Test ID:	1.3.6.1.4.1.25623.1.0.59466
Category:	Fedora Local Security Checks
Title:	Fedora Core 6 FEDORA-2007-216 (wireshark)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to wireshark announced via advisory FEDORA-2007-216. Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. Update Information: - multiple security issues fixed (#227140) - CVE-2007-0459 - The TCP dissector could hang or crash while reassembling HTTP packets - CVE-2007-0459 - The HTTP dissector could crash. - CVE-2007-0457 - On some systems, the IEEE 802.11 dissector could crash. - CVE-2007-0456 - On some systems, the LLT dissector could crash. * Mon Feb 5 2007 Radek Vokál 0.99.5-1 - multiple security issues fixed (#227140) - CVE-2007-0459 - The TCP dissector could hang or crash while reassembling HTTP packets - CVE-2007-0459 - The HTTP dissector could crash. - CVE-2007-0457 - On some systems, the IEEE 802.11 dissector could crash. - CVE-2007-0456 - On some systems, the LLT dissector could crash. Solution: Apply the appropriate updates. This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2007-216 Risk factor : Medium CVSS Score: 5.0
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2007-0459 BugTraq ID: 22352 http://www.securityfocus.com/bid/22352 http://fedoranews.org/cms/node/2565 http://www.mandriva.com/security/advisories?name=MDKSA-2007:033 http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1200 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10465 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14875 http://www.redhat.com/support/errata/RHSA-2007-0066.html http://securitytracker.com/id?1017581 http://secunia.com/advisories/24011 http://secunia.com/advisories/24016 http://secunia.com/advisories/24025 http://secunia.com/advisories/24084 http://secunia.com/advisories/24515 http://secunia.com/advisories/24650 http://secunia.com/advisories/24970 SGI Security Advisory: 20070301-01-P ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc http://www.vupen.com/english/advisories/2007/0443 XForce ISS Database: wireshark-tcpdissector-dos(32053) https://exchange.xforce.ibmcloud.com/vulnerabilities/32053 Common Vulnerability Exposure (CVE) ID: CVE-2007-0457 http://osvdb.org/33074 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11003 XForce ISS Database: wireshark-ieeedissector-dos(32055) https://exchange.xforce.ibmcloud.com/vulnerabilities/32055 Common Vulnerability Exposure (CVE) ID: CVE-2007-0456 http://osvdb.org/33073 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11342 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14867 XForce ISS Database: wireshark-lltdissector-dos(32056) https://exchange.xforce.ibmcloud.com/vulnerabilities/32056
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.