Detections
Analytics

Debian dla-3906 : libwireshark-data - security update

critical Nessus Plugin ID 207910

Synopsis

The remote Debian host is missing one or more security-related updates.

Description

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3906 advisory.

 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3906-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk September 30, 2024 https://wiki.debian.org/LTS
 - -------------------------------------------------------------------------

 Package : wireshark Version : 3.4.16-0+deb11u1 CVE ID : CVE-2021-4181 CVE-2021-4182 CVE-2021-4184 CVE-2021-4185 CVE-2021-4186 CVE-2021-4190 CVE-2022-0581 CVE-2022-0582 CVE-2022-0583 CVE-2022-0585 CVE-2022-0586 CVE-2022-3190 CVE-2022-4344 CVE-2022-4345 CVE-2023-0411 CVE-2023-0412 CVE-2023-0413 CVE-2023-0415 CVE-2023-0416 CVE-2023-0417 CVE-2023-0666 CVE-2023-0667 CVE-2023-0668 CVE-2023-1161 CVE-2023-1992 CVE-2023-1993 CVE-2023-1994 CVE-2023-2855 CVE-2023-2856 CVE-2023-2858 CVE-2023-2879 CVE-2023-2906 CVE-2023-2952 CVE-2023-3648 CVE-2023-3649 CVE-2023-4511 CVE-2023-4512 CVE-2023-4513 CVE-2023-6175 CVE-2024-0208 CVE-2024-0209 CVE-2024-0211 CVE-2024-2955 CVE-2024-4853 CVE-2024-4854 CVE-2024-8250 CVE-2024-8645 Debian Bug : 1033756 1034721 1041101 1059925 1068111 1080298

 Multiple vulnerabilities have been fixed in the network traffic analyzer Wireshark.

 CVE-2021-4181

 Sysdig Event dissector crash

 CVE-2021-4182

 RFC 7468 dissector crash

 CVE-2021-4184

 BitTorrent DHT dissector infinite loop

 CVE-2021-4185

 RTMPT dissector infinite loop

 CVE-2021-4186

 Gryphon dissector crash

 CVE-2021-4190

 Kafka dissector large loop DoS

 CVE-2022-0581

 CMS protocol dissector crash

 CVE-2022-0582

 CSN.1 protocol dissector unaligned access

 CVE-2022-0583

 PVFS protocol dissector crash

 CVE-2022-0585

 Large loops in multiple dissectors

 CVE-2022-0586

 RTMPT protocol dissector infinite loop

 CVE-2022-3190

 F5 Ethernet Trailer dissector infinite loop

 CVE-2022-4344

 Kafka protocol dissector memory exhaustion

 CVE-2022-4345

 Infinite loops in the BPv6, OpenFlow, and Kafka protocol dissectors

 CVE-2023-0411

 Excessive loops in the BPv6, NCP and RTPS protocol dissectors

 CVE-2023-0412

 TIPC dissector crash

 CVE-2023-0413

 Dissection engine bug DoS

 CVE-2023-0415

 iSCSI dissector crash

 CVE-2023-0416

 GNW dissector crash

 CVE-2023-0417

 NFS dissector memory leak

 CVE-2023-0666

 RTPS parsing heap overflow

 CVE-2023-0667

 MSMMS dissector buffer overflow

 CVE-2023-0668

 IEEE C37.118 Synchrophasor dissector crash

 CVE-2023-1161

 ISO 15765 dissector crash

 CVE-2023-1992

 RPCoRDMA dissector crash

 CVE-2023-1993

 LISP dissector large loop

 CVE-2023-1994

 GQUIC dissector crash

 CVE-2023-2855

 Candump log parser crash

 CVE-2023-2856

 VMS TCPIPtrace file parser crash

 CVE-2023-2858

 NetScaler file parser crash

 CVE-2023-2879

 GDSDB dissector infinite loop

 CVE-2023-2906

 CP2179 dissector crash

 CVE-2023-2952

 XRA dissector infinite loop

 CVE-2023-3648

 Kafka dissector crash

 CVE-2023-3649

 iSCSI dissector crash

 CVE-2023-4511

 BT SDP dissector infinite loop

 CVE-2023-4512

 CBOR dissector crash

 CVE-2023-4513

 BT SDP dissector memory leak

 CVE-2023-6175

 NetScreen file parser crash

 CVE-2024-0208

 GVCP dissector crash

 CVE-2024-0209

 IEEE 1609.2 dissector crash

 CVE-2024-0211

 DOCSIS dissector crash

 CVE-2024-2955

 T.38 dissector crash

 CVE-2024-4853

 Editcap byte chopping crash

 CVE-2024-4854

 MONGO dissector infinite loop

 CVE-2024-8250

 NTLMSSP dissector crash

 CVE-2024-8645

 SPRT dissector crash

 For Debian 11 bullseye, these problems have been fixed in version 3.4.16-0+deb11u1.

 We recommend that you upgrade your wireshark packages.

 For the detailed security status of wireshark please refer to its security tracker page at:
 https://security-tracker.debian.org/tracker/wireshark

 Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade the libwireshark-data packages.

See Also

https://security-tracker.debian.org/tracker/source-package/wireshark

https://security-tracker.debian.org/tracker/CVE-2021-4181

https://security-tracker.debian.org/tracker/CVE-2021-4182

https://security-tracker.debian.org/tracker/CVE-2021-4184

https://security-tracker.debian.org/tracker/CVE-2021-4185

https://security-tracker.debian.org/tracker/CVE-2021-4186

https://security-tracker.debian.org/tracker/CVE-2021-4190

https://security-tracker.debian.org/tracker/CVE-2022-0581

https://security-tracker.debian.org/tracker/CVE-2022-0582

https://security-tracker.debian.org/tracker/CVE-2022-0583

https://security-tracker.debian.org/tracker/CVE-2022-0585

https://security-tracker.debian.org/tracker/CVE-2022-0586

https://security-tracker.debian.org/tracker/CVE-2022-3190

https://security-tracker.debian.org/tracker/CVE-2022-4344

https://security-tracker.debian.org/tracker/CVE-2022-4345

https://security-tracker.debian.org/tracker/CVE-2023-0411

https://security-tracker.debian.org/tracker/CVE-2023-0412

https://security-tracker.debian.org/tracker/CVE-2023-0413

https://security-tracker.debian.org/tracker/CVE-2023-0415

https://security-tracker.debian.org/tracker/CVE-2023-0416

https://security-tracker.debian.org/tracker/CVE-2023-0417

https://security-tracker.debian.org/tracker/CVE-2023-0666

https://security-tracker.debian.org/tracker/CVE-2023-0667

https://security-tracker.debian.org/tracker/CVE-2023-0668

https://security-tracker.debian.org/tracker/CVE-2023-1161

https://security-tracker.debian.org/tracker/CVE-2023-1992

https://security-tracker.debian.org/tracker/CVE-2023-1993

https://security-tracker.debian.org/tracker/CVE-2023-1994

https://security-tracker.debian.org/tracker/CVE-2023-2855

https://security-tracker.debian.org/tracker/CVE-2023-2856

https://security-tracker.debian.org/tracker/CVE-2023-2858

https://security-tracker.debian.org/tracker/CVE-2023-2879

https://security-tracker.debian.org/tracker/CVE-2023-2906

https://security-tracker.debian.org/tracker/CVE-2023-2952

https://security-tracker.debian.org/tracker/CVE-2023-3648

https://security-tracker.debian.org/tracker/CVE-2023-3649

https://security-tracker.debian.org/tracker/CVE-2023-4511

https://security-tracker.debian.org/tracker/CVE-2023-4512

https://security-tracker.debian.org/tracker/CVE-2023-4513

https://security-tracker.debian.org/tracker/CVE-2023-6175

https://security-tracker.debian.org/tracker/CVE-2024-0208

https://security-tracker.debian.org/tracker/CVE-2024-0209

https://security-tracker.debian.org/tracker/CVE-2024-0211

https://security-tracker.debian.org/tracker/CVE-2024-2955

https://security-tracker.debian.org/tracker/CVE-2024-4853

https://security-tracker.debian.org/tracker/CVE-2024-4854

https://security-tracker.debian.org/tracker/CVE-2024-8250

https://security-tracker.debian.org/tracker/CVE-2024-8645

https://packages.debian.org/source/bullseye/wireshark

Plugin Details

Severity: Critical

ID: 207910

File Name: debian_DLA-3906.nasl

Version: 1.1

Type: local

Agent: unix

Published: 9/30/2024

Updated: 9/30/2024

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2022-0582

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:debian:debian_linux:11.0, p-cpe:/a:debian:debian_linux:wireshark-dev, p-cpe:/a:debian:debian_linux:libwsutil12, p-cpe:/a:debian:debian_linux:wireshark-doc, p-cpe:/a:debian:debian_linux:libwsutil-dev, p-cpe:/a:debian:debian_linux:libwiretap11, p-cpe:/a:debian:debian_linux:libwiretap-dev, p-cpe:/a:debian:debian_linux:libwireshark-dev, p-cpe:/a:debian:debian_linux:libwireshark-data, p-cpe:/a:debian:debian_linux:wireshark-gtk, p-cpe:/a:debian:debian_linux:wireshark, p-cpe:/a:debian:debian_linux:wireshark-qt, p-cpe:/a:debian:debian_linux:wireshark-common, p-cpe:/a:debian:debian_linux:libwireshark14, p-cpe:/a:debian:debian_linux:tshark

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 9/30/2024

Vulnerability Publication Date: 12/29/2021

Reference Information

CVE: CVE-2021-4181, CVE-2021-4182, CVE-2021-4184, CVE-2021-4185, CVE-2021-4186, CVE-2021-4190, CVE-2022-0581, CVE-2022-0582, CVE-2022-0583, CVE-2022-0585, CVE-2022-0586, CVE-2022-3190, CVE-2022-4344, CVE-2022-4345, CVE-2023-0411, CVE-2023-0412, CVE-2023-0413, CVE-2023-0415, CVE-2023-0416, CVE-2023-0417, CVE-2023-0666, CVE-2023-0667, CVE-2023-0668, CVE-2023-1161, CVE-2023-1992, CVE-2023-1993, CVE-2023-1994, CVE-2023-2855, CVE-2023-2856, CVE-2023-2858, CVE-2023-2879, CVE-2023-2906, CVE-2023-2952, CVE-2023-3648, CVE-2023-3649, CVE-2023-4511, CVE-2023-4512, CVE-2023-4513, CVE-2023-6175, CVE-2024-0208, CVE-2024-0209, CVE-2024-0211, CVE-2024-2955, CVE-2024-4853, CVE-2024-4854, CVE-2024-8250, CVE-2024-8645

IAVB: 2021-B-0072-S, 2022-B-0004-S, 2022-B-0006-S, 2022-B-0035-S, 2023-B-0004-S, 2023-B-0008-S, 2023-B-0024-S, 2023-B-0036-S, 2023-B-0051-S, 2023-B-0063-S, 2023-B-0091-S, 2024-B-0001-S, 2024-B-0028-S, 2024-B-0061-S, 2024-B-0126