Test ID:	1.3.6.1.4.1.25623.1.0.60770
Category:	Fedora Local Security Checks
Title:	Fedora Core 8 FEDORA-2008-3040 (wireshark)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to wireshark announced via advisory FEDORA-2008-3040. Update Information: Upgrade to 1.0.0 fixes several security flaws (wireshark crashes, see BZ references). References: [ 1 ] Bug #435483 - CVE-2008-1072 wireshark: TFTP dissector crash https://bugzilla.redhat.com/show_bug.cgi?id=435483 [ 2 ] Bug #440015 - CVE-2008-1562 wireshark: crash in LDAP dissector https://bugzilla.redhat.com/show_bug.cgi?id=440015 [ 3 ] Bug #435481 - CVE-2008-1070 wireshark: SCTP dissector crash https://bugzilla.redhat.com/show_bug.cgi?id=435481 [ 4 ] Bug #439943 - CVE-2008-1563 wireshark crash in SCCP dissector https://bugzilla.redhat.com/show_bug.cgi?id=439943 [ 5 ] Bug #440014 - CVE-2008-1561 wireshark: crash in X.509sat and Roofnet dissectors https://bugzilla.redhat.com/show_bug.cgi?id=440014 [ 6 ] Bug #435482 - CVE-2008-1071 wireshark: SNMP dissector crash https://bugzilla.redhat.com/show_bug.cgi?id=435482 Solution: Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update wireshark' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2008-3040 Risk factor : Medium CVSS Score: 5.0
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-1072 BugTraq ID: 28025 http://www.securityfocus.com/bid/28025 Bugtraq: 20080229 rPSA-2008-0092-1 tshark wireshark (Google Search) http://www.securityfocus.com/archive/1/488967/100/0/threaded https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00140.html https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00228.html http://security.gentoo.org/glsa/glsa-200803-32.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:057 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10188 http://www.redhat.com/support/errata/RHSA-2008-0890.html http://www.securitytracker.com/id?1019515 http://secunia.com/advisories/29156 http://secunia.com/advisories/29188 http://secunia.com/advisories/29223 http://secunia.com/advisories/29242 http://secunia.com/advisories/29511 http://secunia.com/advisories/29736 http://secunia.com/advisories/32091 SuSE Security Announcement: SUSE-SR:2008:005 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html http://www.vupen.com/english/advisories/2008/0704 http://www.vupen.com/english/advisories/2008/2773 Common Vulnerability Exposure (CVE) ID: CVE-2008-1562 BugTraq ID: 28485 http://www.securityfocus.com/bid/28485 Bugtraq: 20080404 rPSA-2008-0138-1 tshark wireshark (Google Search) http://www.securityfocus.com/archive/1/490487/100/0/threaded http://www.gentoo.org/security/en/glsa/glsa-200805-05.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:091 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14549 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9318 http://www.securitytracker.com/id?1019728 http://secunia.com/advisories/29569 http://secunia.com/advisories/29622 http://secunia.com/advisories/29695 http://secunia.com/advisories/29971 SuSE Security Announcement: SUSE-SR:2008:008 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html http://www.vupen.com/english/advisories/2008/1007/references XForce ISS Database: wireshark-ldap-dissector-dos(41516) https://exchange.xforce.ibmcloud.com/vulnerabilities/41516 Common Vulnerability Exposure (CVE) ID: CVE-2008-1070 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11378 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14995 Common Vulnerability Exposure (CVE) ID: CVE-2008-1563 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10238 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15074 XForce ISS Database: wireshark-sccp-dissector-dos(41517) https://exchange.xforce.ibmcloud.com/vulnerabilities/41517 Common Vulnerability Exposure (CVE) ID: CVE-2008-1561 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15089 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9315 XForce ISS Database: wireshark-roofnet-dissector-dos(41515) https://exchange.xforce.ibmcloud.com/vulnerabilities/41515 XForce ISS Database: wireshark-x509sat-dissector-dos(41514) https://exchange.xforce.ibmcloud.com/vulnerabilities/41514 Common Vulnerability Exposure (CVE) ID: CVE-2008-1071 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11633 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14784
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.