Test ID:	1.3.6.1.4.1.25623.1.0.62851
Category:	FreeBSD Local Security Checks
Title:	wireshark -- SMTP Processing Denial of Service Vulnerability
Summary:	The remote host is missing an update to the system; as announced in the referenced advisory.
Description:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following packages are affected: wireshark wireshark-lite ethereal ethereal-lite tethereal tethereal-lite CVE-2008-5285 Wireshark 1.0.4 and earlier allows remote attackers to cause a denial of service via a long SMTP request, which triggers an infinite loop. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-5285 BugTraq ID: 32422 http://www.securityfocus.com/bid/32422 Bugtraq: 20081122 [SVRT-04-08] Vulnerability in WireShark 1.0.4 for DoS Attack (Google Search) http://www.securityfocus.com/archive/1/498562/100/0/threaded Bugtraq: 20081211 rPSA-2008-0336-1 tshark wireshark (Google Search) http://www.securityfocus.com/archive/1/499154/100/0/threaded http://lists.grok.org.uk/pipermail/full-disclosure/2008-November/065840.html http://www.mandriva.com/security/advisories?name=MDVSA-2008:242 http://www.openwall.com/lists/oss-security/2008/11/24/1 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11351 http://www.redhat.com/support/errata/RHSA-2009-0313.html http://www.securitytracker.com/id?1021275 http://secunia.com/advisories/32840 http://secunia.com/advisories/34144 http://securityreason.com/securityalert/4663 http://www.vupen.com/english/advisories/2008/3231
Copyright	Copyright (C) 2008 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.