Vulnerabilities > CVE-2006-4332 - Multiple vulnerability in Wireshark
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Unspecified vulnerability in the DHCP dissector in Wireshark (formerly Ethereal) 0.10.13 through 0.99.2, when run on Windows, allows remote attackers to cause a denial of service (crash) via unspecified vectors that trigger a bug in Glib.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 5 |
Nessus
NASL family SuSE Local Security Checks NASL id SUSE_ETHEREAL-2028.NASL description A security problem was fixed in ethereal, which could be used by remote attackers to hang the ethereal process. - If the SSCOP dissector has a port range configured AND the SSCOP payload protocol is Q.2931, a malformed packet could make the Q.2931 dissector use up available memory. No port range is configured by default. (CVE-2006-4333) The vulnerabilities tracked by the Mitre CVE IDs CVE-2006-4330 (SCSI dissector), CVE-2006-4331 (ESP decryption), CVE-2006-4332 (DHCP dissector) do not affect our shipped ethereal releases. last seen 2020-06-01 modified 2020-06-02 plugin id 29419 published 2007-12-13 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/29419 title SuSE 10 Security Update : ethereal (ZYPP Patch Number 2028) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The text description of this plugin is (C) Novell, Inc. # include("compat.inc"); if (description) { script_id(29419); script_version ("1.16"); script_cvs_date("Date: 2019/10/25 13:36:28"); script_cve_id("CVE-2006-4333"); script_name(english:"SuSE 10 Security Update : ethereal (ZYPP Patch Number 2028)"); script_summary(english:"Checks rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 10 host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "A security problem was fixed in ethereal, which could be used by remote attackers to hang the ethereal process. - If the SSCOP dissector has a port range configured AND the SSCOP payload protocol is Q.2931, a malformed packet could make the Q.2931 dissector use up available memory. No port range is configured by default. (CVE-2006-4333) The vulnerabilities tracked by the Mitre CVE IDs CVE-2006-4330 (SCSI dissector), CVE-2006-4331 (ESP decryption), CVE-2006-4332 (DHCP dissector) do not affect our shipped ethereal releases." ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2006-4330.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2006-4331.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2006-4332.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2006-4333.html" ); script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 2028."); script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:C"); script_cwe_id(399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2006/08/30"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/12/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled."); if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE."); if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages."); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) exit(1, "Failed to determine the architecture type."); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented."); flag = 0; if (rpm_check(release:"SLED10", sp:0, reference:"ethereal-0.10.14-16.8")) flag++; if (rpm_check(release:"SLES10", sp:0, reference:"ethereal-0.10.14-16.8")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else exit(0, "The host is not affected.");NASL family Fedora Local Security Checks NASL id FEDORA_2006-936.NASL description CVE-2006-4330 Wireshark security issues (CVE-2006-4333 CVE-2006-4332 CVE-2006-4331) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 24173 published 2007-01-17 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/24173 title Fedora Core 5 : wireshark-0.99.3-fc5.1 (2006-936) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2006-936. # include("compat.inc"); if (description) { script_id(24173); script_version ("1.15"); script_cvs_date("Date: 2019/08/02 13:32:25"); script_xref(name:"FEDORA", value:"2006-936"); script_name(english:"Fedora Core 5 : wireshark-0.99.3-fc5.1 (2006-936)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora Core host is missing a security update." ); script_set_attribute( attribute:"description", value: "CVE-2006-4330 Wireshark security issues (CVE-2006-4333 CVE-2006-4332 CVE-2006-4331) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); # https://lists.fedoraproject.org/pipermail/package-announce/2006-August/000566.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?a0a023f6" ); script_set_attribute( attribute:"solution", value: "Update the affected wireshark, wireshark-debuginfo and / or wireshark-gnome packages." ); script_set_attribute(attribute:"risk_factor", value:"High"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:wireshark"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:wireshark-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:wireshark-gnome"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora_core:5"); script_set_attribute(attribute:"patch_publication_date", value:"2006/08/25"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/01/17"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 5.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC5", reference:"wireshark-0.99.3-fc5.1")) flag++; if (rpm_check(release:"FC5", reference:"wireshark-debuginfo-0.99.3-fc5.1")) flag++; if (rpm_check(release:"FC5", reference:"wireshark-gnome-0.99.3-fc5.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "wireshark / wireshark-debuginfo / wireshark-gnome"); }NASL family SuSE Local Security Checks NASL id SUSE_ETHEREAL-2029.NASL description A security problem was fixed in ethereal, which could be used by remote attackers to hang the ethereal process. CVE-2006-4333: If the SSCOP dissector has a port range configured AND the SSCOP payload protocol is Q.2931, a malformed packet could make the Q.2931 dissector use up available memory. No port range is configured by default. The vulnerabilities tracked by the Mitre CVE IDs CVE-2006-4330 (SCSI dissector), CVE-2006-4331 (ESP decryption), CVE-2006-4332 (DHCP dissector) do not affect our shipped ethereal releases. last seen 2020-06-01 modified 2020-06-02 plugin id 27206 published 2007-10-17 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/27206 title openSUSE 10 Security Update : ethereal (ethereal-2029) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update ethereal-2029. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(27206); script_version ("1.14"); script_cvs_date("Date: 2019/10/25 13:36:28"); script_cve_id("CVE-2006-4330", "CVE-2006-4331", "CVE-2006-4332", "CVE-2006-4333"); script_name(english:"openSUSE 10 Security Update : ethereal (ethereal-2029)"); script_summary(english:"Check for the ethereal-2029 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "A security problem was fixed in ethereal, which could be used by remote attackers to hang the ethereal process. CVE-2006-4333: If the SSCOP dissector has a port range configured AND the SSCOP payload protocol is Q.2931, a malformed packet could make the Q.2931 dissector use up available memory. No port range is configured by default. The vulnerabilities tracked by the Mitre CVE IDs CVE-2006-4330 (SCSI dissector), CVE-2006-4331 (ESP decryption), CVE-2006-4332 (DHCP dissector) do not affect our shipped ethereal releases." ); script_set_attribute( attribute:"solution", value:"Update the affected ethereal packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:C"); script_cwe_id(399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ethereal"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ethereal-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.1"); script_set_attribute(attribute:"patch_publication_date", value:"2006/08/30"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/10/17"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE10\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "10.1", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE10.1", reference:"ethereal-0.10.14-16.8") ) flag++; if ( rpm_check(release:"SUSE10.1", reference:"ethereal-devel-0.10.14-16.8") ) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ethereal"); }NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2006-152.NASL description Vulnerabilities in the SCSI, DHCP, and SSCOP dissectors were discovered in versions of wireshark less than 0.99.3, as well as an off-by-one error in the IPsec ESP preference parser if compiled with ESP decryption support. This updated provides wireshark 0.99.3a which is not vulnerable to these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 23898 published 2006-12-16 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/23898 title Mandrake Linux Security Advisory : wireshark (MDKSA-2006:152) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandrake Linux Security Advisory MDKSA-2006:152. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(23898); script_version ("1.15"); script_cvs_date("Date: 2019/08/02 13:32:48"); script_cve_id("CVE-2006-4330", "CVE-2006-4331", "CVE-2006-4332", "CVE-2006-4333"); script_xref(name:"MDKSA", value:"2006:152"); script_name(english:"Mandrake Linux Security Advisory : wireshark (MDKSA-2006:152)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Mandrake Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Vulnerabilities in the SCSI, DHCP, and SSCOP dissectors were discovered in versions of wireshark less than 0.99.3, as well as an off-by-one error in the IPsec ESP preference parser if compiled with ESP decryption support. This updated provides wireshark 0.99.3a which is not vulnerable to these issues." ); script_set_attribute( attribute:"see_also", value:"http://www.wireshark.org/security/wnpa-sec-2006-02.html" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:C"); script_cwe_id(399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64wireshark0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libwireshark0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:tshark"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:wireshark"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:wireshark-tools"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2006"); script_set_attribute(attribute:"patch_publication_date", value:"2006/08/25"); script_set_attribute(attribute:"plugin_publication_date", value:"2006/12/16"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2006-2019 Tenable Network Security, Inc."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK2006.0", cpu:"x86_64", reference:"lib64wireshark0-0.99.3a-0.1.20060mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK2006.0", cpu:"i386", reference:"libwireshark0-0.99.3a-0.1.20060mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK2006.0", reference:"tshark-0.99.3a-0.1.20060mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK2006.0", reference:"wireshark-0.99.3a-0.1.20060mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK2006.0", reference:"wireshark-tools-0.99.3a-0.1.20060mdk", yank:"mdk")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200608-26.NASL description The remote host is affected by the vulnerability described in GLSA-200608-26 (Wireshark: Multiple vulnerabilities) The following vulnerabilities have been discovered in Wireshark. Firstly, if the IPsec ESP parser is used it is susceptible to off-by-one errors, this parser is disabled by default; secondly, the SCSI dissector is vulnerable to an unspecified crash; and finally, the Q.2931 dissector of the SSCOP payload may use all the available memory if a port range is configured. By default, no port ranges are configured. Impact : An attacker might be able to exploit these vulnerabilities, resulting in a crash or the execution of arbitrary code with the permissions of the user running Wireshark, possibly the root user. Workaround : Disable the SCSI and Q.2931 dissectors with the last seen 2020-06-01 modified 2020-06-02 plugin id 22288 published 2006-08-30 reporter This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/22288 title GLSA-200608-26 : Wireshark: Multiple vulnerabilities code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 200608-26. # # The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(22288); script_version("1.14"); script_cvs_date("Date: 2019/08/02 13:32:43"); script_cve_id("CVE-2006-4330", "CVE-2006-4331", "CVE-2006-4332", "CVE-2006-4333"); script_xref(name:"GLSA", value:"200608-26"); script_name(english:"GLSA-200608-26 : Wireshark: Multiple vulnerabilities"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-200608-26 (Wireshark: Multiple vulnerabilities) The following vulnerabilities have been discovered in Wireshark. Firstly, if the IPsec ESP parser is used it is susceptible to off-by-one errors, this parser is disabled by default; secondly, the SCSI dissector is vulnerable to an unspecified crash; and finally, the Q.2931 dissector of the SSCOP payload may use all the available memory if a port range is configured. By default, no port ranges are configured. Impact : An attacker might be able to exploit these vulnerabilities, resulting in a crash or the execution of arbitrary code with the permissions of the user running Wireshark, possibly the root user. Workaround : Disable the SCSI and Q.2931 dissectors with the 'Analyse' and 'Enabled protocols' menus. Make sure the ESP decryption is disabled, with the 'Edit -> Preferences -> Protocols -> ESP' menu." ); # http://www.wireshark.org/security/wnpa-sec-2006-02.html script_set_attribute( attribute:"see_also", value:"https://www.wireshark.org/security/wnpa-sec-2006-02.html" ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/200608-26" ); script_set_attribute( attribute:"solution", value: "All Wireshark users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-analyzer/wireshark-0.99.3'" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:C"); script_cwe_id(399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:wireshark"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2006/08/29"); script_set_attribute(attribute:"plugin_publication_date", value:"2006/08/30"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"net-analyzer/wireshark", unaffected:make_list("ge 0.99.3"), vulnerable:make_list("lt 0.99.3"))) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get()); else security_warning(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Wireshark"); }NASL family Fedora Local Security Checks NASL id FEDORA_2006-1141.NASL description - Wed Nov 1 2006 Radek Vokal <rvokal at redhat.com> 0.99.4-1.fc5 - upgrade to 0.99.4, fixes multiple security issues - use dist tag - CVE-2006-5468 - The HTTP dissector could dereference a NULL pointer. - CVE-2006-5469 - The WBXML dissector could crash. - CVE-2006-5470 - The LDAP dissector (and possibly others) could crash. - CVE-2006-4805 - Basic DoS, The XOT dissector could attempt to allocate a large amount of memory and crash. - CVE-2006-4574 - Single byte \0 overflow written onto the heap - Fri Aug 25 2006 Radek Vokal <rvokal at redhat.com> 0.99.3-fc5.1 - upgrade to 0.99.3-1 - CVE-2006-4330 Wireshark security issues (CVE-2006-4333 CVE-2006-4332 CVE-2006-4331) - Wed Jul 26 2006 Radek Vokal <rvokal at redhat.com> 0.99.2-fc5.2 - fix BuildRequires - Tue Jul 25 2006 Radek Vokal <rvokal at redhat.com> 0.99.2-fc5.1 - build for FC5 - Tue Jul 18 2006 Radek Vokal <rvokal at redhat.com> 0.99.2-1 - upgrade to 0.99.2 - Wed Jul 12 2006 Jesse Keating <jkeating at redhat.com> - 0.99.2-0.pre1.1 - rebuild - Tue Jul 11 2006 Radek Vokal <rvokal at redhat.com> 0.99.2-0.pre1 - upgrade to 0.99.2pre1, fixes (#198242) - Tue Jun 13 2006 Radek Vokal <rvokal at redhat.com> 0.99.1-0.pre1 - spec file changes - Fri Jun 9 2006 Radek Vokal <rvokal at redhat.com> 0.99.1pre1-1 - initial build for Fedora Core Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 24041 published 2007-01-17 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/24041 title Fedora Core 5 : wireshark-0.99.4-1.fc5 (2006-1141) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2006-1141. # include("compat.inc"); if (description) { script_id(24041); script_version ("1.18"); script_cvs_date("Date: 2019/08/02 13:32:24"); script_cve_id("CVE-2006-5740"); script_xref(name:"FEDORA", value:"2006-1141"); script_name(english:"Fedora Core 5 : wireshark-0.99.4-1.fc5 (2006-1141)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora Core host is missing a security update." ); script_set_attribute( attribute:"description", value: " - Wed Nov 1 2006 Radek Vokal <rvokal at redhat.com> 0.99.4-1.fc5 - upgrade to 0.99.4, fixes multiple security issues - use dist tag - CVE-2006-5468 - The HTTP dissector could dereference a NULL pointer. - CVE-2006-5469 - The WBXML dissector could crash. - CVE-2006-5470 - The LDAP dissector (and possibly others) could crash. - CVE-2006-4805 - Basic DoS, The XOT dissector could attempt to allocate a large amount of memory and crash. - CVE-2006-4574 - Single byte \0 overflow written onto the heap - Fri Aug 25 2006 Radek Vokal <rvokal at redhat.com> 0.99.3-fc5.1 - upgrade to 0.99.3-1 - CVE-2006-4330 Wireshark security issues (CVE-2006-4333 CVE-2006-4332 CVE-2006-4331) - Wed Jul 26 2006 Radek Vokal <rvokal at redhat.com> 0.99.2-fc5.2 - fix BuildRequires - Tue Jul 25 2006 Radek Vokal <rvokal at redhat.com> 0.99.2-fc5.1 - build for FC5 - Tue Jul 18 2006 Radek Vokal <rvokal at redhat.com> 0.99.2-1 - upgrade to 0.99.2 - Wed Jul 12 2006 Jesse Keating <jkeating at redhat.com> - 0.99.2-0.pre1.1 - rebuild - Tue Jul 11 2006 Radek Vokal <rvokal at redhat.com> 0.99.2-0.pre1 - upgrade to 0.99.2pre1, fixes (#198242) - Tue Jun 13 2006 Radek Vokal <rvokal at redhat.com> 0.99.1-0.pre1 - spec file changes - Fri Jun 9 2006 Radek Vokal <rvokal at redhat.com> 0.99.1pre1-1 - initial build for Fedora Core Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); # https://lists.fedoraproject.org/pipermail/package-announce/2006-November/000791.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?84606904" ); script_set_attribute( attribute:"solution", value: "Update the affected wireshark, wireshark-debuginfo and / or wireshark-gnome packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:wireshark"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:wireshark-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:wireshark-gnome"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora_core:5"); script_set_attribute(attribute:"patch_publication_date", value:"2006/11/01"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/01/17"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 5.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC5", reference:"wireshark-0.99.4-1.fc5")) flag++; if (rpm_check(release:"FC5", reference:"wireshark-debuginfo-0.99.4-1.fc5")) flag++; if (rpm_check(release:"FC5", reference:"wireshark-gnome-0.99.4-1.fc5")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "wireshark / wireshark-debuginfo / wireshark-gnome"); }
References
- http://secunia.com/advisories/21597
- http://secunia.com/advisories/21619
- http://secunia.com/advisories/21649
- http://secunia.com/advisories/21682
- http://security.gentoo.org/glsa/glsa-200608-26.xml
- http://securitytracker.com/id?1016736
- http://www.kb.cert.org/vuls/id/335656
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:152
- http://www.securityfocus.com/bid/19690
- http://www.vupen.com/english/advisories/2006/3370
- http://www.wireshark.org/security/wnpa-sec-2006-02.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28553
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28554