English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
Site
Analyzer ▼
Home Advanced Analysis Standard Analysis Basic Analysis Price/Feature Summary Order FAQ
Run Analysis Reports View Queue Reminder
 Login/Register 
 
 Vulnerability   
Search   		     Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.4.2013.1265.1
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2013:1265-1)
Summary:The remote host is missing an update for the 'wireshark' package(s) announced via the SUSE-SU-2013:1265-1 advisory.
Description:Summary:
The remote host is missing an update for the 'wireshark' package(s) announced via the SUSE-SU-2013:1265-1 advisory.

Vulnerability Insight:
This wireshark version update to 1.8.8 includes several security and general bug fixes.

Version update to 1.8.8 [bnc#824900]:

* vulnerabilities fixed: o The CAPWAP dissector could crash. wnpa-sec-2013-32 CVE-2013-4074 o The GMR-1 BCCH dissector could crash. wnpa-sec-2013-33 CVE-2013-4075 o The PPP dissector could crash. wnpa-sec-2013-34 CVE-2013-4076 o The NBAP dissector could crash. wnpa-sec-2013-35 CVE-2013-4077 o The RDP dissector could crash.
wnpa-sec-2013-36 CVE-2013-4078 o The GSM CBCH dissector could crash. wnpa-sec-2013-37 CVE-2013-4079 o The Assa Abloy R3 dissector could consume excessive memory and CPU.
wnpa-sec-2013-38 CVE-2013-4080 o The HTTP dissector could overrun the stack. wnpa-sec-2013-39 CVE-2013-4081 o The Ixia IxVeriWave file parser could overflow the heap.
wnpa-sec-2013-40 CVE-2013-4082 o The DCP ETSI dissector could crash. wnpa-sec-2013-41 CVE-2013-4083
* Further bug fixes and updated protocol support as listed in:
[link moved to references] l>

Version update to 1.8.7 [bnc#813217, bnc#820973]:

* vulnerabilities fixed: o The RELOAD dissector could go into an infinite loop. wnpa-sec-2013-23 CVE-2013-2486 CVE-2013-2487 o The GTPv2 dissector could crash.
wnpa-sec-2013-24 o The ASN.1 BER dissector could crash.
wnpa-sec-2013-25 o The PPP CCP dissector could crash.
wnpa-sec-2013-26 o The DCP ETSI dissector could crash.
wnpa-sec-2013-27 o The MPEG DSM-CC dissector could crash.
wnpa-sec-2013-28 o The Websocket dissector could crash.
wnpa-sec-2013-29 o The MySQL dissector could go into an infinite loop. wnpa-sec-2013-30 o The ETCH dissector could go into a large loop. wnpa-sec-2013-31
* Further bug fixes and updated protocol support as listed in:
[link moved to references] l>

Ohter bug fixes:

* bnc#816517: 'Save As' Nokia libpcap corrupting the file
* bnc#816887: wireshark crashed in 'SCTP' -> 'Prepare Filter for this Association'

Security Issue references:

* CVE-2013-2486
>
* CVE-2013-2487
>
* CVE-2013-3555
>
* CVE-2013-3556
>
* CVE-2013-3557
>
* CVE-2013-3558
>
* CVE-2013-3559
>
* CVE-2013-3560
>
* CVE-2013-3561
>
* CVE-2013-3562
>
* CVE-2013-3561
>
* CVE-2013-3561
>
* CVE-2013-4074
>
* CVE-2013-4075
>
* CVE-2013-4076
>
* CVE-2013-4077
>
* CVE-2013-4078
>
* CVE-2013-4079
>
* CVE-2013-4080
>
* CVE-2013-4081
>
* CVE-2013-4082
>
* CVE-2013-4083
>

Affected Software/OS:
'wireshark' package(s) on SUSE Linux Enterprise Software Development Kit 11 SP3, SUSE Linux Enterprise Software Development Kit 11 SP2, SUSE Linux Enterprise Server 11 SP3, SUSE Linux Enterprise Server 11 SP2, SUSE Linux Enterprise Desktop 11 SP3, SUSE Linux Enterprise Desktop 11 SP2

Solution:
Please install the updated package(s).

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2013-2486
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16109
http://secunia.com/advisories/52471
http://secunia.com/advisories/53425
SuSE Security Announcement: openSUSE-SU-2013:0494 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-03/msg00065.html
SuSE Security Announcement: openSUSE-SU-2013:0506 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-03/msg00077.html
SuSE Security Announcement: openSUSE-SU-2013:0911 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-06/msg00048.html
SuSE Security Announcement: openSUSE-SU-2013:0947 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-06/msg00083.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-2487
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16593
Common Vulnerability Exposure (CVE) ID: CVE-2013-3555
Debian Security Information: DSA-2700 (Google Search)
http://www.debian.org/security/2013/dsa-2700
http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16779
http://secunia.com/advisories/54425
SuSE Security Announcement: openSUSE-SU-2013:1084 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html
SuSE Security Announcement: openSUSE-SU-2013:1086 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-3556
Common Vulnerability Exposure (CVE) ID: CVE-2013-3557
http://www.mandriva.com/security/advisories?name=MDVSA-2013:172
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16521
RedHat Security Advisories: RHSA-2014:0341
http://rhn.redhat.com/errata/RHSA-2014-0341.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-3558
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16417
Common Vulnerability Exposure (CVE) ID: CVE-2013-3559
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16228
Common Vulnerability Exposure (CVE) ID: CVE-2013-3560
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16751
Common Vulnerability Exposure (CVE) ID: CVE-2013-3561
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16755
Common Vulnerability Exposure (CVE) ID: CVE-2013-3562
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16696
Common Vulnerability Exposure (CVE) ID: CVE-2013-4074
Debian Security Information: DSA-2709 (Google Search)
http://www.debian.org/security/2013/dsa-2709
http://www.exploit-db.com/exploits/33556
http://packetstormsecurity.com/files/126848/Wireshark-CAPWAP-Dissector-Denial-Of-Service.html
http://osvdb.org/show/osvdb/94091
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16698
http://secunia.com/advisories/53762
Common Vulnerability Exposure (CVE) ID: CVE-2013-4075
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16859
RedHat Security Advisories: RHSA-2017:0631
http://rhn.redhat.com/errata/RHSA-2017-0631.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-4076
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16676
Common Vulnerability Exposure (CVE) ID: CVE-2013-4077
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16829
Common Vulnerability Exposure (CVE) ID: CVE-2013-4078
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16936
Common Vulnerability Exposure (CVE) ID: CVE-2013-4079
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16691
Common Vulnerability Exposure (CVE) ID: CVE-2013-4080
BugTraq ID: 60503
http://www.securityfocus.com/bid/60503
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16873
Common Vulnerability Exposure (CVE) ID: CVE-2013-4081
BugTraq ID: 60505
http://www.securityfocus.com/bid/60505
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16820
Common Vulnerability Exposure (CVE) ID: CVE-2013-4082
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16886
Common Vulnerability Exposure (CVE) ID: CVE-2013-4083
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16375
http://secunia.com/advisories/54296
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2021 E-Soft Inc. All rights reserved.