The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3402 advisory.

    - -------------------------------------------------------------------------     Debian LTS Advisory DLA-3402-1                debian-lts@lists.debian.org     https://www.debian.org/lts/security/                          Adrian Bunk     April 29, 2023                                https://wiki.debian.org/LTS
    - -------------------------------------------------------------------------

    Package        : wireshark     Version        : 2.6.20-0+deb10u6     CVE ID         : CVE-2023-1161 CVE-2023-1992 CVE-2023-1993 CVE-2023-1994     Debian Bug     : 1033756 1034721

    Several vulnerabilities were fixed in the network traffic analyzer Wireshark.

    CVE-2023-1161

        ISO 15765 dissector crash

    CVE-2023-1992

        RPCoRDMA dissector crash

    CVE-2023-1993

        LISP dissector large loop vulnerability

    CVE-2023-1994

        GQUIC dissector crash

    For Debian 10 buster, these problems have been fixed in version     2.6.20-0+deb10u6.

    We recommend that you upgrade your wireshark packages.

    For the detailed security status of wireshark please refer to     its security tracker page at:
    https://security-tracker.debian.org/tracker/wireshark

    Further information about Debian LTS security advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://wiki.debian.org/LTS

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Debian dla-3402 : libwireshark-data - security update

high Nessus Plugin ID 174962

Version 1.6