FreeBSD Local Security Checks : FreeBSD Ports: wireshark

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.72500

Categoría: FreeBSD Local Security Checks

Título: FreeBSD Ports: wireshark

Resumen: The remote host is missing an update to the system; as announced in the referenced advisory.

Descripción: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following packages are affected:

wireshark
wireshark-lite
tshark
tshark-lite

CVE-2012-5237
The dissect_hsrp function in epan/dissectors/packet-hsrp.c in the HSRP
dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to
cause a denial of service (infinite loop) via a malformed packet.
CVE-2012-5238
epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x
before 1.8.3 uses incorrect OUI data structures during the decoding of
(1) PPP and (2) LCP data, which allows remote attackers to cause a
denial of service (assertion failure and application exit) via a
malformed packet.
CVE-2012-5240
Buffer overflow in the dissect_tlv function in
epan/dissectors/packet-ldp.c in the LDP dissector in Wireshark 1.8.x
before 1.8.3 allows remote attackers to cause a denial of service
(application crash) or possibly have unspecified other impact via a
malformed packet.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
5.8

CVSS Vector:
AV:A/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2012-5237
BugTraq ID: 55754
http://www.securityfocus.com/bid/55754
http://osvdb.org/85884
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14992
http://www.securitytracker.com/id?1027604
XForce ISS Database: wireshark-hsrp-dos(79009)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79009
Common Vulnerability Exposure (CVE) ID: CVE-2012-5238
http://osvdb.org/85883
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15593
XForce ISS Database: wireshark-ppp-dissector-dos(79010)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79010
Common Vulnerability Exposure (CVE) ID: CVE-2012-5240
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15691

Copyright Copyright (C) 2012 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.72500
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: wireshark
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following packages are affected: wireshark wireshark-lite tshark tshark-lite CVE-2012-5237 The dissect_hsrp function in epan/dissectors/packet-hsrp.c in the HSRP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. CVE-2012-5238 epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.3 uses incorrect OUI data structures during the decoding of (1) PPP and (2) LCP data, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a malformed packet. CVE-2012-5240 Buffer overflow in the dissect_tlv function in epan/dissectors/packet-ldp.c in the LDP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malformed packet. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 5.8 CVSS Vector: AV:A/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-5237 BugTraq ID: 55754 http://www.securityfocus.com/bid/55754 http://osvdb.org/85884 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14992 http://www.securitytracker.com/id?1027604 XForce ISS Database: wireshark-hsrp-dos(79009) https://exchange.xforce.ibmcloud.com/vulnerabilities/79009 Common Vulnerability Exposure (CVE) ID: CVE-2012-5238 http://osvdb.org/85883 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15593 XForce ISS Database: wireshark-ppp-dissector-dos(79010) https://exchange.xforce.ibmcloud.com/vulnerabilities/79010 Common Vulnerability Exposure (CVE) ID: CVE-2012-5240 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15691
Copyright	Copyright (C) 2012 E-Soft Inc.