Test ID:	1.3.6.1.4.1.25623.1.0.871408
Category:	Red Hat Local Security Checks
Title:	RedHat Update for wireshark RHSA-2015:1460-01
Summary:	The remote host is missing an update for the 'wireshark'; package(s) announced via the referenced advisory.
Description:	Summary: The remote host is missing an update for the 'wireshark' package(s) announced via the referenced advisory. Vulnerability Insight: Wireshark, previously known as Ethereal, is a network protocol analyzer, which is used to capture and browse the traffic running on a computer network. Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2014-8714, CVE-2014-8712, CVE-2014-8713, CVE-2014-8711, CVE-2014-8710, CVE-2015-0562, CVE-2015-0564, CVE-2015-2189, CVE-2015-2191) This update also fixes the following bugs: * Previously, the Wireshark tool did not support Advanced Encryption Standard Galois/Counter Mode (AES-GCM) cryptographic algorithm. As a consequence, AES-GCM was not decrypted. Support for AES-GCM has been added to Wireshark, and AES-GCM is now correctly decrypted. (BZ#1095065) * Previously, when installing the system using the kickstart method, a dependency on the shadow-utils packages was missing from the wireshark packages, which could cause the installation to fail with a 'bad scriptlet' error message. With this update, shadow-utils are listed as required in the wireshark packages spec file, and kickstart installation no longer fails. (BZ#1121275) * Prior to this update, the Wireshark tool could not decode types of elliptic curves in Datagram Transport Layer Security (DTLS) Client Hello. Consequently, Wireshark incorrectly displayed elliptic curves types as data. A patch has been applied to address this bug, and Wireshark now decodes elliptic curves types properly. (BZ#1131203) * Previously, a dependency on the gtk2 packages was missing from the wireshark packages. As a consequence, the Wireshark tool failed to start under certain circumstances due to an unresolved symbol, 'gtk_combo_box_text_new_with_entry', which was added in gtk version 2.24. With this update, a dependency on gtk2 has been added, and Wireshark now always starts as expected. (BZ#1160388) In addition, this update adds the following enhancements: * With this update, the Wireshark tool supports process substitution, which feeds the output of a process (or processes) into the standard input of another process using the ' (command_list)' syntax. When using process substitution with large files as input, Wireshark failed to decode such input. (BZ#1104210) * Wireshark has been enhanced to enable capturing packets with nanosecond time stamp precision, which allows better analysis of recorded network traffic. (BZ#1146578) All wireshark users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements. All running instances of Wireshark must be restarted for the update to take effect. Affected Software/OS: wireshark on Red Hat Enterprise Linux Desktop (v. 6), Red Hat Enterprise Linux Server (v. 6), Red Hat Enterprise Linux Workstation (v. 6) Solution: Please Install the Updated Packages. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2014-8710 BugTraq ID: 71069 http://www.securityfocus.com/bid/71069 Debian Security Information: DSA-3076 (Google Search) http://www.debian.org/security/2014/dsa-3076 http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145658.html RedHat Security Advisories: RHSA-2015:1460 http://rhn.redhat.com/errata/RHSA-2015-1460.html http://secunia.com/advisories/60231 http://secunia.com/advisories/60290 SuSE Security Announcement: openSUSE-SU-2014:1503 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-11/msg00104.html Common Vulnerability Exposure (CVE) ID: CVE-2014-8711 BugTraq ID: 71070 http://www.securityfocus.com/bid/71070 Common Vulnerability Exposure (CVE) ID: CVE-2014-8712 BugTraq ID: 71071 http://www.securityfocus.com/bid/71071 Common Vulnerability Exposure (CVE) ID: CVE-2014-8713 BugTraq ID: 71073 http://www.securityfocus.com/bid/71073 Common Vulnerability Exposure (CVE) ID: CVE-2014-8714 BugTraq ID: 71072 http://www.securityfocus.com/bid/71072 Common Vulnerability Exposure (CVE) ID: CVE-2015-0562 BugTraq ID: 71921 http://www.securityfocus.com/bid/71921 Debian Security Information: DSA-3141 (Google Search) http://www.debian.org/security/2015/dsa-3141 http://www.mandriva.com/security/advisories?name=MDVSA-2015:022 http://secunia.com/advisories/62612 http://secunia.com/advisories/62673 SuSE Security Announcement: openSUSE-SU-2015:0113 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-01/msg00053.html Common Vulnerability Exposure (CVE) ID: CVE-2015-0564 BugTraq ID: 71922 http://www.securityfocus.com/bid/71922 Common Vulnerability Exposure (CVE) ID: CVE-2015-2189 BugTraq ID: 72944 http://www.securityfocus.com/bid/72944 Debian Security Information: DSA-3210 (Google Search) http://www.debian.org/security/2015/dsa-3210 https://security.gentoo.org/glsa/201510-03 http://www.mandriva.com/security/advisories?name=MDVSA-2015:183 http://www.securitytracker.com/id/1031858 SuSE Security Announcement: openSUSE-SU-2015:0489 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-03/msg00038.html Common Vulnerability Exposure (CVE) ID: CVE-2015-2191 BugTraq ID: 72941 http://www.securityfocus.com/bid/72941
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.