Vulnerabilities > CVE-2009-3551 - Numeric Errors vulnerability in Wireshark 1.2/1.2.0/1.2.1

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN

Summary

Off-by-one error in the dissect_negprot_response function in packet-smb.c in the SMB dissector in Wireshark 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace. NOTE: some of these details are obtained from third party information.

Vulnerable Configurations

Part Description Count
Application
Wireshark
3

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200911-05.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200911-05 (Wireshark: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Wireshark: Ryan Giobbi reported an integer overflow in wiretap/erf.c (CVE-2009-3829). The vendor reported multiple unspecified vulnerabilities in the Bluetooth L2CAP, RADIUS, and MIOP dissectors (CVE-2009-2560), in the OpcUa dissector (CVE-2009-3241), in packet.c in the GSM A RR dissector (CVE-2009-3242), in the TLS dissector (CVE-2009-3243), in the Paltalk dissector (CVE-2009-3549), in the DCERPC/NT dissector (CVE-2009-3550), and in the dissect_negprot_response() function in packet-smb.c in the SMB dissector (CVE-2009-3551). Impact : A remote attacker could entice a user to open a specially crafted
    last seen2020-06-01
    modified2020-06-02
    plugin id42915
    published2009-11-30
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/42915
    titleGLSA-200911-05 : Wireshark: Multiple vulnerabilities
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Gentoo Linux Security Advisory GLSA 200911-05.
    #
    # The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.
    # and licensed under the Creative Commons - Attribution / Share Alike 
    # license. See http://creativecommons.org/licenses/by-sa/3.0/
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(42915);
      script_version("1.15");
      script_cvs_date("Date: 2019/08/02 13:32:45");
    
      script_cve_id("CVE-2009-2560", "CVE-2009-3241", "CVE-2009-3242", "CVE-2009-3243", "CVE-2009-3549", "CVE-2009-3550", "CVE-2009-3551", "CVE-2009-3829");
      script_bugtraq_id(35748, 36408, 36591, 36846);
      script_xref(name:"GLSA", value:"200911-05");
    
      script_name(english:"GLSA-200911-05 : Wireshark: Multiple vulnerabilities");
      script_summary(english:"Checks for updated package(s) in /var/db/pkg");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Gentoo host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote host is affected by the vulnerability described in GLSA-200911-05
    (Wireshark: Multiple vulnerabilities)
    
        Multiple vulnerabilities have been discovered in Wireshark:
        Ryan Giobbi reported an integer overflow in wiretap/erf.c
        (CVE-2009-3829).
        The vendor reported multiple unspecified
        vulnerabilities in the Bluetooth L2CAP, RADIUS, and MIOP dissectors
        (CVE-2009-2560), in the OpcUa dissector (CVE-2009-3241), in packet.c in
        the GSM A RR dissector (CVE-2009-3242), in the TLS dissector
        (CVE-2009-3243), in the Paltalk dissector (CVE-2009-3549), in the
        DCERPC/NT dissector (CVE-2009-3550), and in the
        dissect_negprot_response() function in packet-smb.c in the SMB
        dissector (CVE-2009-3551).
      
    Impact :
    
        A remote attacker could entice a user to open a specially crafted 'erf'
        file using Wireshark, possibly resulting in the execution of arbitrary
        code with the privileges of the user running the application. A remote
        attacker could furthermore send specially crafted packets on a network
        being monitored by Wireshark or entice a user to open a malformed
        packet trace file using Wireshark, possibly resulting in a Denial of
        Service.
      
    Workaround :
    
        There is no known workaround at this time."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security.gentoo.org/glsa/200911-05"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "All Wireshark users should upgrade to the latest version:
        # emerge --sync
        # emerge --ask --oneshot --verbose '>=net-analyzer/wireshark-1.2.3'"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_cwe_id(20, 189);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:wireshark");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2009/11/25");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/11/30");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
      script_family(english:"Gentoo Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("qpkg.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
    if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    
    if (qpkg_check(package:"net-analyzer/wireshark", unaffected:make_list("ge 1.2.3"), vulnerable:make_list("lt 1.2.3"))) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = qpkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Wireshark");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_0_WIRESHARK-091125.NASL
    descriptionVersion upgrade of wireshark fix multiple vulnerabilities : - CVE-2009-3549: CVSS v2 Base Score: 5.0 (MEDIUM) The Paltalk dissector could crash on alignment-sensitive processors. - CVE-2009-3550: CVSS v2 Base Score: 4.3 (MEDIUM) The DCERPC/NT dissector could crash. - CVE-2009-3551: CVSS v2 Base Score: 5.0 (MEDIUM) The SMB dissector could crash. - CVE-2009-2560: CVSS v2 Base Score: 5.0 (MEDIUM) The RADIUS dissector could crash. - CVE-2009-3829 CVSS v2 Base Score: 9.3 (HIGH) Fix for an integer overflow in wiretap/erf.c that allowed remote attackers to execute arbitrary code via a crafted ERF file. This does not affect SLE products.
    last seen2020-06-01
    modified2020-06-02
    plugin id42950
    published2009-12-01
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/42950
    titleopenSUSE Security Update : wireshark (wireshark-1600)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update wireshark-1600.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(42950);
      script_version("1.9");
      script_cvs_date("Date: 2019/10/25 13:36:34");
    
      script_cve_id("CVE-2009-2560", "CVE-2009-3549", "CVE-2009-3550", "CVE-2009-3551", "CVE-2009-3829");
    
      script_name(english:"openSUSE Security Update : wireshark (wireshark-1600)");
      script_summary(english:"Check for the wireshark-1600 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Version upgrade of wireshark fix multiple vulnerabilities :
    
      - CVE-2009-3549: CVSS v2 Base Score: 5.0 (MEDIUM) The
        Paltalk dissector could crash on alignment-sensitive
        processors.
    
      - CVE-2009-3550: CVSS v2 Base Score: 4.3 (MEDIUM) The
        DCERPC/NT dissector could crash.
    
      - CVE-2009-3551: CVSS v2 Base Score: 5.0 (MEDIUM) The SMB
        dissector could crash.
    
      - CVE-2009-2560: CVSS v2 Base Score: 5.0 (MEDIUM) The
        RADIUS dissector could crash.
    
      - CVE-2009-3829 CVSS v2 Base Score: 9.3 (HIGH) Fix for an
        integer overflow in wiretap/erf.c that allowed remote
        attackers to execute arbitrary code via a crafted ERF
        file. This does not affect SLE products."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=550320"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=553215"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected wireshark packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_cwe_id(20, 189);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:wireshark");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:wireshark-devel");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2009/11/25");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/12/01");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE11\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.0", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE11.0", reference:"wireshark-1.0.0-17.19") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"wireshark-devel-1.0.0-17.19") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "wireshark / wireshark-devel");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_2_WIRESHARK-091125.NASL
    descriptionVersion upgrade of wireshark fix multiple vulnerabilities : - CVE-2009-3549: CVSS v2 Base Score: 5.0 (MEDIUM) The Paltalk dissector could crash on alignment-sensitive processors. - CVE-2009-3550: CVSS v2 Base Score: 4.3 (MEDIUM) The DCERPC/NT dissector could crash. - CVE-2009-3551: CVSS v2 Base Score: 5.0 (MEDIUM) The SMB dissector could crash. - CVE-2009-2560: CVSS v2 Base Score: 5.0 (MEDIUM) The RADIUS dissector could crash. - CVE-2009-3829 CVSS v2 Base Score: 9.3 (HIGH) Fix for an integer overflow in wiretap/erf.c that allowed remote attackers to execute arbitrary code via a crafted ERF file. This does not affect SLE products.
    last seen2020-06-01
    modified2020-06-02
    plugin id42955
    published2009-12-01
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/42955
    titleopenSUSE Security Update : wireshark (wireshark-1600)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update wireshark-1600.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(42955);
      script_version("1.9");
      script_cvs_date("Date: 2019/10/25 13:36:35");
    
      script_cve_id("CVE-2009-2560", "CVE-2009-3549", "CVE-2009-3550", "CVE-2009-3551", "CVE-2009-3829");
    
      script_name(english:"openSUSE Security Update : wireshark (wireshark-1600)");
      script_summary(english:"Check for the wireshark-1600 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Version upgrade of wireshark fix multiple vulnerabilities :
    
      - CVE-2009-3549: CVSS v2 Base Score: 5.0 (MEDIUM) The
        Paltalk dissector could crash on alignment-sensitive
        processors.
    
      - CVE-2009-3550: CVSS v2 Base Score: 4.3 (MEDIUM) The
        DCERPC/NT dissector could crash.
    
      - CVE-2009-3551: CVSS v2 Base Score: 5.0 (MEDIUM) The SMB
        dissector could crash.
    
      - CVE-2009-2560: CVSS v2 Base Score: 5.0 (MEDIUM) The
        RADIUS dissector could crash.
    
      - CVE-2009-3829 CVSS v2 Base Score: 9.3 (HIGH) Fix for an
        integer overflow in wiretap/erf.c that allowed remote
        attackers to execute arbitrary code via a crafted ERF
        file. This does not affect SLE products."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=550320"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=553215"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected wireshark packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_cwe_id(20, 189);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:wireshark");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:wireshark-devel");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.2");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2009/11/25");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/12/01");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE11\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.2", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE11.2", reference:"wireshark-1.2.1-3.10.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"wireshark-devel-1.2.1-3.10.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "wireshark / wireshark-devel");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE9_12530.NASL
    descriptionThis is an update of wireshark to fix multiple vulnerabilities : - CVSS v2 Base Score: 5.0 (MEDIUM) The Paltalk dissector could crash on alignment-sensitive processors. (CVE-2009-3549) - CVSS v2 Base Score: 4.3 (MEDIUM) The DCERPC/NT dissector could crash. (CVE-2009-3550) - CVSS v2 Base Score: 5.0 (MEDIUM) The SMB dissector could crash. (CVE-2009-3551) - CVSS v2 Base Score: 5.0 (MEDIUM) The RADIUS dissector could crash. (CVE-2009-2560)
    last seen2020-06-01
    modified2020-06-02
    plugin id42947
    published2009-12-01
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/42947
    titleSuSE9 Security Update : ethereal (YOU Patch Number 12530)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The text description of this plugin is (C) Novell, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(42947);
      script_version("1.8");
      script_cvs_date("Date: 2019/10/25 13:36:33");
    
      script_cve_id("CVE-2009-2560", "CVE-2009-3549", "CVE-2009-3550", "CVE-2009-3551");
    
      script_name(english:"SuSE9 Security Update : ethereal (YOU Patch Number 12530)");
      script_summary(english:"Checks rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 9 host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This is an update of wireshark to fix multiple vulnerabilities :
    
      - CVSS v2 Base Score: 5.0 (MEDIUM) The Paltalk dissector
        could crash on alignment-sensitive processors.
        (CVE-2009-3549)
    
      - CVSS v2 Base Score: 4.3 (MEDIUM) The DCERPC/NT dissector
        could crash. (CVE-2009-3550)
    
      - CVSS v2 Base Score: 5.0 (MEDIUM) The SMB dissector could
        crash. (CVE-2009-3551)
    
      - CVSS v2 Base Score: 5.0 (MEDIUM) The RADIUS dissector
        could crash. (CVE-2009-2560)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-2560.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3549.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3550.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3551.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply YOU patch number 12530.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_cwe_id(20, 189);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2009/11/04");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/12/01");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
    if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
    if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 9 on the '"+cpu+"' architecture have not been implemented.");
    
    
    flag = 0;
    if (rpm_check(release:"SUSE9", reference:"ethereal-0.10.13-2.45")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else exit(0, "The host is not affected.");
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_ETHEREAL-6627.NASL
    descriptionUpdate of wireshark to fix multiple vulnerabilities : - The Paltalk dissector could crash on alignment-sensitive processors. (CVE-2009-3549: CVSS v2 Base Score: 5.0 (MEDIUM)) - The DCERPC/NT dissector could crash. (CVE-2009-3550: CVSS v2 Base Score: 4.3 (MEDIUM)) - The SMB dissector could crash. (CVE-2009-3551: CVSS v2 Base Score: 5.0 (MEDIUM)) - The RADIUS dissector could crash. (CVE-2009-2560: CVSS v2 Base Score: 5.0 (MEDIUM))
    last seen2020-06-01
    modified2020-06-02
    plugin id42958
    published2009-12-01
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/42958
    titleSuSE 10 Security Update : ethereal (ZYPP Patch Number 6627)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The text description of this plugin is (C) Novell, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(42958);
      script_version ("1.11");
      script_cvs_date("Date: 2019/10/25 13:36:36");
    
      script_cve_id("CVE-2009-2560", "CVE-2009-3549", "CVE-2009-3550", "CVE-2009-3551");
    
      script_name(english:"SuSE 10 Security Update : ethereal (ZYPP Patch Number 6627)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 10 host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Update of wireshark to fix multiple vulnerabilities :
    
      - The Paltalk dissector could crash on alignment-sensitive
        processors. (CVE-2009-3549: CVSS v2 Base Score: 5.0
        (MEDIUM))
    
      - The DCERPC/NT dissector could crash. (CVE-2009-3550:
        CVSS v2 Base Score: 4.3 (MEDIUM))
    
      - The SMB dissector could crash. (CVE-2009-3551: CVSS v2
        Base Score: 5.0 (MEDIUM))
    
      - The RADIUS dissector could crash. (CVE-2009-2560: CVSS
        v2 Base Score: 5.0 (MEDIUM))"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-2560.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3549.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3550.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3551.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 6627.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_cwe_id(20, 189);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2009/11/03");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/12/01");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
    if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
    if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented.");
    
    
    flag = 0;
    if (rpm_check(release:"SLED10", sp:2, reference:"ethereal-0.10.14-16.40.1")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"ethereal-0.10.14-16.40.1")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"ethereal-devel-0.10.14-16.40.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else exit(0, "The host is not affected.");
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_1_WIRESHARK-091125.NASL
    descriptionVersion upgrade of wireshark fix multiple vulnerabilities : - CVE-2009-3549: CVSS v2 Base Score: 5.0 (MEDIUM) The Paltalk dissector could crash on alignment-sensitive processors. - CVE-2009-3550: CVSS v2 Base Score: 4.3 (MEDIUM) The DCERPC/NT dissector could crash. - CVE-2009-3551: CVSS v2 Base Score: 5.0 (MEDIUM) The SMB dissector could crash. - CVE-2009-2560: CVSS v2 Base Score: 5.0 (MEDIUM) The RADIUS dissector could crash. - CVE-2009-3829 CVSS v2 Base Score: 9.3 (HIGH) Fix for an integer overflow in wiretap/erf.c that allowed remote attackers to execute arbitrary code via a crafted ERF file. This does not affect SLE products.
    last seen2020-06-01
    modified2020-06-02
    plugin id42953
    published2009-12-01
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/42953
    titleopenSUSE Security Update : wireshark (wireshark-1600)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update wireshark-1600.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(42953);
      script_version("1.9");
      script_cvs_date("Date: 2019/10/25 13:36:35");
    
      script_cve_id("CVE-2009-2560", "CVE-2009-3549", "CVE-2009-3550", "CVE-2009-3551", "CVE-2009-3829");
    
      script_name(english:"openSUSE Security Update : wireshark (wireshark-1600)");
      script_summary(english:"Check for the wireshark-1600 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Version upgrade of wireshark fix multiple vulnerabilities :
    
      - CVE-2009-3549: CVSS v2 Base Score: 5.0 (MEDIUM) The
        Paltalk dissector could crash on alignment-sensitive
        processors.
    
      - CVE-2009-3550: CVSS v2 Base Score: 4.3 (MEDIUM) The
        DCERPC/NT dissector could crash.
    
      - CVE-2009-3551: CVSS v2 Base Score: 5.0 (MEDIUM) The SMB
        dissector could crash.
    
      - CVE-2009-2560: CVSS v2 Base Score: 5.0 (MEDIUM) The
        RADIUS dissector could crash.
    
      - CVE-2009-3829 CVSS v2 Base Score: 9.3 (HIGH) Fix for an
        integer overflow in wiretap/erf.c that allowed remote
        attackers to execute arbitrary code via a crafted ERF
        file. This does not affect SLE products."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=550320"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=553215"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected wireshark packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_cwe_id(20, 189);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:wireshark");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:wireshark-devel");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.1");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2009/11/25");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/12/01");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE11\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.1", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE11.1", reference:"wireshark-1.0.4-2.13.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"wireshark-devel-1.0.4-2.13.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "wireshark / wireshark-devel");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_ETHEREAL-6628.NASL
    descriptionUpdate of wireshark to fix multiple vulnerabilities : - The Paltalk dissector could crash on alignment-sensitive processors. (CVE-2009-3549: CVSS v2 Base Score: 5.0 (MEDIUM)) - The DCERPC/NT dissector could crash. (CVE-2009-3550: CVSS v2 Base Score: 4.3 (MEDIUM)) - The SMB dissector could crash. (CVE-2009-3551: CVSS v2 Base Score: 5.0 (MEDIUM)) - The RADIUS dissector could crash. (CVE-2009-2560: CVSS v2 Base Score: 5.0 (MEDIUM))
    last seen2020-06-01
    modified2020-06-02
    plugin id49845
    published2010-10-11
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/49845
    titleSuSE 10 Security Update : ethereal (ZYPP Patch Number 6628)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The text description of this plugin is (C) Novell, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(49845);
      script_version ("1.8");
      script_cvs_date("Date: 2019/10/25 13:36:36");
    
      script_cve_id("CVE-2009-2560", "CVE-2009-3549", "CVE-2009-3550", "CVE-2009-3551");
    
      script_name(english:"SuSE 10 Security Update : ethereal (ZYPP Patch Number 6628)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 10 host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Update of wireshark to fix multiple vulnerabilities :
    
      - The Paltalk dissector could crash on alignment-sensitive
        processors. (CVE-2009-3549: CVSS v2 Base Score: 5.0
        (MEDIUM))
    
      - The DCERPC/NT dissector could crash. (CVE-2009-3550:
        CVSS v2 Base Score: 4.3 (MEDIUM))
    
      - The SMB dissector could crash. (CVE-2009-3551: CVSS v2
        Base Score: 5.0 (MEDIUM))
    
      - The RADIUS dissector could crash. (CVE-2009-2560: CVSS
        v2 Base Score: 5.0 (MEDIUM))"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-2560.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3549.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3550.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3551.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 6628.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_cwe_id(20, 189);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2009/11/03");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/10/11");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
    if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
    if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented.");
    
    
    flag = 0;
    if (rpm_check(release:"SLED10", sp:3, reference:"ethereal-0.10.14-16.39.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"ethereal-0.10.14-16.39.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"ethereal-devel-0.10.14-16.39.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else exit(0, "The host is not affected.");
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_WIRESHARK-091125.NASL
    descriptionVersion upgrade of wireshark fix multiple vulnerabilities : - The Paltalk dissector could crash on alignment-sensitive processors. (CVE-2009-3549: CVSS v2 Base Score: 5.0 (MEDIUM)) - The DCERPC/NT dissector could crash. (CVE-2009-3550: CVSS v2 Base Score: 4.3 (MEDIUM)) - The SMB dissector could crash. (CVE-2009-3551: CVSS v2 Base Score: 5.0 (MEDIUM)) - The RADIUS dissector could crash. (CVE-2009-2560: CVSS v2 Base Score: 5.0 (MEDIUM)) - Fix for an integer overflow in wiretap/erf.c that allowed remote attackers to execute arbitrary code via a crafted ERF file. (CVE-2009-3829). (CVSS v2 Base Score: 9.3 (HIGH))
    last seen2020-06-01
    modified2020-06-02
    plugin id43085
    published2009-12-09
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/43085
    titleSuSE 11 Security Update : wireshark (SAT Patch Number 1606)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from SuSE 11 update information. The text itself is
    # copyright (C) Novell, Inc.
    #
    
    if (NASL_LEVEL < 3000) exit(0);
    
    include("compat.inc");
    
    if (description)
    {
      script_id(43085);
      script_version("1.11");
      script_cvs_date("Date: 2019/10/25 13:36:35");
    
      script_cve_id("CVE-2009-2560", "CVE-2009-3549", "CVE-2009-3550", "CVE-2009-3551", "CVE-2009-3829");
    
      script_name(english:"SuSE 11 Security Update : wireshark (SAT Patch Number 1606)");
      script_summary(english:"Checks rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 11 host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Version upgrade of wireshark fix multiple vulnerabilities :
    
      - The Paltalk dissector could crash on alignment-sensitive
        processors. (CVE-2009-3549: CVSS v2 Base Score: 5.0
        (MEDIUM))
    
      - The DCERPC/NT dissector could crash. (CVE-2009-3550:
        CVSS v2 Base Score: 4.3 (MEDIUM))
    
      - The SMB dissector could crash. (CVE-2009-3551: CVSS v2
        Base Score: 5.0 (MEDIUM))
    
      - The RADIUS dissector could crash. (CVE-2009-2560: CVSS
        v2 Base Score: 5.0 (MEDIUM))
    
      - Fix for an integer overflow in wiretap/erf.c that
        allowed remote attackers to execute arbitrary code via a
        crafted ERF file. (CVE-2009-3829). (CVSS v2 Base Score:
        9.3 (HIGH))"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=550320"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=553215"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-2560.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3549.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3550.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3551.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3829.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply SAT patch number 1606.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_cwe_id(20, 189);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:wireshark");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2009/11/25");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/12/09");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11");
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu);
    
    pl = get_kb_item("Host/SuSE/patchlevel");
    if (pl) audit(AUDIT_OS_NOT, "SuSE 11.0");
    
    
    flag = 0;
    if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"wireshark-1.0.5-1.31.1")) flag++;
    if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"wireshark-1.0.5-1.31.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"wireshark-1.0.5-1.31.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    

Oval

accepted2013-08-19T04:05:04.757-04:00
classvulnerability
contributors
  • namePrabhu S A
    organizationSecPod Technologies
  • nameShane Shaffer
    organizationG2, Inc.
  • nameShane Shaffer
    organizationG2, Inc.
  • nameShane Shaffer
    organizationG2, Inc.
  • nameShane Shaffer
    organizationG2, Inc.
definition_extensions
commentWireshark is installed on the system.
ovaloval:org.mitre.oval:def:6589
descriptionOff-by-one error in the dissect_negprot_response function in packet-smb.c in the SMB dissector in Wireshark 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace. NOTE: some of these details are obtained from third party information.
familywindows
idoval:org.mitre.oval:def:6049
statusaccepted
submitted2009-11-17T15:11:12
titleWireshark Off-by-one error in the dissect_negprot_response function in packet-smb.c in the SMB dissector to cause DoS Vulnerability
version12

Seebug

  • bulletinFamilyexploit
    descriptionBUGTRAQ ID: 36846 CVE(CAN) ID: CVE-2009-3551,CVE-2009-3549,CVE-2009-3550,CVE-2009-2560 Wireshark之前名为Ethereal,是一款非常流行的网络协议分析工具。 Wireshark的Paltalk、DCERPC/NT、SMB和RADIUS协议解析模块中存在拒绝服务漏洞。如果用户受骗从网络抓取了恶意的报文或读取了恶意抓包文件的话,就会导致解析模块崩溃。 1) Paltalk协议解析模块epan/dissectors/packet-paltalk.c文件中的dissect_paltalk()函数存在对齐错误,在区分对齐的架构上可能导致崩溃。 2) DCERPC/NT协议解析模块中存在空指针引用。 3) SMB协议解析模块的epan/dissectors/packet-smb.c文件中的dissect_negprot_response()函数存在单字节溢出错误,可能导致崩溃。 4) RADIUS协议解析模块中的错误可能导致崩溃。 Wireshark 0.10.10 - 1.2.2 临时解决方法: * 禁用受影响的解析模块: 1 从菜单选择Analyze→Enabled Protocols... 2 清除Paltalk、DCERPC、SMB和RADIUS 3 点击“保存”、“确定” 厂商补丁: Wireshark --------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.wireshark.org/
    idSSV:12547
    last seen2017-11-19
    modified2009-10-30
    published2009-10-30
    reporterRoot
    titleWireshark 1.2.2和1.0.9版本修复多个拒绝服务漏洞
  • bulletinFamilyexploit
    descriptionNo description provided by source.
    idSSV:14981
    last seen2017-11-19
    modified2009-11-26
    published2009-11-26
    reporterRoot
    sourcehttps://www.seebug.org/vuldb/ssvid-14981
    titleWireshark: Multiple vulnerabilities

Statements

contributorTomas Hoger
lastmodified2009-11-02
organizationRed Hat
statementNot vulnerable. This issue did not affect the versions of wireshark as shipped with Red Hat Enterprise Linux 3, 4, or 5.