Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.60694
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2008:0058
Summary:NOSUMMARY
Description:Description:

The remote host is missing updates announced in
advisory RHSA-2008:0058.

Wireshark is a program for monitoring network traffic. Wireshark was
previously known as Ethereal.

Several flaws were found in Wireshark. Wireshark could crash or possibly
execute arbitrary code as the user running Wireshark if it read a malformed
packet off the network. (CVE-2007-6112, CVE-2007-6114, CVE-2007-6115,
CVE-2007-6117)

Several denial of service bugs were found in Wireshark. Wireshark could
crash or stop responding if it read a malformed packet off the network.
(CVE-2007-6111, CVE-2007-6113, CVE-2007-6116, CVE-2007-6118, CVE-2007-6119,
CVE-2007-6120, CVE-2007-6121, CVE-2007-6438, CVE-2007-6439, CVE-2007-6441,
CVE-2007-6450, CVE-2007-6451)

As well, Wireshark switched from using net-snmp to libsmi, which is
included in this errata.

Users of wireshark should upgrade to these updated packages, which contain
Wireshark version 0.99.7, and resolve these issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2008-0058.html
http://www.wireshark.org/docs/relnotes/wireshark-0.99.7.html
http://www.redhat.com/security/updates/classification/#moderate

Risk factor : Critical

CVSS Score:
10.0

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2007-6111
BugTraq ID: 26532
http://www.securityfocus.com/bid/26532
Bugtraq: 20080103 rPSA-2008-0004-1 tshark wireshark (Google Search)
http://www.securityfocus.com/archive/1/485792/100/0/threaded
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00606.html
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00712.html
http://security.gentoo.org/glsa/glsa-200712-23.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2008:001
http://www.mandriva.com/security/advisories?name=MDVSA-2008:1
http://bugs.gentoo.org/show_bug.cgi?id=199958
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9048
http://www.redhat.com/support/errata/RHSA-2008-0058.html
http://securitytracker.com/id?1018988
http://secunia.com/advisories/27777
http://secunia.com/advisories/28197
http://secunia.com/advisories/28207
http://secunia.com/advisories/28288
http://secunia.com/advisories/28304
http://secunia.com/advisories/28325
http://secunia.com/advisories/28564
http://secunia.com/advisories/29048
SuSE Security Announcement: SUSE-SR:2008:004 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.html
http://www.vupen.com/english/advisories/2007/3956
Common Vulnerability Exposure (CVE) ID: CVE-2007-6112
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14561
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9772
Common Vulnerability Exposure (CVE) ID: CVE-2007-6113
Bugtraq: 20070904 Wireshark DNP3 Dissector Infinite Loop Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/478497/100/0/threaded
https://www.exploit-db.com/exploits/4347
http://www.securiteam.com/securitynews/5LP0V00MAI.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9841
http://www.redhat.com/support/errata/RHSA-2008-0059.html
http://www.securitytracker.com/id?1018635
http://secunia.com/advisories/28583
http://securityreason.com/securityalert/3095
XForce ISS Database: wireshark-dnp3-dos(36392)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36392
Common Vulnerability Exposure (CVE) ID: CVE-2007-6114
Debian Security Information: DSA-1414 (Google Search)
http://www.debian.org/security/2007/dsa-1414
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10708
http://secunia.com/advisories/27817
Common Vulnerability Exposure (CVE) ID: CVE-2007-6115
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14578
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9726
Common Vulnerability Exposure (CVE) ID: CVE-2007-6116
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15036
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9799
Common Vulnerability Exposure (CVE) ID: CVE-2007-6117
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11508
Common Vulnerability Exposure (CVE) ID: CVE-2007-6118
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10659
Common Vulnerability Exposure (CVE) ID: CVE-2007-6119
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14721
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9880
Common Vulnerability Exposure (CVE) ID: CVE-2007-6120
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14802
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9488
Common Vulnerability Exposure (CVE) ID: CVE-2007-6121
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11374
Common Vulnerability Exposure (CVE) ID: CVE-2007-6438
BugTraq ID: 27071
http://www.securityfocus.com/bid/27071
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11785
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14734
XForce ISS Database: wireshark-smb-dissector-dos(39178)
https://exchange.xforce.ibmcloud.com/vulnerabilities/39178
Common Vulnerability Exposure (CVE) ID: CVE-2007-6439
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10331
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15002
XForce ISS Database: wireshark-ipv6-dissector-dos(39180)
https://exchange.xforce.ibmcloud.com/vulnerabilities/39180
XForce ISS Database: wireshark-usb-dissector-dos(39181)
https://exchange.xforce.ibmcloud.com/vulnerabilities/39181
Common Vulnerability Exposure (CVE) ID: CVE-2007-6441
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10452
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14126
XForce ISS Database: wireshark-wimax-dissector-dos(39183)
https://exchange.xforce.ibmcloud.com/vulnerabilities/39183
Common Vulnerability Exposure (CVE) ID: CVE-2007-6450
Debian Security Information: DSA-1446 (Google Search)
http://www.debian.org/security/2008/dsa-1446
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11442
http://secunia.com/advisories/28315
XForce ISS Database: wireshark-rpl-dissector-dos(39186)
https://exchange.xforce.ibmcloud.com/vulnerabilities/39186
Common Vulnerability Exposure (CVE) ID: CVE-2007-6451
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9685
XForce ISS Database: wireshark-cip-dissector-dos(39187)
https://exchange.xforce.ibmcloud.com/vulnerabilities/39187
CopyrightCopyright (c) 2008 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.