Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.870641
Category:Red Hat Local Security Checks
Title:RedHat Update for wireshark RHSA-2011:0369-01
Summary:The remote host is missing an update for the 'wireshark'; package(s) announced via the referenced advisory.
Description:Summary:
The remote host is missing an update for the 'wireshark'
package(s) announced via the referenced advisory.

Vulnerability Insight:
Wireshark is a program for monitoring network traffic. Wireshark was
previously known as Ethereal.

A heap-based buffer overflow flaw was found in the Wireshark MAC-LTE
dissector. If Wireshark read a malformed packet off a network or opened a
malicious dump file, it could crash or, possibly, execute arbitrary code as
the user running Wireshark. (CVE-2011-0444)

A heap-based buffer overflow flaw was found in the way Wireshark processed
signaling traces generated by the Gammu utility on Nokia DCT3 phones
running in Netmonitor mode. If Wireshark opened a specially-crafted capture
file, it could crash or, possibly, execute arbitrary code as the user
running Wireshark. (CVE-2011-0713)

Several denial of service flaws were found in Wireshark. Wireshark could
crash or stop responding if it read a malformed packet off a network, or
opened a malicious dump file. (CVE-2011-0538, CVE-2011-1139, CVE-2011-1140,
CVE-2011-1141)

Users of Wireshark should upgrade to these updated packages, which contain
Wireshark version 1.2.15, and resolve these issues. All running instances
of Wireshark must be restarted for the update to take effect.

Affected Software/OS:
wireshark on Red Hat Enterprise Linux Desktop (v. 6),
Red Hat Enterprise Linux Server (v. 6),
Red Hat Enterprise Linux Workstation (v. 6)

Solution:
Please Install the Updated Packages.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2011-0444
BugTraq ID: 45775
http://www.securityfocus.com/bid/45775
http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053650.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053669.html
http://www.mandriva.com/security/advisories?name=MDVSA-2011:007
https://bugs.wireshark.org/bugzilla/attachment.cgi?id=5676
http://osvdb.org/70403
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14283
http://www.redhat.com/support/errata/RHSA-2011-0369.html
http://secunia.com/advisories/43175
http://www.vupen.com/english/advisories/2011/0079
http://www.vupen.com/english/advisories/2011/0104
http://www.vupen.com/english/advisories/2011/0270
http://www.vupen.com/english/advisories/2011/0719
XForce ISS Database: wireshark-maclte-bo(64624)
https://exchange.xforce.ibmcloud.com/vulnerabilities/64624
Common Vulnerability Exposure (CVE) ID: CVE-2011-0538
BugTraq ID: 46167
http://www.securityfocus.com/bid/46167
CERT/CC vulnerability note: VU#215900
http://www.kb.cert.org/vuls/id/215900
Debian Security Information: DSA-2201 (Google Search)
http://www.debian.org/security/2011/dsa-2201
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.html
http://www.mandriva.com/security/advisories?name=MDVSA-2011:044
http://openwall.com/lists/oss-security/2011/02/04/1
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14605
http://www.redhat.com/support/errata/RHSA-2011-0370.html
http://www.securitytracker.com/id?1025148
http://secunia.com/advisories/43759
http://secunia.com/advisories/43795
http://secunia.com/advisories/43821
http://www.vupen.com/english/advisories/2011/0622
http://www.vupen.com/english/advisories/2011/0626
http://www.vupen.com/english/advisories/2011/0747
XForce ISS Database: wireshark-pcap-code-execution(65182)
https://exchange.xforce.ibmcloud.com/vulnerabilities/65182
Common Vulnerability Exposure (CVE) ID: CVE-2011-0713
BugTraq ID: 46416
http://www.securityfocus.com/bid/46416
http://openwall.com/lists/oss-security/2011/02/16/13
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14766
XForce ISS Database: wireshark-nokiadct3-bo(65780)
https://exchange.xforce.ibmcloud.com/vulnerabilities/65780
XForce ISS Database: wireshark-visualc-bo(65460)
https://exchange.xforce.ibmcloud.com/vulnerabilities/65460
Common Vulnerability Exposure (CVE) ID: CVE-2011-1139
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14997
http://secunia.com/advisories/44169
SuSE Security Announcement: openSUSE-SU-2011:0347 (Google Search)
https://hermes.opensuse.org/messages/8086844
XForce ISS Database: wireshark-pcapng-dos(65779)
https://exchange.xforce.ibmcloud.com/vulnerabilities/65779
Common Vulnerability Exposure (CVE) ID: CVE-2011-1140
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14715
Common Vulnerability Exposure (CVE) ID: CVE-2011-1141
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14974
CopyrightCopyright (c) 2012 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.