Detections
Analytics
openSUSE Security Update : wireshark (openSUSE-SU-2014:0017-1)
medium Nessus Plugin ID 75415
Language:
Synopsis
The remote openSUSE host is missing a security update.Description
- update to 1.10.5+ bugs fixed :
- Wireshark stops showing new packets but dumpcap keeps writing them to the temp file.
- Wireshark 1.10.4 shuts down when promiscuous mode is unchecked.
- Homeplug dissector bug: STATUS_ACCESS_VIOLATION:
dissector accessed an invalid memory address.
- update to 1.10.4 [bnc#855980]
+ vulnerabilities fixed :
- The SIP dissector could go into an infinite loop.
wnpa-sec-2013-66 CVE-2013-7112
- The BSSGP dissector could crash. wnpa-sec-2013-67 CVE-2013-7113
- The NTLMSSP v2 dissector could crash. Discovered by Garming Sam. wnpa-sec-2013-68 CVE-2013-7114
+ Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-1.10.4 .html
Solution
Update the affected wireshark packages.See Also
https://bugzilla.novell.com/show_bug.cgi?id=855980
https://lists.opensuse.org/opensuse-updates/2014-01/msg00011.html
https://www.wireshark.org/docs/relnotes/wireshark-1.10.4.html
Plugin Details
Severity: Medium
ID: 75415
File Name: openSUSE-2014-9.nasl
Version: 1.4
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 6/13/2014
Updated: 1/19/2021
Supported Sensors: Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 4.4
CVSS v2
Risk Factor: Medium
Base Score: 5
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P
Vulnerability Information
CPE: p-cpe:/a:novell:opensuse:wireshark, p-cpe:/a:novell:opensuse:wireshark-debuginfo, p-cpe:/a:novell:opensuse:wireshark-debugsource, p-cpe:/a:novell:opensuse:wireshark-devel, cpe:/o:novell:opensuse:13.1
Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu
Patch Publication Date: 12/23/2013