 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.850802 |
| Category: | SuSE Local Security Checks |
| Title: | SUSE: Security Advisory for wireshark (SUSE-SU-2014:1221-1) |
| Summary: | The remote host is missing an update for the 'wireshark'; package(s) announced via the referenced advisory. |
| Description: | Summary: The remote host is missing an update for the 'wireshark' package(s) announced via the referenced advisory. Vulnerability Insight: The wireshark package was upgraded to 1.10.10 from 1.8.x as 1.8 was discontinued. This update fixes vulnerabilities that could allow an attacker to crash Wireshark or make it become unresponsive by sending specific packets onto the network or have them loaded via a capture file while the dissectors are running. It also contains a number of other bug fixes. * RTP dissector crash. (wnpa-sec-2014-12 CVE-2014-6421 CVE-2014-6422) * MEGACO dissector infinite loop. (wnpa-sec-2014-13 CVE-2014-6423) * Netflow dissector crash. (wnpa-sec-2014-14 CVE-2014-6424) * RTSP dissector crash. (wnpa-sec-2014-17 CVE-2014-6427) * SES dissector crash. (wnpa-sec-2014-18 CVE-2014-6428) * Sniffer file parser crash. (wnpa-sec-2014-19 CVE-2014-6429 CVE-2014-6430 CVE-2014-6431 CVE-2014-6432) * The Catapult DCT2000 and IrDA dissectors could underrun a buffer. (wnpa-sec-2014-08 CVE-2014-5161 CVE-2014-5162, bnc#889901) * The GSM Management dissector could crash. (wnpa-sec-2014-09 CVE-2014-5163, bnc#889906) * The RLC dissector could crash. (wnpa-sec-2014-10 CVE-2014-5164, bnc#889900) * The ASN.1 BER dissector could crash. (wnpa-sec-2014-11 CVE-2014-5165, bnc#889899) Affected Software/OS: wireshark on SUSE Linux Enterprise Server 11 SP3 Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2014-6421 RedHat Security Advisories: RHSA-2014:1676 http://rhn.redhat.com/errata/RHSA-2014-1676.html RedHat Security Advisories: RHSA-2014:1677 http://rhn.redhat.com/errata/RHSA-2014-1677.html http://secunia.com/advisories/60280 http://secunia.com/advisories/61929 http://secunia.com/advisories/61933 SuSE Security Announcement: SUSE-SU-2014:1221 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00033.html SuSE Security Announcement: openSUSE-SU-2014:1249 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-09/msg00058.html Common Vulnerability Exposure (CVE) ID: CVE-2014-6422 Debian Security Information: DSA-3049 (Google Search) http://www.debian.org/security/2014/dsa-3049 http://secunia.com/advisories/60578 Common Vulnerability Exposure (CVE) ID: CVE-2014-6423 Common Vulnerability Exposure (CVE) ID: CVE-2014-6424 Common Vulnerability Exposure (CVE) ID: CVE-2014-6427 Common Vulnerability Exposure (CVE) ID: CVE-2014-6428 Common Vulnerability Exposure (CVE) ID: CVE-2014-6429 Common Vulnerability Exposure (CVE) ID: CVE-2014-6430 Common Vulnerability Exposure (CVE) ID: CVE-2014-6431 Common Vulnerability Exposure (CVE) ID: CVE-2014-6432 Common Vulnerability Exposure (CVE) ID: CVE-2014-5161 Debian Security Information: DSA-3002 (Google Search) http://www.debian.org/security/2014/dsa-3002 http://secunia.com/advisories/57593 SuSE Security Announcement: openSUSE-SU-2014:1038 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-08/msg00025.html Common Vulnerability Exposure (CVE) ID: CVE-2014-5162 Common Vulnerability Exposure (CVE) ID: CVE-2014-5163 Common Vulnerability Exposure (CVE) ID: CVE-2014-5164 Common Vulnerability Exposure (CVE) ID: CVE-2014-5165 |
| Copyright | Copyright (C) 2015 Greenbone Networks GmbH |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |