English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.880622
Categoría:CentOS Local Security Checks
Título:CentOS Update for wireshark CESA-2010:0360 centos5 i386
Resumen:The remote host is missing an update for the 'wireshark'; package(s) announced via the referenced advisory.
Descripción:Summary:
The remote host is missing an update for the 'wireshark'
package(s) announced via the referenced advisory.

Vulnerability Insight:
Wireshark is a program for monitoring network traffic. Wireshark was
previously known as Ethereal.

An invalid pointer dereference flaw was found in the Wireshark SMB and SMB2
dissectors. If Wireshark read a malformed packet off a network or opened a
malicious dump file, it could crash or, possibly, execute arbitrary code as
the user running Wireshark. (CVE-2009-4377)

Several buffer overflow flaws were found in the Wireshark LWRES dissector.
If Wireshark read a malformed packet off a network or opened a malicious
dump file, it could crash or, possibly, execute arbitrary code as the user
running Wireshark. (CVE-2010-0304)

Several denial of service flaws were found in Wireshark. Wireshark could
crash or stop responding if it read a malformed packet off a network, or
opened a malicious dump file. (CVE-2009-2560, CVE-2009-2562, CVE-2009-2563,
CVE-2009-3550, CVE-2009-3829)

Users of Wireshark should upgrade to these updated packages, which contain
Wireshark version 1.0.11, and resolve these issues. All running instances
of Wireshark must be restarted for the update to take effect.

Affected Software/OS:
wireshark on CentOS 5

Solution:
Please install the updated packages.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-2560
BugTraq ID: 35748
http://www.securityfocus.com/bid/35748
BugTraq ID: 36846
http://www.securityfocus.com/bid/36846
Debian Security Information: DSA-1942 (Google Search)
http://www.debian.org/security/2009/dsa-1942
http://www.mandriva.com/security/advisories?name=MDVSA-2009:194
http://www.openwall.com/lists/oss-security/2009/07/22/2
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10403
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6416
http://secunia.com/advisories/35884
http://secunia.com/advisories/37175
http://secunia.com/advisories/37409
http://secunia.com/advisories/37477
http://www.vupen.com/english/advisories/2009/1970
http://www.vupen.com/english/advisories/2009/3061
XForce ISS Database: wireshark-radius-dissector-dos(54019)
https://exchange.xforce.ibmcloud.com/vulnerabilities/54019
Common Vulnerability Exposure (CVE) ID: CVE-2009-2562
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3564
http://www.openwall.com/lists/oss-security/2009/09/18/2
http://www.openwall.com/lists/oss-security/2009/09/17/15
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11643
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5625
Common Vulnerability Exposure (CVE) ID: CVE-2009-2563
http://www.mandriva.com/security/advisories?name=MDVSA-2010:031
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11210
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6321
Common Vulnerability Exposure (CVE) ID: CVE-2009-3550
36846
37175
37409
37477
ADV-2009-3061
DSA-1942
http://www.wireshark.org/docs/relnotes/wireshark-1.0.10.html
http://www.wireshark.org/docs/relnotes/wireshark-1.2.3.html
http://www.wireshark.org/security/wnpa-sec-2009-07.html
http://www.wireshark.org/security/wnpa-sec-2009-08.html
oval:org.mitre.oval:def:10103
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10103
oval:org.mitre.oval:def:6005
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6005
wireshark-dcerpcnt-dos(54017)
https://exchange.xforce.ibmcloud.com/vulnerabilities/54017
Common Vulnerability Exposure (CVE) ID: CVE-2009-3829
CERT/CC vulnerability note: VU#676492
http://www.kb.cert.org/vuls/id/676492
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5979
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9945
Common Vulnerability Exposure (CVE) ID: CVE-2009-4377
BugTraq ID: 37407
http://www.securityfocus.com/bid/37407
Debian Security Information: DSA-1983 (Google Search)
http://www.debian.org/security/2009/dsa-1983
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01248.html
http://osvdb.org/61178
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9564
http://www.securitytracker.com/id?1023374
http://secunia.com/advisories/37842
http://secunia.com/advisories/37916
http://www.vupen.com/english/advisories/2009/3596
Common Vulnerability Exposure (CVE) ID: CVE-2010-0304
1023516
http://www.securitytracker.com/id?1023516
37985
http://www.securityfocus.com/bid/37985
38257
http://secunia.com/advisories/38257
38348
http://secunia.com/advisories/38348
38829
http://secunia.com/advisories/38829
61987
http://osvdb.org/61987
ADV-2010-0239
http://www.vupen.com/english/advisories/2010/0239
DSA-1983
http://www.debian.org/security/2010/dsa-1983
FEDORA-2010-3556
http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036415.html
MDVSA-2010:031
[oss-security] 20100129 Re: CVE id request: Wireshark
http://www.openwall.com/lists/oss-security/2010/01/29/4
http://anonsvn.wireshark.org/viewvc/trunk-1.2/epan/dissectors/packet-lwres.c?view=diff&r1=31596&r2=28492&diff_format=h
http://www.metasploit.com/modules/exploit/multi/misc/wireshark_lwres_getaddrbyname
http://www.wireshark.org/security/wnpa-sec-2010-01.html
http://www.wireshark.org/security/wnpa-sec-2010-02.html
oval:org.mitre.oval:def:8490
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8490
oval:org.mitre.oval:def:9933
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9933
wireshark-lwres-bo(55951)
https://exchange.xforce.ibmcloud.com/vulnerabilities/55951
CopyrightCopyright (C) 2011 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.