English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.62907
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2006:0726
Summary:NOSUMMARY
Description:Description:

The remote host is missing updates announced in
advisory RHSA-2006:0726.

Wireshark is a program for monitoring network traffic.

Several flaws were found in Wireshark's HTTP, WBXML, LDAP, and XOT protocol
dissectors. Wireshark could crash or stop responding if it read a malformed
packet off the network. (CVE-2006-4805, CVE-2006-5468, CVE-2006-5469,
CVE-2006-5740)

A single NULL byte heap based buffer overflow was found in Wireshark's MIME
Multipart dissector. Wireshark could crash or possibly execute arbitrary
arbitrary code as the user running Wireshark. (CVE-2006-4574)

Users of Wireshark should upgrade to these updated packages containing
Wireshark version 0.99.4, which is not vulnerable to these issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2006-0726.html
http://www.redhat.com/security/updates/classification/#moderate

Risk factor : Medium

CVSS Score:
5.0

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2006-4574
1017129
http://securitytracker.com/id?1017129
20061101 rPSA-2006-0202-1 tshark wireshark
http://www.securityfocus.com/archive/1/450307/100/0/threaded
20061101-01-P
ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P
20762
http://www.securityfocus.com/bid/20762
22590
http://secunia.com/advisories/22590
22659
http://secunia.com/advisories/22659
22672
http://secunia.com/advisories/22672
22692
http://secunia.com/advisories/22692
22797
http://secunia.com/advisories/22797
22841
http://secunia.com/advisories/22841
22929
http://secunia.com/advisories/22929
23096
http://secunia.com/advisories/23096
ADV-2006-4220
http://www.vupen.com/english/advisories/2006/4220
DSA-1201
http://www.us.debian.org/security/2006/dsa-1201
MDKSA-2006:195
http://www.mandriva.com/security/advisories?name=MDKSA-2006:195
RHSA-2006:0726
http://www.redhat.com/support/errata/RHSA-2006-0726.html
SUSE-SA:2006:065
http://www.novell.com/linux/security/advisories/2006_65_ethereal.html
http://support.avaya.com/elmodocs2/security/ASA-2006-255.htm
http://www.wireshark.org/security/wnpa-sec-2006-03.html
https://issues.rpath.com/browse/RPL-746
oval:org.mitre.oval:def:9740
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9740
wireshark-mime-dos(29844)
https://exchange.xforce.ibmcloud.com/vulnerabilities/29844
Common Vulnerability Exposure (CVE) ID: CVE-2006-4805
VU#723736
http://www.kb.cert.org/vuls/id/723736
oval:org.mitre.oval:def:10199
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10199
wireshark-xot-dos(29843)
https://exchange.xforce.ibmcloud.com/vulnerabilities/29843
Common Vulnerability Exposure (CVE) ID: CVE-2006-5468
VU#363992
http://www.kb.cert.org/vuls/id/363992
oval:org.mitre.oval:def:10707
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10707
oval:org.mitre.oval:def:14120
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14120
wireshark-http-dos(29840)
https://exchange.xforce.ibmcloud.com/vulnerabilities/29840
Common Vulnerability Exposure (CVE) ID: CVE-2006-5469
oval:org.mitre.oval:def:9537
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9537
wireshark-wbxml-dos(29842)
https://exchange.xforce.ibmcloud.com/vulnerabilities/29842
Common Vulnerability Exposure (CVE) ID: CVE-2006-5740
BugTraq ID: 20762
Bugtraq: 20061101 rPSA-2006-0202-1 tshark wireshark (Google Search)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14679
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9482
http://securitytracker.com/alerts/2006/Oct/1017129.html
SGI Security Advisory: 20061101-01-P
SuSE Security Announcement: SUSE-SA:2006:065 (Google Search)
XForce ISS Database: wireshark-ldap-dos(29841)
https://exchange.xforce.ibmcloud.com/vulnerabilities/29841
CopyrightCopyright (c) 2008 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.