Detections
Analytics
Scientific Linux Security Update : wireshark on SL3.x, SL4.x, SL5.x i386/x86_64
critical Nessus Plugin ID 60350
Language:
Synopsis
The remote Scientific Linux host is missing one or more security updates.Description
Several flaws were found in Wireshark. Wireshark could crash or possibly execute arbitrary code as the user running Wireshark if it read a malformed packet off the network. (CVE-2007-6112, CVE-2007-6114, CVE-2007-6115, CVE-2007-6117)Several denial of service bugs were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off the network. (CVE-2007-3389, CVE-2007-3390, CVE-2007-3391, CVE-2007-3392, CVE-2007-3392, CVE-2007-3393, CVE-2007-6111, CVE-2007-6113, CVE-2007-6116, CVE-2007-6118, CVE-2007-6119, CVE-2007-6120, CVE-2007-6121, CVE-2007-6438, CVE-2007-6439, CVE-2007-6441, CVE-2007-6450, CVE-2007-6451)
As well, Wireshark switched from using net-snmp to libsmi, which is included in this errata.
Solution
Update the affected packages.See Also
Plugin Details
Severity: Critical
ID: 60350
File Name: sl_20080121_wireshark_on_SL3_x.nasl
Version: 1.10
Type: local
Agent: unix
Published: 8/1/2012
Updated: 1/14/2021
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: Critical
Base Score: 10
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: x-cpe:/o:fermilab:scientific_linux
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/RedHat/release, Host/RedHat/rpm-list
Patch Publication Date: 1/21/2008
Vulnerability Publication Date: 6/25/2007
Reference Information
CVE: CVE-2007-3389, CVE-2007-3390, CVE-2007-3391, CVE-2007-3392, CVE-2007-3393, CVE-2007-6111, CVE-2007-6112, CVE-2007-6113, CVE-2007-6114, CVE-2007-6115, CVE-2007-6116, CVE-2007-6117, CVE-2007-6118, CVE-2007-6119, CVE-2007-6120, CVE-2007-6121, CVE-2007-6438, CVE-2007-6439, CVE-2007-6441, CVE-2007-6450, CVE-2007-6451