SynopsisThe remote Windows host contains an application that is affected by multiple vulnerabilities.
DescriptionThe installed version of Wireshark 1.6 is earlier than 1.6.14. It is, therefore, affected by the following vulnerabilities :
- Errors exist in the FCSP, AMPQ, SCTP, and sFlow dissector that could lead to an infinite loop resulting in a denial of service. (Bugs 7789, 7802, 8337, 8359)
- Errors exist in the CIMD, DTLS, Mount, MS-MMS, RTPS, and RTPS2 that could allow them to crash.
(Bugs 8382, 8332, 8335, 8346, 8380)
- The ACN dissector can attempt a divide by zero operation that could lead to an application crash.
SolutionUpgrade to Wireshark version 1.6.14 or later.
File Name: wireshark_1_6_14.nasl
Supported Sensors: Nessus Agent
Temporal Vector: E:U/RL:OF/RC:C
Required KB Items: SMB/Wireshark/Installed
Exploit Ease: No known exploits are available
Patch Publication Date: 1/29/2013
Vulnerability Publication Date: 1/29/2013
CVE: CVE-2012-6054, CVE-2012-6056, CVE-2013-2478, CVE-2013-2480, CVE-2013-2481, CVE-2013-2482, CVE-2013-2483, CVE-2013-2484, CVE-2013-2485, CVE-2013-2488
BID: 56729, 58340, 58351, 58353, 58355, 58356, 58357, 58362, 58365