GLSA-201604-05 : Wireshark: Multiple vulnerabilities

High Nessus Plugin ID 90744


The remote Gentoo host is missing one or more security-related patches.


The remote host is affected by the vulnerability described in GLSA-201604-05 (Wireshark: Multiple vulnerabilities)

Multiple vulnerabilities have been discovered in Wireshark. Please review the CVE identifiers referenced below for details.
Impact :

Remote attackers could cause Denial of Service and local attackers could escalate privileges.
Workaround :

There is no known workaround at this time.


All Wireshark users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=net-analyzer/wireshark-2.0.2'

See Also

Plugin Details

Severity: High

ID: 90744

File Name: gentoo_GLSA-201604-05.nasl

Version: $Revision: 2.7 $

Type: local

Published: 2016/04/27

Modified: 2016/11/11

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C


Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:gentoo:linux:wireshark, cpe:/o:gentoo:linux

Required KB Items: Host/local_checks_enabled, Host/Gentoo/release, Host/Gentoo/qpkg-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2016/04/26

Exploitable With

Core Impact

Reference Information

CVE: CVE-2015-8711, CVE-2015-8712, CVE-2015-8713, CVE-2015-8714, CVE-2015-8715, CVE-2015-8716, CVE-2015-8717, CVE-2015-8718, CVE-2015-8719, CVE-2015-8720, CVE-2015-8721, CVE-2015-8722, CVE-2015-8723, CVE-2015-8724, CVE-2015-8725, CVE-2015-8726, CVE-2015-8727, CVE-2015-8728, CVE-2015-8729, CVE-2015-8730, CVE-2015-8731, CVE-2015-8732, CVE-2015-8733, CVE-2015-8734, CVE-2015-8735, CVE-2015-8736, CVE-2015-8737, CVE-2015-8738, CVE-2015-8739, CVE-2015-8740, CVE-2015-8741, CVE-2015-8742, CVE-2016-2521, CVE-2016-2522, CVE-2016-2523, CVE-2016-2524, CVE-2016-2525, CVE-2016-2526, CVE-2016-2527, CVE-2016-2528, CVE-2016-2529, CVE-2016-2530, CVE-2016-2531, CVE-2016-2532

GLSA: 201604-05