English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.4.2012.1168.1
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2012:1168-1)
Summary:The remote host is missing an update for the 'wireshark' package(s) announced via the SUSE-SU-2012:1168-1 advisory.
Description:Summary:
The remote host is missing an update for the 'wireshark' package(s) announced via the SUSE-SU-2012:1168-1 advisory.

Vulnerability Insight:
wireshark was updated to 1.4.15 to fix multiple security issues.

Issues fixed:

* fix bnc#776038(CVE-2012-4285, CVE-2012-4288,
CVE-2012-4289, CVE-2012-4296, CVE-2012-4291, CVE-2012-4292,
CVE-2012-4293, CVE-2012-4290), bnc#772738 (CVE-2012-4048,
CVE-2012-4049)(fixed upstream)
* Security fixes: o wnpa-sec-2012-13 The DCP ETSI dissector could trigger a zero division. Reported by Laurent Butti. (Bug 7566) o wnpa-sec-2012-15 The XTP dissector could go into an infinite loop. Reported by Ben Schmidt. (Bug 7571) o wnpa-sec-2012-17 The AFP dissector could go into a large loop. Reported by Stefan Cornelius.
(Bug 7603) o wnpa-sec-2012-18 The RTPS2 dissector could overflow a buffer. Reported by Laurent Butti. (Bug 7568) o wnpa-sec-2012-20 The CIP dissector could exhaust system memory. Reported y Ben Schmidt. (Bug 7570) o wnpa-sec-2012-21 The STUN dissector could crash. Reported by Laurent Butti. (Bug 7569) o wnpa-sec-2012-22 The EtherCAT Mailbox dissector could abort. Reported by Laurent Butti. (Bug 7562) o wnpa-sec-2012-23 The CTDB dissector could go into a large loop. Reported by Ben Schmidt. (Bug 7573)
* Bug fixes: o Wireshark crashes on opening very short NFS pcap file. (Bug 7498)
* Updated Protocol Support o AFP, Bluetooth L2CAP, CIP,
CTDB, DCP ETSI, EtherCAT Mailbox, FC Link Control LISP,
NFS, RTPS2, SCTP, STUN, XTP

Security Issue references:

* CVE-2012-4048
>
* CVE-2012-4049
>
* CVE-2012-4285
>
* CVE-2012-4288
>
* CVE-2012-4289
>
* CVE-2012-4296
>
* CVE-2012-4291
>
* CVE-2012-4292
>
* CVE-2012-4293
>
* CVE-2012-4290CVE-2012-4048 CVE-2012-4048>
* CVE-2012-4049
>

Affected Software/OS:
'wireshark' package(s) on SUSE Linux Enterprise Desktop 10-SP4, SUSE Linux Enterprise Desktop 11-SP2, SUSE Linux Enterprise Server 10-SP4, SUSE Linux Enterprise Server 11-SP2, SUSE Linux Enterprise Software Development Kit 11-SP2.

Solution:
Please install the updated package(s).

CVSS Score:
3.3

CVSS Vector:
AV:A/AC:L/Au:N/C:N/I:N/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2012-4048
Debian Security Information: DSA-2590 (Google Search)
http://www.debian.org/security/2012/dsa-2590
http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15547
http://secunia.com/advisories/49971
http://secunia.com/advisories/54425
SuSE Security Announcement: openSUSE-SU-2012:0930 (Google Search)
http://lists.opensuse.org/opensuse-updates/2012-08/msg00000.html
Common Vulnerability Exposure (CVE) ID: CVE-2012-4049
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15707
Common Vulnerability Exposure (CVE) ID: CVE-2012-4285
BugTraq ID: 55035
http://www.securityfocus.com/bid/55035
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15712
RedHat Security Advisories: RHSA-2013:0125
http://rhn.redhat.com/errata/RHSA-2013-0125.html
http://secunia.com/advisories/50276
http://secunia.com/advisories/51363
SuSE Security Announcement: openSUSE-SU-2012:1035 (Google Search)
http://lists.opensuse.org/opensuse-updates/2012-08/msg00033.html
SuSE Security Announcement: openSUSE-SU-2012:1067 (Google Search)
https://hermes.opensuse.org/messages/15514562
Common Vulnerability Exposure (CVE) ID: CVE-2012-4288
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15789
Common Vulnerability Exposure (CVE) ID: CVE-2012-4289
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14963
Common Vulnerability Exposure (CVE) ID: CVE-2012-4290
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15619
Common Vulnerability Exposure (CVE) ID: CVE-2012-4291
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15813
Common Vulnerability Exposure (CVE) ID: CVE-2012-4292
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15158
Common Vulnerability Exposure (CVE) ID: CVE-2012-4293
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15527
Common Vulnerability Exposure (CVE) ID: CVE-2012-4296
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15583
CopyrightCopyright (C) 2021 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.