Test ID:	1.3.6.1.4.1.25623.1.0.69528
Category:	Fedora Local Security Checks
Title:	Fedora Core 15 FEDORA-2011-5621 (wireshark)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to wireshark announced via advisory FEDORA-2011-5621. Update Information: Upgrade to latest release, fixing few security bugs. See http://www.wireshark.org/docs/relnotes/wireshark-1.4.5.html and http://www.wireshark.org/docs/relnotes/wireshark-1.4.6.html References: [ 1 ] Bug #697741 - CVE-2011-1590 Wireshark: Use-after-free causes heap-based buffer overflow in X.509if dissector https://bugzilla.redhat.com/show_bug.cgi?id=697741 [ 2 ] Bug #697746 - CVE-2011-1591 Wireshark: Heap-based buffer overflow in DECT dissector https://bugzilla.redhat.com/show_bug.cgi?id=697746 Solution: Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update wireshark' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2011-5621 Risk factor : Critical CVSS Score: 9.3
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1590 1025388 http://securitytracker.com/id?1025388 44172 http://secunia.com/advisories/44172 44374 http://secunia.com/advisories/44374 44822 http://secunia.com/advisories/44822 45149 http://secunia.com/advisories/45149 48947 http://secunia.com/advisories/48947 71846 http://www.osvdb.org/71846 ADV-2011-1022 http://www.vupen.com/english/advisories/2011/1022 ADV-2011-1106 http://www.vupen.com/english/advisories/2011/1106 DSA-2274 http://www.debian.org/security/2011/dsa-2274 FEDORA-2011-5529 http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058993.html FEDORA-2011-5569 http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058983.html FEDORA-2011-5621 http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058900.html MDVSA-2011:083 http://www.mandriva.com/security/advisories?name=MDVSA-2011:083 SUSE-SU-2011:0611 https://hermes.opensuse.org/messages/8701428 [oss-security] 20110418 Re: Wireshark 1.2.16 / 1.4.5 http://openwall.com/lists/oss-security/2011/04/18/8 [oss-security] 20110418 Wireshark 1.2.16 / 1.4.5 http://openwall.com/lists/oss-security/2011/04/18/2 http://anonsvn.wireshark.org/viewvc?revision=36608&view=revision http://www.wireshark.org/security/wnpa-sec-2011-05.html http://www.wireshark.org/security/wnpa-sec-2011-06.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5754 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5793 oval:org.mitre.oval:def:15050 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15050 Common Vulnerability Exposure (CVE) ID: CVE-2011-1591 1025389 http://securitytracker.com/id?1025389 17185 http://www.exploit-db.com/exploits/17185 17195 http://www.exploit-db.com/exploits/17195 71848 http://www.osvdb.org/71848 VU#243670 http://www.kb.cert.org/vuls/id/243670 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5836 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5838 oval:org.mitre.oval:def:15000 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15000 wireshark-dect-bo(66834) https://exchange.xforce.ibmcloud.com/vulnerabilities/66834
Copyright	Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.