Test ID:	1.3.6.1.4.1.25623.1.0.58881
Category:	Red Hat Local Security Checks
Title:	RedHat Security Advisory RHSA-2007:0066
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory RHSA-2007:0066. Wireshark is a program for monitoring network traffic. Several denial of service bugs were found in Wireshark's LLT, IEEE 802.11, http, and tcp protocol dissectors. It was possible for Wireshark to crash or stop responding if it read a malformed packet off the network. (CVE-2007-0456, CVE-2007-0457, CVE-2007-0458, CVE-2007-0459) Users of Wireshark should upgrade to these updated packages containing Wireshark version 0.99.5, which is not vulnerable to these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2007-0066.html http://www.redhat.com/security/updates/classification/#low Risk factor : Medium CVSS Score: 5.0
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2007-0456 BugTraq ID: 22352 http://www.securityfocus.com/bid/22352 http://fedoranews.org/cms/node/2565 http://www.mandriva.com/security/advisories?name=MDKSA-2007:033 http://osvdb.org/33073 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11342 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14867 http://www.redhat.com/support/errata/RHSA-2007-0066.html http://securitytracker.com/id?1017581 http://secunia.com/advisories/24011 http://secunia.com/advisories/24016 http://secunia.com/advisories/24025 http://secunia.com/advisories/24084 http://secunia.com/advisories/24515 http://secunia.com/advisories/24650 http://secunia.com/advisories/24970 SGI Security Advisory: 20070301-01-P ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc http://www.vupen.com/english/advisories/2007/0443 XForce ISS Database: wireshark-lltdissector-dos(32056) https://exchange.xforce.ibmcloud.com/vulnerabilities/32056 Common Vulnerability Exposure (CVE) ID: CVE-2007-0457 http://osvdb.org/33074 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11003 XForce ISS Database: wireshark-ieeedissector-dos(32055) https://exchange.xforce.ibmcloud.com/vulnerabilities/32055 Common Vulnerability Exposure (CVE) ID: CVE-2007-0458 http://osvdb.org/33075 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10966 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14836 XForce ISS Database: wireshark-httpdissector-dos(32054) https://exchange.xforce.ibmcloud.com/vulnerabilities/32054 Common Vulnerability Exposure (CVE) ID: CVE-2007-0459 http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1200 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10465 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14875 XForce ISS Database: wireshark-tcpdissector-dos(32053) https://exchange.xforce.ibmcloud.com/vulnerabilities/32053
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.