Test ID:	1.3.6.1.4.1.25623.1.1.4.2018.0191.1
Category:	SuSE Local Security Checks
Title:	SUSE: Security Advisory (SUSE-SU-2018:0191-1)
Summary:	The remote host is missing an update for the 'wireshark' package(s) announced via the SUSE-SU-2018:0191-1 advisory.
Description:	Summary: The remote host is missing an update for the 'wireshark' package(s) announced via the SUSE-SU-2018:0191-1 advisory. Vulnerability Insight: This update for wireshark to version 2.2.12 fixes the following issues: - CVE-2018-5334: IxVeriWave file could crash (bsc#1075737) - CVE-2018-5335: WCP dissector could crash (bsc#1075738) - CVE-2018-5336: Multiple dissector crashes (bsc#1075739) - CVE-2017-17935: Incorrect handling of '\n' in file_read_line function could have lead to denial of service (bsc#1074171) This release no longer enables the Linux kernel BPF JIT compiler via the net.core.bpf_jit_enable sysctl, as this would make systems more vulnerable to Spectre variant 1 CVE-2017-5753 - (bsc#1075748) Further bug fixes and updated protocol support as listed in: [link moved to references] Affected Software/OS: 'wireshark' package(s) on SUSE Linux Enterprise Desktop 12-SP2, SUSE Linux Enterprise Desktop 12-SP3, SUSE Linux Enterprise Server 12-SP2, SUSE Linux Enterprise Server 12-SP3, SUSE Linux Enterprise Server for Raspberry Pi 12-SP2, SUSE Linux Enterprise Server for SAP Applications 12-SP2, SUSE Linux Enterprise Server for SAP Applications 12-SP3. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2017-17935 BugTraq ID: 102311 http://www.securityfocus.com/bid/102311 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14295 https://code.wireshark.org/review/#/c/24997/ https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=137ab7d5681486c6d6cc8faac4300b7cd4ec0cf1 https://lists.debian.org/debian-lts-announce/2019/01/msg00010.html Common Vulnerability Exposure (CVE) ID: CVE-2017-5753 BugTraq ID: 102371 http://www.securityfocus.com/bid/102371 Bugtraq: 20190624 [SECURITY] [DSA 4469-1] libvirt security update (Google Search) https://seclists.org/bugtraq/2019/Jun/36 CERT/CC vulnerability note: VU#180049 https://www.kb.cert.org/vuls/id/180049 CERT/CC vulnerability note: VU#584653 http://www.kb.cert.org/vuls/id/584653 Cisco Security Advisory: 20180104 CPU Side-Channel Information Disclosure Vulnerabilities https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel Debian Security Information: DSA-4187 (Google Search) https://www.debian.org/security/2018/dsa-4187 Debian Security Information: DSA-4188 (Google Search) https://www.debian.org/security/2018/dsa-4188 https://www.exploit-db.com/exploits/43427/ https://security.gentoo.org/glsa/201810-06 http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html https://spectreattack.com/ https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html RedHat Security Advisories: RHSA-2018:0292 https://access.redhat.com/errata/RHSA-2018:0292 http://www.securitytracker.com/id/1040071 SuSE Security Announcement: SUSE-SU-2018:0010 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html SuSE Security Announcement: SUSE-SU-2018:0011 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html SuSE Security Announcement: SUSE-SU-2018:0012 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html SuSE Security Announcement: openSUSE-SU-2018:0022 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html SuSE Security Announcement: openSUSE-SU-2018:0023 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html https://usn.ubuntu.com/usn/usn-3516-1/ https://usn.ubuntu.com/3540-1/ https://usn.ubuntu.com/3540-2/ https://usn.ubuntu.com/3541-1/ https://usn.ubuntu.com/3541-2/ https://usn.ubuntu.com/3542-1/ https://usn.ubuntu.com/3542-2/ https://usn.ubuntu.com/3549-1/ https://usn.ubuntu.com/3580-1/ https://usn.ubuntu.com/3597-1/ https://usn.ubuntu.com/3597-2/ Common Vulnerability Exposure (CVE) ID: CVE-2018-5334 BugTraq ID: 102499 http://www.securityfocus.com/bid/102499 Debian Security Information: DSA-4101 (Google Search) https://www.debian.org/security/2018/dsa-4101 https://lists.debian.org/debian-lts-announce/2018/01/msg00032.html Common Vulnerability Exposure (CVE) ID: CVE-2018-5335 BugTraq ID: 102500 http://www.securityfocus.com/bid/102500 Common Vulnerability Exposure (CVE) ID: CVE-2018-5336 BugTraq ID: 102504 http://www.securityfocus.com/bid/102504
Copyright	Copyright (C) 2021 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.