Test ID:	1.3.6.1.4.1.25623.1.0.59392
Category:	Fedora Local Security Checks
Title:	Fedora Core 6 FEDORA-2006-1140 (wireshark)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to wireshark announced via advisory FEDORA-2006-1140. Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. * Wed Nov 1 2006 Radek Vokál 0.99.4-1 - upgrade to 0.99.4-1, fixes multiple security issues - CVE-2006-5468 - The HTTP dissector could dereference a null pointer. - CVE-2006-5469 - The WBXML dissector could crash. - CVE-2006-5470 - The LDAP dissector (and possibly others) could crash. - CVE-2006-4805 - Basic DoS, The XOT dissector could attempt to allocate a large amount of memory and crash. - CVE-2006-4574 - Single byte \0 overflow written onto the heap * Tue Oct 10 2006 Radek Vokal 0.99.4-0.pre1 - upgrade to 0.99.4-0.pre1 * Fri Aug 25 2006 Radek Vokál 0.99.3-1 - upgrade to 0.99.3 - Wireshark 0.99.3 fixes the following vulnerabilities: - the SCSI dissector could crash. Versions affected: CVE-2006-4330 - the IPsec ESP preference parser was susceptible to off-by-one errors. CVE-2006-4331 - a malformed packet could make the Q.2931 dissector use up available memory. CVE-2006-4333 * Tue Jul 18 2006 Radek Vokál 0.99.2-1 - upgrade to 0.99.2 * Wed Jul 12 2006 Jesse Keating - 0.99.2-0.pre1.1 - rebuild * Tue Jul 11 2006 Radek Vokál 0.99.2-0.pre1 - upgrade to 0.99.2pre1, fixes (#198242) * Tue Jun 13 2006 Radek Vokal 0.99.1-0.pre1 - spec file changes * Fri Jun 9 2006 Radek Vokal 0.99.1pre1-1 - initial build for Fedora Core Solution: Apply the appropriate updates. This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2006-1140 Risk factor : High CVSS Score: 5.4
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-5468 1017129 http://securitytracker.com/id?1017129 20061101 rPSA-2006-0202-1 tshark wireshark http://www.securityfocus.com/archive/1/450307/100/0/threaded 20061101-01-P ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P 20762 http://www.securityfocus.com/bid/20762 22590 http://secunia.com/advisories/22590 22672 http://secunia.com/advisories/22672 22692 http://secunia.com/advisories/22692 22797 http://secunia.com/advisories/22797 22841 http://secunia.com/advisories/22841 22929 http://secunia.com/advisories/22929 23096 http://secunia.com/advisories/23096 ADV-2006-4220 http://www.vupen.com/english/advisories/2006/4220 MDKSA-2006:195 http://www.mandriva.com/security/advisories?name=MDKSA-2006:195 RHSA-2006:0726 http://www.redhat.com/support/errata/RHSA-2006-0726.html SUSE-SA:2006:065 http://www.novell.com/linux/security/advisories/2006_65_ethereal.html VU#363992 http://www.kb.cert.org/vuls/id/363992 http://support.avaya.com/elmodocs2/security/ASA-2006-255.htm http://www.wireshark.org/security/wnpa-sec-2006-03.html https://issues.rpath.com/browse/RPL-746 oval:org.mitre.oval:def:10707 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10707 oval:org.mitre.oval:def:14120 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14120 wireshark-http-dos(29840) https://exchange.xforce.ibmcloud.com/vulnerabilities/29840 Common Vulnerability Exposure (CVE) ID: CVE-2006-5469 oval:org.mitre.oval:def:9537 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9537 wireshark-wbxml-dos(29842) https://exchange.xforce.ibmcloud.com/vulnerabilities/29842 Common Vulnerability Exposure (CVE) ID: CVE-2006-5470 Common Vulnerability Exposure (CVE) ID: CVE-2006-4805 22659 http://secunia.com/advisories/22659 DSA-1201 http://www.us.debian.org/security/2006/dsa-1201 VU#723736 http://www.kb.cert.org/vuls/id/723736 oval:org.mitre.oval:def:10199 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10199 wireshark-xot-dos(29843) https://exchange.xforce.ibmcloud.com/vulnerabilities/29843 Common Vulnerability Exposure (CVE) ID: CVE-2006-4574 oval:org.mitre.oval:def:9740 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9740 wireshark-mime-dos(29844) https://exchange.xforce.ibmcloud.com/vulnerabilities/29844 Common Vulnerability Exposure (CVE) ID: CVE-2006-4330 1016736 http://securitytracker.com/id?1016736 19690 http://www.securityfocus.com/bid/19690 20060825 rPSA-2006-0158-1 tshark wireshark http://www.securityfocus.com/archive/1/444323/100/0/threaded 21597 http://secunia.com/advisories/21597 21619 http://secunia.com/advisories/21619 21649 http://secunia.com/advisories/21649 21682 http://secunia.com/advisories/21682 21885 http://secunia.com/advisories/21885 22378 http://secunia.com/advisories/22378 ADV-2006-3370 http://www.vupen.com/english/advisories/2006/3370 GLSA-200608-26 http://security.gentoo.org/glsa/glsa-200608-26.xml MDKSA-2006:152 http://www.mandriva.com/security/advisories?name=MDKSA-2006:152 RHSA-2006:0658 http://www.redhat.com/support/errata/RHSA-2006-0658.html VU#808832 http://www.kb.cert.org/vuls/id/808832 http://support.avaya.com/elmodocs2/security/ASA-2006-227.htm http://www.wireshark.org/security/wnpa-sec-2006-02.html https://issues.rpath.com/browse/RPL-597 oval:org.mitre.oval:def:14684 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14684 oval:org.mitre.oval:def:9869 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9869 wireshark-esp-offbyone(28553) https://exchange.xforce.ibmcloud.com/vulnerabilities/28553 wireshark-scsi-dos(28550) https://exchange.xforce.ibmcloud.com/vulnerabilities/28550 Common Vulnerability Exposure (CVE) ID: CVE-2006-4331 VU#638376 http://www.kb.cert.org/vuls/id/638376 oval:org.mitre.oval:def:10125 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10125 oval:org.mitre.oval:def:14587 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14587 Common Vulnerability Exposure (CVE) ID: CVE-2006-4333 21813 http://secunia.com/advisories/21813 DSA-1171 http://www.debian.org/security/2006/dsa-1171 VU#696896 http://www.kb.cert.org/vuls/id/696896 oval:org.mitre.oval:def:11801 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11801 wireshark-sscop-dos(28556) https://exchange.xforce.ibmcloud.com/vulnerabilities/28556
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.