English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.61582
Category:Fedora Local Security Checks
Title:Fedora Core 8 FEDORA-2008-7894 (wireshark)
Summary:NOSUMMARY
Description:Description:

The remote host is missing an update to wireshark
announced via advisory FEDORA-2008-7894.

Update Information:

Upgrade to upstream version 1.0.3. Detailed upstream release notes:
http://www.wireshark.org/docs/relnotes/wireshark-1.0.3.html Security issues
addressed in the new upstream version: http://www.wireshark.org/security/wnpa-
sec-2008-05.html

ChangeLog:

* Wed Sep 10 2008 Radek Vokál 1.0.3-1
- upgrade to 1.0.3, fixes several security issues (#461254)
* Fri Jul 18 2008 Radek Vokál 1.0.2-1
- upgrade to 1.0.2, fixes a few security issues

References:

[ 1 ] Bug #461242 - CVE-2008-3146 wireshark: multiple buffer overflows in NCP dissector
https://bugzilla.redhat.com/show_bug.cgi?id=461242
[ 2 ] Bug #461243 - CVE-2008-3932 wireshark: infinite loop in the NCP dissector
https://bugzilla.redhat.com/show_bug.cgi?id=461243
[ 3 ] Bug #461244 - CVE-2008-3933 wireshark: crash triggered by zlib-compressed packet data
https://bugzilla.redhat.com/show_bug.cgi?id=461244
[ 4 ] Bug #461245 - CVE-2008-3934 wireshark: crash via crafted Tektronix .rf5 file
https://bugzilla.redhat.com/show_bug.cgi?id=461245

Solution: Apply the appropriate updates.

This update can be installed with the yum update program. Use
su -c 'yum update wireshark' at the command line.
For more information, refer to Managing Software with yum,
available at http://docs.fedoraproject.org/yum/.

http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2008-7894

Risk factor : Critical

CVSS Score:
10.0

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2008-3146
Bugtraq: 20080917 rPSA-2008-0278-1 tshark wireshark (Google Search)
http://www.securityfocus.com/archive/1/496487/100/0/threaded
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00715.html
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00713.html
http://security.gentoo.org/glsa/glsa-200809-17.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2008:199
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10624
http://www.redhat.com/support/errata/RHSA-2008-0890.html
http://www.securitytracker.com/id?1020819
http://secunia.com/advisories/31687
http://secunia.com/advisories/31864
http://secunia.com/advisories/31886
http://secunia.com/advisories/32028
http://secunia.com/advisories/32091
SuSE Security Announcement: SUSE-SR:2008:017 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
http://www.vupen.com/english/advisories/2008/2773
Common Vulnerability Exposure (CVE) ID: CVE-2008-3932
1020819
20080917 rPSA-2008-0278-1 tshark wireshark
31864
31886
32028
32091
ADV-2008-2493
http://www.vupen.com/english/advisories/2008/2493
ADV-2008-2773
FEDORA-2008-7894
FEDORA-2008-7936
GLSA-200809-17
MDVSA-2008:199
RHSA-2008:0890
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2675
http://support.avaya.com/elmodocs2/security/ASA-2008-392.htm
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0278
http://www.wireshark.org/security/wnpa-sec-2008-05.html
oval:org.mitre.oval:def:11273
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11273
wireshark-ncp-dos(45309)
https://exchange.xforce.ibmcloud.com/vulnerabilities/45309
Common Vulnerability Exposure (CVE) ID: CVE-2008-3933
32944
http://secunia.com/advisories/32944
DSA-1673
http://www.debian.org/security/2008/dsa-1673
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2649
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2682
oval:org.mitre.oval:def:9620
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9620
Common Vulnerability Exposure (CVE) ID: CVE-2008-3934
oval:org.mitre.oval:def:15087
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15087
oval:org.mitre.oval:def:9920
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9920
CopyrightCopyright (c) 2008 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.