Vulnerabilities > CVE-2009-1267 - Denial Of Service vulnerability in Wireshark Prior to 1.0.7

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
wireshark
microsoft
nessus

Summary

Unspecified vulnerability in the LDAP dissector in Wireshark 0.99.2 through 1.0.6, when running on Windows, allows remote attackers to cause a denial of service (crash) via unknown attack vectors.

Nessus

  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_1_WIRESHARK-090525.NASL
    descriptionVersion upgrade to Wireshark 1.0.7 to fix various vulnerabilities: CVE-2009-1269: crash while loading a Tektronix .rf5 file CVE-2009-1268: crash in Check Point High-Availability Protocol (CPHAP) dissector CVE-2009-1267: LDAP dissector could crash on Windows CVE-2009-1210: PROFINET format string bug CVE-2009-1266: additional PROFINET format string bugs, a crash in the PCNFSD dissector
    last seen2020-06-01
    modified2020-06-02
    plugin id40323
    published2009-07-21
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/40323
    titleopenSUSE Security Update : wireshark (wireshark-912)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update wireshark-912.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(40323);
      script_version("1.12");
      script_cvs_date("Date: 2019/10/25 13:36:35");
    
      script_cve_id("CVE-2009-1210", "CVE-2009-1266", "CVE-2009-1267", "CVE-2009-1268", "CVE-2009-1269");
    
      script_name(english:"openSUSE Security Update : wireshark (wireshark-912)");
      script_summary(english:"Check for the wireshark-912 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Version upgrade to Wireshark 1.0.7 to fix various vulnerabilities:
    CVE-2009-1269: crash while loading a Tektronix .rf5 file
    CVE-2009-1268: crash in Check Point High-Availability Protocol (CPHAP)
    dissector CVE-2009-1267: LDAP dissector could crash on Windows
    CVE-2009-1210: PROFINET format string bug CVE-2009-1266: additional
    PROFINET format string bugs, a crash in the PCNFSD dissector"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=493584"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected wireshark packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_cwe_id(20, 134);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:wireshark");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:wireshark-devel");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.1");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2009/05/25");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/07/21");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE11\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.1", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE11.1", reference:"wireshark-1.0.4-2.9.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"wireshark-devel-1.0.4-2.9.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "wireshark / wireshark-devel");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_0_WIRESHARK-090525.NASL
    descriptionVersion upgrade to Wireshark 1.0.7 to fix various vulnerabilities: CVE-2009-1269: crash while loading a Tektronix .rf5 file CVE-2009-1268: crash in Check Point High-Availability Protocol (CPHAP) dissector CVE-2009-1267: LDAP dissector could crash on Windows CVE-2009-1210: PROFINET format string bug CVE-2009-1266: additional PROFINET format string bugs, a crash in the PCNFSD dissector
    last seen2020-06-01
    modified2020-06-02
    plugin id40154
    published2009-07-21
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/40154
    titleopenSUSE Security Update : wireshark (wireshark-912)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update wireshark-912.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(40154);
      script_version("1.12");
      script_cvs_date("Date: 2019/10/25 13:36:34");
    
      script_cve_id("CVE-2009-1210", "CVE-2009-1266", "CVE-2009-1267", "CVE-2009-1268", "CVE-2009-1269");
    
      script_name(english:"openSUSE Security Update : wireshark (wireshark-912)");
      script_summary(english:"Check for the wireshark-912 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Version upgrade to Wireshark 1.0.7 to fix various vulnerabilities:
    CVE-2009-1269: crash while loading a Tektronix .rf5 file
    CVE-2009-1268: crash in Check Point High-Availability Protocol (CPHAP)
    dissector CVE-2009-1267: LDAP dissector could crash on Windows
    CVE-2009-1210: PROFINET format string bug CVE-2009-1266: additional
    PROFINET format string bugs, a crash in the PCNFSD dissector"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=493584"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected wireshark packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_cwe_id(20, 134);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:wireshark");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:wireshark-devel");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2009/05/25");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/07/21");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE11\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.0", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE11.0", reference:"wireshark-1.0.0-17.12") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"wireshark-devel-1.0.0-17.12") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "wireshark / wireshark-devel");
    }
    
  • NASL familyWindows
    NASL idWIRESHARK_1_0_7.NASL
    descriptionThe installed version of Wireshark or Ethereal is affected by multiple issues : - The PROFINET dissector is affected by a format string vulnerability which an attacker could exploit to execute arbitrary code. (Bug 3372) - Wireshark could crash while reading a malformed LDAP capture file. (Bug 3262) - Wireshark could crash while reading a malformed Check Point High-Availability Protocol capture file. (Bug 3269) - Wireshark could crash while reading a Tektronix .rf5 capture file. (Bug 3366)
    last seen2020-06-01
    modified2020-06-02
    plugin id36127
    published2009-04-10
    reporterThis script is Copyright (C) 2009-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/36127
    titleWireshark / Ethereal 0.99.2 to 1.0.6 Multiple Vulnerabilities
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    
    include("compat.inc");
    
    if (description)
    {
      script_id(36127);
      script_version("1.18");
    
      script_cve_id(
        "CVE-2009-1210",
        "CVE-2009-1267",
        "CVE-2009-1268",
        "CVE-2009-1269"
      );
      script_bugtraq_id(34291,34457);
      script_xref(name:"EDB-ID", value:"8308");
      script_xref(name:"Secunia", value:"34542");
    
      script_name(english:"Wireshark / Ethereal 0.99.2 to 1.0.6 Multiple Vulnerabilities");
      script_summary(english:"Checks Wireshark / Ethereal version");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote host has an application that is affected by multiple
    vulnerabilities.");
      script_set_attribute(attribute:"description", value:
    "The installed version of Wireshark or Ethereal is affected by multiple
    issues :
    
      - The PROFINET dissector is affected by a format string
        vulnerability which an attacker could exploit to execute
        arbitrary code. (Bug 3372)
    
      - Wireshark could crash while reading a malformed LDAP
        capture file. (Bug 3262)
    
      - Wireshark could crash while reading a malformed Check
        Point High-Availability Protocol capture file. 
        (Bug 3269)
    
      - Wireshark could crash while reading a Tektronix .rf5
        capture file. (Bug 3366)" );
      script_set_attribute(attribute:"see_also", value:"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3382" );
      script_set_attribute(attribute:"see_also", value:"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3262" );
      script_set_attribute(attribute:"see_also", value:"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3269" );
      script_set_attribute(attribute:"see_also", value:"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3366" );
      script_set_attribute(attribute:"see_also", value:"http://www.wireshark.org/security/wnpa-sec-2009-02.html" );
      script_set_attribute(attribute:"see_also", value:"https://www.wireshark.org/docs/relnotes/wireshark-1.0.7.html" );
      script_set_attribute(attribute:"solution", value:
    "Upgrade to Wireshark 1.0.7 or later." );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_cwe_id(20, 134);
    
     script_set_attribute(attribute:"plugin_publication_date", value: "2009/04/10");
     script_cvs_date("Date: 2018/11/15 20:50:29");
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:wireshark:wireshark");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Windows");
    
      script_copyright(english:"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.");
    
      script_dependencies("wireshark_installed.nasl");
      script_require_keys("SMB/Wireshark/Installed");
      
      exit(0);
    }
    
    include("global_settings.inc");
    
    # Check each install.
    installs = get_kb_list("SMB/Wireshark/*");
    if (isnull(installs)) exit(0);
    
    info = "";
    info2 = "";
    foreach install(keys(installs))
    {
      if ("/Installed" >< install) continue;
    
      version = install - "SMB/Wireshark/";
      ver = split(version, sep:".", keep:FALSE);
      for (i=0; i<max_index(ver); i++)
        ver[i] = int(ver[i]);
    
      if (
        (
          ver[0] == 0 &&
          (
            (ver[1] == 99 && ver[2] >= 2) ||
            ver[1] > 99
          )
        ) ||
        (ver[0] == 1 && ver[1] == 0 && ver[2] < 7)
      ) 
        info +=
          '\n  Path              : ' + installs[install] +
          '\n  Installed version : ' + version  +
          '\n  Fixed version     : 1.0.7\n';
      else
        info2 += '  - Version ' + version + ', under ' + installs[install] + '\n';
    }
    
    # Report if any were found to be vulnerable
    if (info)
    {
      if (report_verbosity > 0)
      {
        if (max_index(split(info)) > 4) s = "s of Wireshark / Ethereal are";
        else s = " of Wireshark or Ethereal is";
    
        report = string(
          "\n",
          "The following vulnerable instance", s, " installed : \n",
          "\n",
          info
        );
        security_hole(port:get_kb_item("SMB/transport"), extra:report);
      }
      else security_hole(get_kb_item("SMB/transport"));
    }
    if (info2)
      exit(0, "The following instance(s) of Wireshark / Ethereal are installed and are not vulnerable : "+info2);
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE9_12424.NASL
    descriptionVersion upgrade to Wireshark 1.0.7 to fix various vulnerabilities : - crash while loading a Tektronix .rf5 file. (CVE-2009-1269) - crash in Check Point High-Availability Protocol (CPHAP) dissector. (CVE-2009-1268) - LDAP dissector could crash on Windows. (CVE-2009-1267) - PROFINET format string bug. (CVE-2009-1210) - additional PROFINET format string bugs, a crash in the PCNFSD dissector. (CVE-2009-1266)
    last seen2020-06-01
    modified2020-06-02
    plugin id41303
    published2009-09-24
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/41303
    titleSuSE9 Security Update : ethereal (YOU Patch Number 12424)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The text description of this plugin is (C) Novell, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(41303);
      script_version("1.9");
      script_cvs_date("Date: 2019/10/25 13:36:33");
    
      script_cve_id("CVE-2009-1210", "CVE-2009-1266", "CVE-2009-1267", "CVE-2009-1268", "CVE-2009-1269");
    
      script_name(english:"SuSE9 Security Update : ethereal (YOU Patch Number 12424)");
      script_summary(english:"Checks rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 9 host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Version upgrade to Wireshark 1.0.7 to fix various vulnerabilities :
    
      - crash while loading a Tektronix .rf5 file.
        (CVE-2009-1269)
    
      - crash in Check Point High-Availability Protocol (CPHAP)
        dissector. (CVE-2009-1268)
    
      - LDAP dissector could crash on Windows. (CVE-2009-1267)
    
      - PROFINET format string bug. (CVE-2009-1210)
    
      - additional PROFINET format string bugs, a crash in the
        PCNFSD dissector. (CVE-2009-1266)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-1210.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-1266.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-1267.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-1268.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-1269.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply YOU patch number 12424.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_cwe_id(20, 134);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2009/05/25");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/09/24");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
    if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
    if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 9 on the '"+cpu+"' architecture have not been implemented.");
    
    
    flag = 0;
    if (rpm_check(release:"SUSE9", reference:"ethereal-0.10.13-2.41")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else exit(0, "The host is not affected.");
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_ETHEREAL-6269.NASL
    descriptionVersion upgrade to Wireshark 1.0.7 to fix various vulnerabilities : - crash while loading a Tektronix .rf5 file CVE-2009-1268: crash in Check Point High-Availability Protocol (CPHAP) dissector CVE-2009-1267: LDAP dissector could crash on Windows CVE-2009-1210: PROFINET format string bug CVE-2009-1266: additional PROFINET format string bugs, a crash in the PCNFSD dissector. (CVE-2009-1269)
    last seen2020-06-01
    modified2020-06-02
    plugin id41506
    published2009-09-24
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/41506
    titleSuSE 10 Security Update : ethereal (ZYPP Patch Number 6269)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The text description of this plugin is (C) Novell, Inc.
    #
    
    if (NASL_LEVEL < 3000) exit(0);
    
    include("compat.inc");
    
    if (description)
    {
      script_id(41506);
      script_version ("1.13");
      script_cvs_date("Date: 2019/10/25 13:36:36");
    
      script_cve_id("CVE-2009-1210", "CVE-2009-1266", "CVE-2009-1267", "CVE-2009-1268", "CVE-2009-1269");
    
      script_name(english:"SuSE 10 Security Update : ethereal (ZYPP Patch Number 6269)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 10 host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Version upgrade to Wireshark 1.0.7 to fix various vulnerabilities :
    
      - crash while loading a Tektronix .rf5 file CVE-2009-1268:
        crash in Check Point High-Availability Protocol (CPHAP)
        dissector CVE-2009-1267: LDAP dissector could crash on
        Windows CVE-2009-1210: PROFINET format string bug
        CVE-2009-1266: additional PROFINET format string bugs, a
        crash in the PCNFSD dissector. (CVE-2009-1269)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-1210.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-1266.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-1267.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-1268.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-1269.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 6269.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_cwe_id(20, 134);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2009/05/25");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/09/24");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
    if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
    if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented.");
    
    
    flag = 0;
    if (rpm_check(release:"SLED10", sp:2, reference:"ethereal-0.10.14-16.35")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"ethereal-0.10.14-16.35")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"ethereal-devel-0.10.14-16.35")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else exit(0, "The host is not affected.");
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_WIRESHARK-6271.NASL
    descriptionVersion upgrade to Wireshark 1.0.7 to fix various vulnerabilities: CVE-2009-1269: crash while loading a Tektronix .rf5 file CVE-2009-1268: crash in Check Point High-Availability Protocol (CPHAP) dissector CVE-2009-1267: LDAP dissector could crash on Windows CVE-2009-1210: PROFINET format string bug CVE-2009-1266: additional PROFINET format string bugs, a crash in the PCNFSD dissector
    last seen2020-06-01
    modified2020-06-02
    plugin id38924
    published2009-05-27
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/38924
    titleopenSUSE 10 Security Update : wireshark (wireshark-6271)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update wireshark-6271.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(38924);
      script_version ("1.9");
      script_cvs_date("Date: 2019/10/25 13:36:37");
    
      script_cve_id("CVE-2009-1210", "CVE-2009-1266", "CVE-2009-1267", "CVE-2009-1268", "CVE-2009-1269");
    
      script_name(english:"openSUSE 10 Security Update : wireshark (wireshark-6271)");
      script_summary(english:"Check for the wireshark-6271 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Version upgrade to Wireshark 1.0.7 to fix various vulnerabilities:
    CVE-2009-1269: crash while loading a Tektronix .rf5 file
    CVE-2009-1268: crash in Check Point High-Availability Protocol (CPHAP)
    dissector CVE-2009-1267: LDAP dissector could crash on Windows
    CVE-2009-1210: PROFINET format string bug CVE-2009-1266: additional
    PROFINET format string bugs, a crash in the PCNFSD dissector"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected wireshark packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_cwe_id(20, 134);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:wireshark");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:wireshark-devel");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.3");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2009/05/25");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/05/27");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE10\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "10.3", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE10.3", reference:"wireshark-0.99.6-31.18") ) flag++;
    if ( rpm_check(release:"SUSE10.3", reference:"wireshark-devel-0.99.6-31.18") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "wireshark / wireshark-devel");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_WIRESHARK-090525.NASL
    descriptionVersion upgrade to Wireshark 1.0.7 to fix various vulnerabilities : - crash while loading a Tektronix .rf5 file CVE-2009-1268: crash in Check Point High-Availability Protocol (CPHAP) dissector CVE-2009-1267: LDAP dissector could crash on Windows CVE-2009-1210: PROFINET format string bug CVE-2009-1266: additional PROFINET format string bugs, a crash in the PCNFSD dissector. (CVE-2009-1269)
    last seen2020-06-01
    modified2020-06-02
    plugin id41460
    published2009-09-24
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/41460
    titleSuSE 11 Security Update : wireshark (SAT Patch Number 910)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from SuSE 11 update information. The text itself is
    # copyright (C) Novell, Inc.
    #
    
    if (NASL_LEVEL < 3000) exit(0);
    
    include("compat.inc");
    
    if (description)
    {
      script_id(41460);
      script_version("1.12");
      script_cvs_date("Date: 2019/10/25 13:36:35");
    
      script_cve_id("CVE-2009-1210", "CVE-2009-1266", "CVE-2009-1267", "CVE-2009-1268", "CVE-2009-1269");
    
      script_name(english:"SuSE 11 Security Update : wireshark (SAT Patch Number 910)");
      script_summary(english:"Checks rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 11 host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Version upgrade to Wireshark 1.0.7 to fix various vulnerabilities :
    
      - crash while loading a Tektronix .rf5 file CVE-2009-1268:
        crash in Check Point High-Availability Protocol (CPHAP)
        dissector CVE-2009-1267: LDAP dissector could crash on
        Windows CVE-2009-1210: PROFINET format string bug
        CVE-2009-1266: additional PROFINET format string bugs, a
        crash in the PCNFSD dissector. (CVE-2009-1269)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=493584"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-1210.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-1266.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-1267.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-1268.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-1269.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply SAT patch number 910.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_cwe_id(20, 134);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:wireshark");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2009/05/25");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/09/24");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11");
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu);
    
    pl = get_kb_item("Host/SuSE/patchlevel");
    if (pl) audit(AUDIT_OS_NOT, "SuSE 11.0");
    
    
    flag = 0;
    if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"wireshark-1.0.5-1.26.1")) flag++;
    if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"wireshark-1.0.5-1.26.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"wireshark-1.0.5-1.26.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    

Oval

accepted2013-08-19T04:05:05.321-04:00
classvulnerability
contributors
  • nameChandan S
    organizationSecPod Technologies
  • nameShane Shaffer
    organizationG2, Inc.
  • nameShane Shaffer
    organizationG2, Inc.
definition_extensions
commentWireshark is installed on the system.
ovaloval:org.mitre.oval:def:6589
descriptionUnspecified vulnerability in the LDAP dissector in Wireshark 0.99.2 through 1.0.6, when running on Windows, allows remote attackers to cause a denial of service (crash) via unknown attack vectors.
familywindows
idoval:org.mitre.oval:def:6099
statusaccepted
submitted2009-04-16T16:30:43
titleWireshark LDAP dissector Denial of Service Vulnerability
version7

Seebug

bulletinFamilyexploit
descriptionBUGTRAQ ID: 34457 CVE(CAN) ID: CVE-2009-1267,CVE-2009-1268,CVE-2009-1269 Wireshark之前名为Ethereal,是一款非常流行的网络协议分析工具。 Wireshark的LDAP和CPHAP协议解析模块中存在拒绝服务漏洞。如果用户受骗从网络抓取了恶意的LDAP或CPHA FWHA_MY_STATE报文或读取了恶意抓包文件的话,就会导致解析模块崩溃。此外如果加载了恶意的Tektronix .rf5文件的话Wireshark可能会崩溃。 Wireshark 0.9.6 - 1.0.6 Wireshark --------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: <a href=http://media-2.cacetech.com/wireshark/src/wireshark-1.0.7.tar.bz2 target=_blank rel=external nofollow>http://media-2.cacetech.com/wireshark/src/wireshark-1.0.7.tar.bz2</a>
idSSV:5036
last seen2017-11-19
modified2009-04-11
published2009-04-11
reporterRoot
titleWireshark 1.0.7版本修复多个拒绝服务漏洞

Statements

contributorTomas Hoger
lastmodified2009-04-17
organizationRed Hat
statementNot vulnerable. This issue did not affect the versions of wireshark as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.