Amazon Linux AMI : wireshark (ALAS-2014-330)

high Nessus Plugin ID 78273

Synopsis

The remote Amazon Linux AMI host is missing a security update.

Description

Two flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark.
(CVE-2014-2281 , CVE-2014-2299)

Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2013-6336 , CVE-2013-6337 , CVE-2013-6338 , CVE-2013-6339 , CVE-2013-6340 , CVE-2014-2283 , CVE-2013-7112 , CVE-2013-7114)

Solution

Run 'yum update wireshark' to update your system.

See Also

https://alas.aws.amazon.com/ALAS-2014-330.html

Plugin Details

Severity: High

ID: 78273

File Name: ala_ALAS-2014-330.nasl

Version: 1.4

Type: local

Agent: unix

Published: 10/12/2014

Updated: 9/27/2018

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 8.9

CVSS v2

Risk Factor: High

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:amazon:linux:wireshark-devel, p-cpe:/a:amazon:linux:wireshark, cpe:/o:amazon:linux, p-cpe:/a:amazon:linux:wireshark-debuginfo

Required KB Items: Host/local_checks_enabled, Host/AmazonLinux/release, Host/AmazonLinux/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 9/18/2014

Exploitable With

Core Impact

Metasploit (Wireshark wiretap/mpeg.c Stack Buffer Overflow)

Reference Information

CVE: CVE-2013-6336, CVE-2013-6337, CVE-2013-6338, CVE-2013-6339, CVE-2013-6340, CVE-2013-7112, CVE-2013-7114, CVE-2014-2281, CVE-2014-2283, CVE-2014-2299

ALAS: 2014-330

RHSA: 2014:0342