Vulnerabilities > CVE-2006-5595 - Remote Security vulnerability in Wireshark

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

wireshark

nessus

NVD

Published: 2006-10-28

Updated: 2017-10-11

Summary

Unspecified vulnerability in the AirPcap support in Wireshark (formerly Ethereal) 0.99.3 has unspecified attack vectors related to WEP key parsing.

Vulnerable Configurations

Part	Description	Count
Application	Wireshark Wireshark Wireshark 0.7.9 Wireshark Wireshark 0.8.16 Wireshark Wireshark 0.9.10 Wireshark Wireshark 0.10 Wireshark Wireshark 0.10.4 Wireshark Wireshark 0.10.13 Wireshark Wireshark 0.99 Wireshark Wireshark 0.99.1 Wireshark Wireshark 0.99.2 Wireshark Wireshark 0.99.3	10

Nessus

NASL family	Mandriva Local Security Checks
NASL id	MANDRAKE_MDKSA-2006-195.NASL
description	Vulnerabilities in the HTTP, LDAP, XOT, WBXML, and MIME Multipart dissectors were discovered in versions of wireshark less than 0.99.4, as well as various other bugs. This updated provides wireshark 0.99.4 which is not vulnerable to these issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	24580
published	2007-02-18
reporter	This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/24580
title	Mandrake Linux Security Advisory : wireshark (MDKSA-2006:195)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandrake Linux Security Advisory MDKSA-2006:195. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(24580); script_version ("1.17"); script_cvs_date("Date: 2019/08/02 13:32:48"); script_cve_id("CVE-2006-4574", "CVE-2006-4805", "CVE-2006-5468", "CVE-2006-5469", "CVE-2006-5595", "CVE-2006-5740"); script_bugtraq_id(20762); script_xref(name:"MDKSA", value:"2006:195"); script_name(english:"Mandrake Linux Security Advisory : wireshark (MDKSA-2006:195)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Mandrake Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Vulnerabilities in the HTTP, LDAP, XOT, WBXML, and MIME Multipart dissectors were discovered in versions of wireshark less than 0.99.4, as well as various other bugs. This updated provides wireshark 0.99.4 which is not vulnerable to these issues." ); script_set_attribute( attribute:"see_also", value:"https://www.wireshark.org/security/wnpa-sec-2006-03.html" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64wireshark0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libwireshark0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:tshark"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:wireshark"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:wireshark-tools"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2006"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2007"); script_set_attribute(attribute:"patch_publication_date", value:"2006/11/02"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/02/18"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64\|i[3-6]86\|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK2006.0", cpu:"x86_64", reference:"lib64wireshark0-0.99.4-0.1.20060mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK2006.0", cpu:"i386", reference:"libwireshark0-0.99.4-0.1.20060mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK2006.0", reference:"tshark-0.99.4-0.1.20060mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK2006.0", reference:"wireshark-0.99.4-0.1.20060mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK2006.0", reference:"wireshark-tools-0.99.4-0.1.20060mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK2007.0", cpu:"x86_64", reference:"lib64wireshark0-0.99.4-0.1mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", cpu:"i386", reference:"libwireshark0-0.99.4-0.1mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", reference:"tshark-0.99.4-0.1mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", reference:"wireshark-0.99.4-0.1mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", reference:"wireshark-tools-0.99.4-0.1mdv2007.0", yank:"mdv")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");

Oval

accepted

2013-08-19T04:00:37.401-04:00

class

vulnerability

contributors

name Shane Shaffer
organization G2, Inc.
name Shane Shaffer
organization G2, Inc.
name Shane Shaffer
organization G2, Inc.

definition_extensions

comment	Wireshark is installed on the system.
oval	oval:org.mitre.oval:def:6589

description

Unspecified vulnerability in the AirPcap support in Wireshark (formerly Ethereal) 0.99.3 has unspecified attack vectors related to WEP key parsing.

family

windows

oval:org.mitre.oval:def:14787

status

accepted

submitted

2012-02-27T15:34:33.178-04:00

title

AirPcap support vulnerability in Wireshark 0.99.3

version

Summary

Vulnerable Configurations

Nessus

Oval

References