Vulnerability   
Search   
    Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.4.2012.1168.1
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2012:1168-1)
Summary:The remote host is missing an update for the 'wireshark' package(s) announced via the SUSE-SU-2012:1168-1 advisory.
Description:Summary:
The remote host is missing an update for the 'wireshark' package(s) announced via the SUSE-SU-2012:1168-1 advisory.

Vulnerability Insight:
wireshark was updated to 1.4.15 to fix multiple security issues.

Issues fixed:

* fix bnc#776038(CVE-2012-4285, CVE-2012-4288,
CVE-2012-4289, CVE-2012-4296, CVE-2012-4291, CVE-2012-4292,
CVE-2012-4293, CVE-2012-4290), bnc#772738 (CVE-2012-4048,
CVE-2012-4049)(fixed upstream)
* Security fixes: o wnpa-sec-2012-13 The DCP ETSI dissector could trigger a zero division. Reported by Laurent Butti. (Bug 7566) o wnpa-sec-2012-15 The XTP dissector could go into an infinite loop. Reported by Ben Schmidt. (Bug 7571) o wnpa-sec-2012-17 The AFP dissector could go into a large loop. Reported by Stefan Cornelius.
(Bug 7603) o wnpa-sec-2012-18 The RTPS2 dissector could overflow a buffer. Reported by Laurent Butti. (Bug 7568) o wnpa-sec-2012-20 The CIP dissector could exhaust system memory. Reported y Ben Schmidt. (Bug 7570) o wnpa-sec-2012-21 The STUN dissector could crash. Reported by Laurent Butti. (Bug 7569) o wnpa-sec-2012-22 The EtherCAT Mailbox dissector could abort. Reported by Laurent Butti. (Bug 7562) o wnpa-sec-2012-23 The CTDB dissector could go into a large loop. Reported by Ben Schmidt. (Bug 7573)
* Bug fixes: o Wireshark crashes on opening very short NFS pcap file. (Bug 7498)
* Updated Protocol Support o AFP, Bluetooth L2CAP, CIP,
CTDB, DCP ETSI, EtherCAT Mailbox, FC Link Control LISP,
NFS, RTPS2, SCTP, STUN, XTP

Security Issue references:

* CVE-2012-4048
>
* CVE-2012-4049
>
* CVE-2012-4285
>
* CVE-2012-4288
>
* CVE-2012-4289
>
* CVE-2012-4296
>
* CVE-2012-4291
>
* CVE-2012-4292
>
* CVE-2012-4293
>
* CVE-2012-4290CVE-2012-4048 CVE-2012-4048>
* CVE-2012-4049
>

Affected Software/OS:
'wireshark' package(s) on SUSE Linux Enterprise Software Development Kit 11 SP2, SUSE Linux Enterprise Server 11 SP2, SUSE Linux Enterprise Server 10 SP4, SUSE Linux Enterprise Desktop 11 SP2, SUSE Linux Enterprise Desktop 10 SP4, SLE SDK 10 SP4

Solution:
Please install the updated package(s).

CVSS Score:
3.3

CVSS Vector:
AV:A/AC:L/Au:N/C:N/I:N/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2012-4048
Debian Security Information: DSA-2590 (Google Search)
http://www.debian.org/security/2012/dsa-2590
http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15547
http://secunia.com/advisories/49971
http://secunia.com/advisories/54425
SuSE Security Announcement: openSUSE-SU-2012:0930 (Google Search)
http://lists.opensuse.org/opensuse-updates/2012-08/msg00000.html
Common Vulnerability Exposure (CVE) ID: CVE-2012-4049
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15707
Common Vulnerability Exposure (CVE) ID: CVE-2012-4285
BugTraq ID: 55035
http://www.securityfocus.com/bid/55035
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15712
RedHat Security Advisories: RHSA-2013:0125
http://rhn.redhat.com/errata/RHSA-2013-0125.html
http://secunia.com/advisories/50276
http://secunia.com/advisories/51363
SuSE Security Announcement: openSUSE-SU-2012:1035 (Google Search)
http://lists.opensuse.org/opensuse-updates/2012-08/msg00033.html
SuSE Security Announcement: openSUSE-SU-2012:1067 (Google Search)
https://hermes.opensuse.org/messages/15514562
Common Vulnerability Exposure (CVE) ID: CVE-2012-4288
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15789
Common Vulnerability Exposure (CVE) ID: CVE-2012-4289
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14963
Common Vulnerability Exposure (CVE) ID: CVE-2012-4290
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15619
Common Vulnerability Exposure (CVE) ID: CVE-2012-4291
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15813
Common Vulnerability Exposure (CVE) ID: CVE-2012-4292
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15158
Common Vulnerability Exposure (CVE) ID: CVE-2012-4293
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15527
Common Vulnerability Exposure (CVE) ID: CVE-2012-4296
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15583
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.