Detections
Analytics
Mandriva Linux Security Advisory : wireshark (MDVSA-2012:042)
medium Nessus Plugin ID 61947
Language:
Synopsis
The remote Mandriva Linux host is missing one or more security updates.Description
Multiple vulnerabilities was found and corrected in Wireshark :- The ANSI A dissector could dereference a NULL pointer and crash.
- The IEEE 802.11 dissector could go into an infinite loop.
- The pcap and pcap-ng file parsers could crash trying to read ERF data.
- The MP2T dissector could try to allocate too much memory and crash.
This advisory provides the latest version of Wireshark (1.6.6) which is not vulnerable to these issues.
Solution
Update the affected packages.See Also
https://www.wireshark.org/security/wnpa-sec-2012-04.html
https://www.wireshark.org/security/wnpa-sec-2012-05.html
Plugin Details
Severity: Medium
ID: 61947
File Name: mandriva_MDVSA-2012-042.nasl
Version: 1.11
Type: local
Family: Mandriva Local Security Checks
Published: 9/6/2012
Updated: 1/6/2021
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 4.4
CVSS v2
Risk Factor: Medium
Base Score: 5
Temporal Score: 3.9
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P
Vulnerability Information
CPE: p-cpe:/a:mandriva:linux:wireshark-tools, cpe:/o:mandriva:linux:2011, p-cpe:/a:mandriva:linux:dumpcap, p-cpe:/a:mandriva:linux:lib64wireshark-devel, p-cpe:/a:mandriva:linux:lib64wireshark1, p-cpe:/a:mandriva:linux:libwireshark-devel, p-cpe:/a:mandriva:linux:libwireshark1, p-cpe:/a:mandriva:linux:rawshark, p-cpe:/a:mandriva:linux:tshark, p-cpe:/a:mandriva:linux:wireshark
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 3/28/2012
Vulnerability Publication Date: 3/27/2012
Reference Information
CVE: CVE-2012-1593, CVE-2012-1594, CVE-2012-1595, CVE-2012-1596
BID: 52735, 52736, 52737, 52738
MDVSA: 2012:042