English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.4.2013.1265.1
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2013:1265-1)
Summary:The remote host is missing an update for the 'wireshark' package(s) announced via the SUSE-SU-2013:1265-1 advisory.
Description:Summary:
The remote host is missing an update for the 'wireshark' package(s) announced via the SUSE-SU-2013:1265-1 advisory.

Vulnerability Insight:
This wireshark version update to 1.8.8 includes several security and general bug fixes.

Version update to 1.8.8 [bnc#824900]:

* vulnerabilities fixed: o The CAPWAP dissector could crash. wnpa-sec-2013-32 CVE-2013-4074 o The GMR-1 BCCH dissector could crash. wnpa-sec-2013-33 CVE-2013-4075 o The PPP dissector could crash. wnpa-sec-2013-34 CVE-2013-4076 o The NBAP dissector could crash. wnpa-sec-2013-35 CVE-2013-4077 o The RDP dissector could crash.
wnpa-sec-2013-36 CVE-2013-4078 o The GSM CBCH dissector could crash. wnpa-sec-2013-37 CVE-2013-4079 o The Assa Abloy R3 dissector could consume excessive memory and CPU.
wnpa-sec-2013-38 CVE-2013-4080 o The HTTP dissector could overrun the stack. wnpa-sec-2013-39 CVE-2013-4081 o The Ixia IxVeriWave file parser could overflow the heap.
wnpa-sec-2013-40 CVE-2013-4082 o The DCP ETSI dissector could crash. wnpa-sec-2013-41 CVE-2013-4083
* Further bug fixes and updated protocol support as listed in:
[link moved to references] l>

Version update to 1.8.7 [bnc#813217, bnc#820973]:

* vulnerabilities fixed: o The RELOAD dissector could go into an infinite loop. wnpa-sec-2013-23 CVE-2013-2486 CVE-2013-2487 o The GTPv2 dissector could crash.
wnpa-sec-2013-24 o The ASN.1 BER dissector could crash.
wnpa-sec-2013-25 o The PPP CCP dissector could crash.
wnpa-sec-2013-26 o The DCP ETSI dissector could crash.
wnpa-sec-2013-27 o The MPEG DSM-CC dissector could crash.
wnpa-sec-2013-28 o The Websocket dissector could crash.
wnpa-sec-2013-29 o The MySQL dissector could go into an infinite loop. wnpa-sec-2013-30 o The ETCH dissector could go into a large loop. wnpa-sec-2013-31
* Further bug fixes and updated protocol support as listed in:
[link moved to references] l>

Ohter bug fixes:

* bnc#816517: 'Save As' Nokia libpcap corrupting the file
* bnc#816887: wireshark crashed in 'SCTP' -> 'Prepare Filter for this Association'

Security Issue references:

* CVE-2013-2486
>
* CVE-2013-2487
>
* CVE-2013-3555
>
* CVE-2013-3556
>
* CVE-2013-3557
>
* CVE-2013-3558
>
* CVE-2013-3559
>
* CVE-2013-3560
>
* CVE-2013-3561
>
* CVE-2013-3562
>
* CVE-2013-3561
>
* CVE-2013-3561
>
* CVE-2013-4074
>
* CVE-2013-4075
>
* CVE-2013-4076
>
* CVE-2013-4077
>
* CVE-2013-4078
>
* CVE-2013-4079
>
* CVE-2013-4080
>
* CVE-2013-4081
>
* CVE-2013-4082
>
* CVE-2013-4083
>

Affected Software/OS:
'wireshark' package(s) on SUSE Linux Enterprise Desktop 11-SP2, SUSE Linux Enterprise Desktop 11-SP3, SUSE Linux Enterprise Server 11-SP2, SUSE Linux Enterprise Server 11-SP3, SUSE Linux Enterprise Software Development Kit 11-SP2, SUSE Linux Enterprise Software Development Kit 11-SP3.

Solution:
Please install the updated package(s).

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2013-2486
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16109
http://secunia.com/advisories/52471
http://secunia.com/advisories/53425
SuSE Security Announcement: openSUSE-SU-2013:0494 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-03/msg00065.html
SuSE Security Announcement: openSUSE-SU-2013:0506 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-03/msg00077.html
SuSE Security Announcement: openSUSE-SU-2013:0911 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-06/msg00048.html
SuSE Security Announcement: openSUSE-SU-2013:0947 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-06/msg00083.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-2487
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16593
Common Vulnerability Exposure (CVE) ID: CVE-2013-3555
Debian Security Information: DSA-2700 (Google Search)
http://www.debian.org/security/2013/dsa-2700
http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16779
http://secunia.com/advisories/54425
SuSE Security Announcement: openSUSE-SU-2013:1084 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html
SuSE Security Announcement: openSUSE-SU-2013:1086 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-3556
Common Vulnerability Exposure (CVE) ID: CVE-2013-3557
http://www.mandriva.com/security/advisories?name=MDVSA-2013:172
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16521
RedHat Security Advisories: RHSA-2014:0341
http://rhn.redhat.com/errata/RHSA-2014-0341.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-3558
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16417
Common Vulnerability Exposure (CVE) ID: CVE-2013-3559
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16228
Common Vulnerability Exposure (CVE) ID: CVE-2013-3560
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16751
Common Vulnerability Exposure (CVE) ID: CVE-2013-3561
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16755
Common Vulnerability Exposure (CVE) ID: CVE-2013-3562
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16696
Common Vulnerability Exposure (CVE) ID: CVE-2013-4074
Debian Security Information: DSA-2709 (Google Search)
http://www.debian.org/security/2013/dsa-2709
http://www.exploit-db.com/exploits/33556
http://packetstormsecurity.com/files/126848/Wireshark-CAPWAP-Dissector-Denial-Of-Service.html
http://osvdb.org/show/osvdb/94091
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16698
http://secunia.com/advisories/53762
Common Vulnerability Exposure (CVE) ID: CVE-2013-4075
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16859
RedHat Security Advisories: RHSA-2017:0631
http://rhn.redhat.com/errata/RHSA-2017-0631.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-4076
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16676
Common Vulnerability Exposure (CVE) ID: CVE-2013-4077
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16829
Common Vulnerability Exposure (CVE) ID: CVE-2013-4078
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16936
Common Vulnerability Exposure (CVE) ID: CVE-2013-4079
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16691
Common Vulnerability Exposure (CVE) ID: CVE-2013-4080
BugTraq ID: 60503
http://www.securityfocus.com/bid/60503
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16873
Common Vulnerability Exposure (CVE) ID: CVE-2013-4081
BugTraq ID: 60505
http://www.securityfocus.com/bid/60505
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16820
Common Vulnerability Exposure (CVE) ID: CVE-2013-4082
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16886
Common Vulnerability Exposure (CVE) ID: CVE-2013-4083
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16375
http://secunia.com/advisories/54296
CopyrightCopyright (C) 2021 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.