| Description: | Summary:
The remote host is missing an update for the 'wireshark' package(s) announced via the USN-6262-1 advisory.
Vulnerability Insight:
It was discovered that Wireshark did not properly handle certain
NFS packages when certain configuration options were enabled.
An attacker could possibly use this issue to cause
Wireshark to crash, resulting in a denial of service. (CVE-2020-13164)
It was discovered that Wireshark did not properly handle certain GVCP
packages. An attacker could possibly use this issue to cause
Wireshark to crash, resulting in a denial of service. This issue only
affected Ubuntu 20.04 LTS. (CVE-2020-15466)
It was discovered that Wireshark did not properly handle certain
Kafka packages. An attacker could possibly use this issue to cause
Wireshark to crash, resulting in a denial of service. This issue only
affected Ubuntu 20.04 LTS. (CVE-2020-17498)
It was discovered that Wireshark did not properly handle certain TCP
packages containing an invalid 0xFFFF checksum. An attacker could
possibly use this issue to cause Wireshark to crash, resulting in
a denial of service. (CVE-2020-25862)
It was discovered that Wireshark did not properly handle certain
MIME packages containing invalid parts. An attacker could
possibly use this issue to cause Wireshark to crash, resulting in
a denial of service. (CVE-2020-25863)
Affected Software/OS:
'wireshark' package(s) on Ubuntu 14.04, Ubuntu 16.04, Ubuntu 18.04, Ubuntu 20.04.
Solution:
Please install the updated package(s).
CVSS Score:
5.0
CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
