is missing a security update.
Descriptionwireshark was updated to 1.4.15 to fix multiple security issues.
Issues fixed :
- fix bnc#776038(CVE-2012-4285 / CVE-2012-4288 / CVE-2012-4289 / CVE-2012-4296 / CVE-2012-4291 / CVE-2012-4292 / CVE-2012-4293 / CVE-2012-4290), bnc#772738 (CVE-2012-4048 / CVE-2012-4049)(fixed upstream)
- Security fixes :
- wnpa-sec-2012-13 The DCP ETSI dissector could trigger a zero division. Reported by Laurent Butti. (Bug 7566)
- wnpa-sec-2012-15 The XTP dissector could go into an infinite loop. Reported by Ben Schmidt. (Bug 7571)
- wnpa-sec-2012-17 The AFP dissector could go into a large loop. Reported by Stefan Cornelius. (Bug 7603)
- wnpa-sec-2012-18 The RTPS2 dissector could overflow a buffer. Reported by Laurent Butti. (Bug 7568)
- wnpa-sec-2012-20 The CIP dissector could exhaust system memory. Reported y Ben Schmidt. (Bug 7570)
- wnpa-sec-2012-21 The STUN dissector could crash.
Reported by Laurent Butti. (Bug 7569)
- wnpa-sec-2012-22 The EtherCAT Mailbox dissector could abort. Reported by Laurent Butti. (Bug 7562)
- wnpa-sec-2012-23 The CTDB dissector could go into a large loop. Reported by Ben Schmidt. (Bug 7573)
- Bug fixes :
- Wireshark crashes on opening very short NFS pcap file.
- Updated Protocol Support
- AFP, Bluetooth L2CAP, CIP, CTDB, DCP ETSI, EtherCAT Mailbox, FC Link Control LISP, NFS, RTPS2, SCTP, STUN, XTP
SolutionApply SAT patch number 6760.