Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.60693
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2008:0059
Summary:NOSUMMARY
Description:Description:

The remote host is missing updates announced in
advisory RHSA-2008:0059.

Wireshark is a program for monitoring network traffic. Wireshark was
previously known as Ethereal.

Several flaws were found in Wireshark. Wireshark could crash or possibly
execute arbitrary code as the user running Wireshark if it read a malformed
packet off the network. (CVE-2007-6114, CVE-2007-6115, CVE-2007-6117)

Several denial of service bugs were found in Wireshark. Wireshark could
crash or stop responding if it read a malformed packet off the network.
(CVE-2007-3389, CVE-2007-3390, CVE-2007-3391, CVE-2007-3392, CVE-2007-3392,
CVE-2007-3393, CVE-2007-6113, CVE-2007-6118, CVE-2007-6120, CVE-2007-6121,
CVE-2007-6450, CVE-2007-6451)

As well, Wireshark switched from using net-snmp to libsmi, which is
included in this errata.

Users of wireshark should upgrade to these updated packages, which contain
Wireshark version 0.99.7, and resolve these issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2008-0059.html
http://www.wireshark.org/docs/relnotes/wireshark-0.99.7.html
http://www.redhat.com/security/updates/classification/#moderate

Risk factor : Critical

CVSS Score:
10.0

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2007-3389
BugTraq ID: 24662
http://www.securityfocus.com/bid/24662
http://security.gentoo.org/glsa/glsa-200708-12.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:145
http://osvdb.org/37643
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9964
http://www.redhat.com/support/errata/RHSA-2007-0709.html
http://www.redhat.com/support/errata/RHSA-2007-0710.html
http://www.redhat.com/support/errata/RHSA-2008-0059.html
http://www.securitytracker.com/id?1018315
http://secunia.com/advisories/25833
http://secunia.com/advisories/25987
http://secunia.com/advisories/26004
http://secunia.com/advisories/26499
http://secunia.com/advisories/27592
http://secunia.com/advisories/28583
SuSE Security Announcement: SUSE-SR:2007:015 (Google Search)
http://www.novell.com/linux/security/advisories/2007_15_sr.html
http://www.vupen.com/english/advisories/2007/2353
XForce ISS Database: wireshark-chunkedhttp-dos(35207)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35207
Common Vulnerability Exposure (CVE) ID: CVE-2007-3390
Debian Security Information: DSA-1322 (Google Search)
http://www.debian.org/security/2007/dsa-1322
http://osvdb.org/37642
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10865
http://secunia.com/advisories/25877
XForce ISS Database: wireshark-iseries-dos(35205)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35205
Common Vulnerability Exposure (CVE) ID: CVE-2007-3391
http://osvdb.org/37641
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11672
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14911
XForce ISS Database: wireshark-dcpetsi-dos(35204)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35204
Common Vulnerability Exposure (CVE) ID: CVE-2007-3392
Bugtraq: 20070814 WireShark MMS Remote Denial of Service vulnerability (Google Search)
http://www.securityfocus.com/archive/1/476468/100/0/threaded
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10663
XForce ISS Database: wireshark-sslmms-dos(35203)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35203
Common Vulnerability Exposure (CVE) ID: CVE-2007-3393
http://osvdb.org/37639
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11010
http://secunia.com/advisories/22588/
XForce ISS Database: wireshark-dhcpbootp-dos(35113)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35113
Common Vulnerability Exposure (CVE) ID: CVE-2007-6113
BugTraq ID: 26532
http://www.securityfocus.com/bid/26532
Bugtraq: 20070904 Wireshark DNP3 Dissector Infinite Loop Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/478497/100/0/threaded
Bugtraq: 20080103 rPSA-2008-0004-1 tshark wireshark (Google Search)
http://www.securityfocus.com/archive/1/485792/100/0/threaded
https://www.exploit-db.com/exploits/4347
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00606.html
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00712.html
http://security.gentoo.org/glsa/glsa-200712-23.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2008:001
http://www.mandriva.com/security/advisories?name=MDVSA-2008:1
http://bugs.gentoo.org/show_bug.cgi?id=199958
http://www.securiteam.com/securitynews/5LP0V00MAI.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9841
http://www.redhat.com/support/errata/RHSA-2008-0058.html
http://www.securitytracker.com/id?1018635
http://securitytracker.com/id?1018988
http://secunia.com/advisories/27777
http://secunia.com/advisories/28197
http://secunia.com/advisories/28207
http://secunia.com/advisories/28288
http://secunia.com/advisories/28304
http://secunia.com/advisories/28325
http://secunia.com/advisories/28564
http://secunia.com/advisories/29048
http://securityreason.com/securityalert/3095
SuSE Security Announcement: SUSE-SR:2008:004 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.html
http://www.vupen.com/english/advisories/2007/3956
XForce ISS Database: wireshark-dnp3-dos(36392)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36392
Common Vulnerability Exposure (CVE) ID: CVE-2007-6114
Debian Security Information: DSA-1414 (Google Search)
http://www.debian.org/security/2007/dsa-1414
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10708
http://secunia.com/advisories/27817
Common Vulnerability Exposure (CVE) ID: CVE-2007-6115
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14578
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9726
Common Vulnerability Exposure (CVE) ID: CVE-2007-6117
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11508
Common Vulnerability Exposure (CVE) ID: CVE-2007-6118
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10659
Common Vulnerability Exposure (CVE) ID: CVE-2007-6120
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14802
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9488
Common Vulnerability Exposure (CVE) ID: CVE-2007-6121
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11374
Common Vulnerability Exposure (CVE) ID: CVE-2007-6450
BugTraq ID: 27071
http://www.securityfocus.com/bid/27071
Debian Security Information: DSA-1446 (Google Search)
http://www.debian.org/security/2008/dsa-1446
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11442
http://secunia.com/advisories/28315
XForce ISS Database: wireshark-rpl-dissector-dos(39186)
https://exchange.xforce.ibmcloud.com/vulnerabilities/39186
Common Vulnerability Exposure (CVE) ID: CVE-2007-6451
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9685
XForce ISS Database: wireshark-cip-dissector-dos(39187)
https://exchange.xforce.ibmcloud.com/vulnerabilities/39187
CopyrightCopyright (c) 2008 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.