Test ID:	1.3.6.1.4.1.25623.1.0.66805
Category:	Debian Local Security Checks
Title:	Debian: Security Advisory (DSA-1983-1)
Summary:	The remote host is missing an update for the Debian 'wireshark' package(s) announced via the DSA-1983-1 advisory.
Description:	Summary: The remote host is missing an update for the Debian 'wireshark' package(s) announced via the DSA-1983-1 advisory. Vulnerability Insight: Several remote vulnerabilities have been discovered in the Wireshark network traffic analyzer, which may lead to the execution of arbitrary code or denial of service. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-4377 A NULL pointer dereference was found in the SMB/SMB2 dissectors. CVE-2010-0304 Several buffer overflows were found in the LWRES dissector. For the stable distribution (lenny), these problems have been fixed in version 1.0.2-3+lenny8. For the unstable distribution (sid) these problems have been fixed in version 1.2.6-1. We recommend that you upgrade your Wireshark packages. Affected Software/OS: 'wireshark' package(s) on Debian 5. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-4377 BugTraq ID: 37407 http://www.securityfocus.com/bid/37407 Debian Security Information: DSA-1983 (Google Search) http://www.debian.org/security/2009/dsa-1983 https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01248.html http://www.mandriva.com/security/advisories?name=MDVSA-2010:031 http://osvdb.org/61178 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9564 http://www.securitytracker.com/id?1023374 http://secunia.com/advisories/37842 http://secunia.com/advisories/37916 http://www.vupen.com/english/advisories/2009/3596 Common Vulnerability Exposure (CVE) ID: CVE-2010-0304 1023516 http://www.securitytracker.com/id?1023516 37985 http://www.securityfocus.com/bid/37985 38257 http://secunia.com/advisories/38257 38348 http://secunia.com/advisories/38348 38829 http://secunia.com/advisories/38829 61987 http://osvdb.org/61987 ADV-2010-0239 http://www.vupen.com/english/advisories/2010/0239 DSA-1983 http://www.debian.org/security/2010/dsa-1983 FEDORA-2010-3556 http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036415.html MDVSA-2010:031 [oss-security] 20100129 Re: CVE id request: Wireshark http://www.openwall.com/lists/oss-security/2010/01/29/4 http://anonsvn.wireshark.org/viewvc/trunk-1.2/epan/dissectors/packet-lwres.c?view=diff&r1=31596&r2=28492&diff_format=h http://www.metasploit.com/modules/exploit/multi/misc/wireshark_lwres_getaddrbyname http://www.wireshark.org/security/wnpa-sec-2010-01.html http://www.wireshark.org/security/wnpa-sec-2010-02.html oval:org.mitre.oval:def:8490 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8490 oval:org.mitre.oval:def:9933 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9933 wireshark-lwres-bo(55951) https://exchange.xforce.ibmcloud.com/vulnerabilities/55951
Copyright	Copyright (C) 2010 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.