Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.871070
Category:Red Hat Local Security Checks
Title:RedHat Update for wireshark RHSA-2013:1569-02
Summary:The remote host is missing an update for the 'wireshark'; package(s) announced via the referenced advisory.
Description:Summary:
The remote host is missing an update for the 'wireshark'
package(s) announced via the referenced advisory.

Vulnerability Insight:
Wireshark, previously known as Ethereal, is a network protocol analyzer.
It is used to capture and browse the traffic running on a computer network.

Two flaws were found in Wireshark. If Wireshark read a malformed packet off
a network or opened a malicious dump file, it could crash or, possibly,
execute arbitrary code as the user running Wireshark. (CVE-2013-3559,
CVE-2013-4083)

Several denial of service flaws were found in Wireshark. Wireshark could
crash or stop responding if it read a malformed packet off a network, or
opened a malicious dump file. (CVE-2012-2392, CVE-2012-3825, CVE-2012-4285,
CVE-2012-4288, CVE-2012-4289, CVE-2012-4290, CVE-2012-4291, CVE-2012-4292,
CVE-2012-5595, CVE-2012-5597, CVE-2012-5598, CVE-2012-5599, CVE-2012-5600,
CVE-2012-6056, CVE-2012-6059, CVE-2012-6060, CVE-2012-6061, CVE-2012-6062,
CVE-2013-3557, CVE-2013-3561, CVE-2013-4081, CVE-2013-4927, CVE-2013-4931,
CVE-2013-4932, CVE-2013-4933, CVE-2013-4934, CVE-2013-4935, CVE-2013-4936,
CVE-2013-5721)

The wireshark packages have been upgraded to upstream version 1.8.10, which
provides a number of bug fixes and enhancements over the previous versions.
For more information on the bugs fixed, enhancements included, and
supported protocols introduced, refer to the Wireshark Release Notes,
linked to in the References. (BZ#711024)

This update also fixes the following bugs:

* Previously, Wireshark did not parse the RECLAIM-COMPLETE opcode when
inspecting traffic generated by NFSv4.1. A patch has been provided to
enable the parsing of the RECLAIM_COMPLETE opcode, and Wireshark is now
able to properly dissect and handle NFSv4.1 traffic. (BZ#750712)

* Prior to this update, frame arrival times in a text file were reported
one hour ahead from the timestamps in the packet capture file.
This resulted in various failures being reported by the dfilter-test.py
test suite. To fix this bug, frame arrival timestamps have been shifted by
one hour, thus fixing this bug. (BZ#832021)

* The 'tshark -D' command returned output to STDERR instead of STDOUT,
which could break scripts that are parsing the 'tshark -D' output. This bug
has been fixed, and the 'tshark -D' command now writes output data to a
correct standard stream. (BZ#1004636)

* Due to an array overrun, Wireshark could experience undefined program
behavior or could unexpectedly terminate. With this update, proper array
handling ensures Wireshark no longer crashes in the described scenario.
(BZ#715560)

* Previously, the dftest and randpkt command line util ...

Description truncated, please see the referenced URL(s) for more information.

Affected Software/OS:
wireshark on Red Hat Enterprise Linux Desktop (v. 6),
Red Hat Enterprise Linux Server (v. 6),
Red Hat Enterprise Linux Workstation (v. 6)

Solution:
Please Install the Updated Packages.

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2012-2392
http://www.mandriva.com/security/advisories?name=MDVSA-2012:015
http://www.mandriva.com/security/advisories?name=MDVSA-2012:042
http://www.mandriva.com/security/advisories?name=MDVSA-2012:080
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15604
http://www.securitytracker.com/id?1027094
http://secunia.com/advisories/49226
Common Vulnerability Exposure (CVE) ID: CVE-2012-3825
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15478
Common Vulnerability Exposure (CVE) ID: CVE-2012-4285
BugTraq ID: 55035
http://www.securityfocus.com/bid/55035
http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15712
RedHat Security Advisories: RHSA-2013:0125
http://rhn.redhat.com/errata/RHSA-2013-0125.html
http://secunia.com/advisories/50276
http://secunia.com/advisories/51363
http://secunia.com/advisories/54425
SuSE Security Announcement: openSUSE-SU-2012:1035 (Google Search)
http://lists.opensuse.org/opensuse-updates/2012-08/msg00033.html
SuSE Security Announcement: openSUSE-SU-2012:1067 (Google Search)
https://hermes.opensuse.org/messages/15514562
Common Vulnerability Exposure (CVE) ID: CVE-2012-4288
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15789
Common Vulnerability Exposure (CVE) ID: CVE-2012-4289
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14963
Common Vulnerability Exposure (CVE) ID: CVE-2012-4290
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15619
Common Vulnerability Exposure (CVE) ID: CVE-2012-4291
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15813
Common Vulnerability Exposure (CVE) ID: CVE-2012-4292
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15158
Common Vulnerability Exposure (CVE) ID: CVE-2012-5595
Common Vulnerability Exposure (CVE) ID: CVE-2012-5597
Common Vulnerability Exposure (CVE) ID: CVE-2012-5598
Common Vulnerability Exposure (CVE) ID: CVE-2012-5599
Common Vulnerability Exposure (CVE) ID: CVE-2012-5600
Common Vulnerability Exposure (CVE) ID: CVE-2012-6056
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16139
RedHat Security Advisories: RHSA-2014:0341
http://rhn.redhat.com/errata/RHSA-2014-0341.html
SuSE Security Announcement: openSUSE-SU-2012:1633 (Google Search)
http://lists.opensuse.org/opensuse-updates/2012-12/msg00022.html
SuSE Security Announcement: openSUSE-SU-2013:0151 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-01/msg00042.html
Common Vulnerability Exposure (CVE) ID: CVE-2012-6059
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15239
Common Vulnerability Exposure (CVE) ID: CVE-2012-6060
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16038
Common Vulnerability Exposure (CVE) ID: CVE-2012-6061
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15253
Common Vulnerability Exposure (CVE) ID: CVE-2012-6062
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15894
Common Vulnerability Exposure (CVE) ID: CVE-2013-3557
Debian Security Information: DSA-2700 (Google Search)
http://www.debian.org/security/2013/dsa-2700
http://www.mandriva.com/security/advisories?name=MDVSA-2013:172
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16521
http://secunia.com/advisories/53425
SuSE Security Announcement: openSUSE-SU-2013:0911 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-06/msg00048.html
SuSE Security Announcement: openSUSE-SU-2013:0947 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-06/msg00083.html
SuSE Security Announcement: openSUSE-SU-2013:1084 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html
SuSE Security Announcement: openSUSE-SU-2013:1086 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-3559
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16228
Common Vulnerability Exposure (CVE) ID: CVE-2013-3561
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16755
Common Vulnerability Exposure (CVE) ID: CVE-2013-4081
BugTraq ID: 60505
http://www.securityfocus.com/bid/60505
Debian Security Information: DSA-2709 (Google Search)
http://www.debian.org/security/2013/dsa-2709
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16820
http://secunia.com/advisories/53762
Common Vulnerability Exposure (CVE) ID: CVE-2013-4083
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16375
http://secunia.com/advisories/54296
Common Vulnerability Exposure (CVE) ID: CVE-2013-4927
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17636
http://secunia.com/advisories/54371
SuSE Security Announcement: openSUSE-SU-2013:1295 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-08/msg00004.html
SuSE Security Announcement: openSUSE-SU-2013:1300 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-08/msg00009.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-4931
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17325
Common Vulnerability Exposure (CVE) ID: CVE-2013-4932
Debian Security Information: DSA-2734 (Google Search)
http://www.debian.org/security/2013/dsa-2734
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17260
http://secunia.com/advisories/54178
Common Vulnerability Exposure (CVE) ID: CVE-2013-4933
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17412
Common Vulnerability Exposure (CVE) ID: CVE-2013-4934
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17584
Common Vulnerability Exposure (CVE) ID: CVE-2013-4935
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17417
Common Vulnerability Exposure (CVE) ID: CVE-2013-4936
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16971
Common Vulnerability Exposure (CVE) ID: CVE-2013-5721
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18518
http://secunia.com/advisories/55022
SuSE Security Announcement: openSUSE-SU-2013:1481 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-09/msg00050.html
SuSE Security Announcement: openSUSE-SU-2013:1483 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-09/msg00052.html
CopyrightCopyright (C) 2013 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.