Vulnerabilities > CVE-2011-1590 - Resource Management Errors vulnerability in Wireshark
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 does not properly initialize certain global variables, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2012-71.NASL description Several flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. last seen 2020-06-01 modified 2020-06-02 plugin id 69678 published 2013-09-04 reporter This script is Copyright (C) 2013-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/69678 title Amazon Linux AMI : wireshark (ALAS-2012-71) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Amazon Linux AMI Security Advisory ALAS-2012-71. # include("compat.inc"); if (description) { script_id(69678); script_version("1.5"); script_cvs_date("Date: 2018/04/18 15:09:34"); script_cve_id("CVE-2011-1143", "CVE-2011-1590"); script_xref(name:"ALAS", value:"2012-71"); script_xref(name:"RHSA", value:"2012:0509"); script_name(english:"Amazon Linux AMI : wireshark (ALAS-2012-71)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Amazon Linux AMI host is missing a security update." ); script_set_attribute( attribute:"description", value: "Several flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file." ); script_set_attribute( attribute:"see_also", value:"https://alas.aws.amazon.com/ALAS-2012-71.html" ); script_set_attribute( attribute:"solution", value:"Run 'yum update wireshark' to update your system." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:wireshark"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:wireshark-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:wireshark-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2012/04/30"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/09/04"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc."); script_family(english:"Amazon Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/AmazonLinux/release"); if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux"); os_ver = pregmatch(pattern: "^AL(A|\d)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux"); os_ver = os_ver[1]; if (os_ver != "A") { if (os_ver == 'A') os_ver = 'AMI'; audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver); } if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (rpm_check(release:"ALA", reference:"wireshark-1.2.15-2.10.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"wireshark-debuginfo-1.2.15-2.10.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"wireshark-devel-1.2.15-2.10.amzn1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "wireshark / wireshark-debuginfo / wireshark-devel"); }NASL family Debian Local Security Checks NASL id DEBIAN_DSA-2274.NASL description Huzaifa Sidhpurwala, David Maciejak and others discovered several vulnerabilities in the X.509if and DICOM dissectors and in the code to process various capture and dictionary files, which could lead to denial of service or the execution of arbitrary code. last seen 2020-03-17 modified 2011-07-08 plugin id 55537 published 2011-07-08 reporter This script is Copyright (C) 2011-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/55537 title Debian DSA-2274-1 : wireshark - several vulnerabilities code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-2274. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(55537); script_version("1.10"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2011-1590", "CVE-2011-1957", "CVE-2011-1958", "CVE-2011-1959", "CVE-2011-2174", "CVE-2011-2175"); script_bugtraq_id(47392, 48066); script_xref(name:"DSA", value:"2274"); script_name(english:"Debian DSA-2274-1 : wireshark - several vulnerabilities"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "Huzaifa Sidhpurwala, David Maciejak and others discovered several vulnerabilities in the X.509if and DICOM dissectors and in the code to process various capture and dictionary files, which could lead to denial of service or the execution of arbitrary code." ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/squeeze/wireshark" ); script_set_attribute( attribute:"see_also", value:"https://www.debian.org/security/2011/dsa-2274" ); script_set_attribute( attribute:"solution", value: "Upgrade the wireshark packages. For the oldstable distribution (lenny), this problem has been fixed in version 1.0.2-3+lenny14. For the stable distribution (squeeze), this problem has been fixed in version 1.2.11-6+squeeze2." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:wireshark"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:5.0"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0"); script_set_attribute(attribute:"patch_publication_date", value:"2011/07/07"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/07/08"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"5.0", prefix:"wireshark", reference:"1.0.2-3+lenny14")) flag++; if (deb_check(release:"6.0", prefix:"tshark", reference:"1.2.11-6+squeeze2")) flag++; if (deb_check(release:"6.0", prefix:"wireshark", reference:"1.2.11-6+squeeze2")) flag++; if (deb_check(release:"6.0", prefix:"wireshark-common", reference:"1.2.11-6+squeeze2")) flag++; if (deb_check(release:"6.0", prefix:"wireshark-dbg", reference:"1.2.11-6+squeeze2")) flag++; if (deb_check(release:"6.0", prefix:"wireshark-dev", reference:"1.2.11-6+squeeze2")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family SuSE Local Security Checks NASL id SUSE_11_3_WIRESHARK-110511.NASL description This wireshark update fixes : - Use of un-initialized variables (CVE-2011-1590) - Buffer overflow in DECT dissector (CVE-2011-1591) - Crash in NFS dissector on Windows (CVE-2011-1592) last seen 2020-06-01 modified 2020-06-02 plugin id 75773 published 2014-06-13 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/75773 title openSUSE Security Update : wireshark (openSUSE-SU-2011:0602-1) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update wireshark-4538. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(75773); script_version("1.9"); script_cvs_date("Date: 2019/10/25 13:36:41"); script_cve_id("CVE-2011-1590", "CVE-2011-1591", "CVE-2011-1592"); script_name(english:"openSUSE Security Update : wireshark (openSUSE-SU-2011:0602-1)"); script_summary(english:"Check for the wireshark-4538 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This wireshark update fixes : - Use of un-initialized variables (CVE-2011-1590) - Buffer overflow in DECT dissector (CVE-2011-1591) - Crash in NFS dissector on Windows (CVE-2011-1592)" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=688109" ); script_set_attribute( attribute:"see_also", value:"https://lists.opensuse.org/opensuse-updates/2011-06/msg00013.html" ); script_set_attribute( attribute:"solution", value:"Update the affected wireshark packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Wireshark packet-dect.c Stack Buffer Overflow'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:wireshark"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:wireshark-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.3"); script_set_attribute(attribute:"patch_publication_date", value:"2011/05/11"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.3", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.3", reference:"wireshark-1.4.4-0.4.1") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"wireshark-devel-1.4.4-0.4.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "wireshark / wireshark-devel"); }NASL family SuSE Local Security Checks NASL id SUSE_11_4_WIRESHARK-110511.NASL description This wireshark update fixes : - Use of un-initialized variables (CVE-2011-1590) - Buffer overflow in DECT dissector (CVE-2011-1591) - Crash in NFS dissector on Windows (CVE-2011-1592) last seen 2020-06-01 modified 2020-06-02 plugin id 76044 published 2014-06-13 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/76044 title openSUSE Security Update : wireshark (openSUSE-SU-2011:0599-1) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update wireshark-4539. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(76044); script_version("1.9"); script_cvs_date("Date: 2019/10/25 13:36:42"); script_cve_id("CVE-2011-1590", "CVE-2011-1591", "CVE-2011-1592"); script_name(english:"openSUSE Security Update : wireshark (openSUSE-SU-2011:0599-1)"); script_summary(english:"Check for the wireshark-4539 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This wireshark update fixes : - Use of un-initialized variables (CVE-2011-1590) - Buffer overflow in DECT dissector (CVE-2011-1591) - Crash in NFS dissector on Windows (CVE-2011-1592)" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=685023" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=688109" ); script_set_attribute( attribute:"see_also", value:"https://lists.opensuse.org/opensuse-updates/2011-06/msg00010.html" ); script_set_attribute( attribute:"solution", value:"Update the affected wireshark packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Wireshark packet-dect.c Stack Buffer Overflow'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:wireshark"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:wireshark-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:wireshark-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:wireshark-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.4"); script_set_attribute(attribute:"patch_publication_date", value:"2011/05/11"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.4)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.4", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.4", reference:"wireshark-1.4.4-0.5.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"wireshark-debuginfo-1.4.4-0.5.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"wireshark-debugsource-1.4.4-0.5.1") ) flag++; if ( rpm_check(release:"SUSE11.4", reference:"wireshark-devel-1.4.4-0.5.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "wireshark / wireshark-devel / wireshark-debuginfo / etc"); }NASL family Fedora Local Security Checks NASL id FEDORA_2011-5529.NASL description Upgrade to latest release, fixing few security bugs. See http://www.wireshark.org/docs/relnotes/wireshark-1.2.16.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 53561 published 2011-04-27 reporter This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/53561 title Fedora 13 : wireshark-1.2.16-1.fc13 (2011-5529) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2011-5529. # include("compat.inc"); if (description) { script_id(53561); script_version("1.21"); script_cvs_date("Date: 2019/08/02 13:32:35"); script_cve_id("CVE-2011-1590", "CVE-2011-1591"); script_xref(name:"FEDORA", value:"2011-5529"); script_name(english:"Fedora 13 : wireshark-1.2.16-1.fc13 (2011-5529)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "Upgrade to latest release, fixing few security bugs. See http://www.wireshark.org/docs/relnotes/wireshark-1.2.16.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); # http://www.wireshark.org/docs/relnotes/wireshark-1.2.16.html script_set_attribute( attribute:"see_also", value:"https://www.wireshark.org/docs/relnotes/wireshark-1.2.16.html" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=697741" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=697746" ); # https://lists.fedoraproject.org/pipermail/package-announce/2011-April/058993.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?50cfff51" ); script_set_attribute( attribute:"solution", value:"Update the affected wireshark package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Wireshark packet-dect.c Stack Buffer Overflow'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:wireshark"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:13"); script_set_attribute(attribute:"patch_publication_date", value:"2011/04/18"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/04/27"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^13([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 13.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC13", reference:"wireshark-1.2.16-1.fc13")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "wireshark"); }NASL family SuSE Local Security Checks NASL id SUSE_WIRESHARK-7501.NASL description This update to wireshark version 1.4.5 fixes the following security issues : - Resource Management Errors. (CWE-399, CVE-2011-1590) - Buffer Errors. (CWE-119, CVE-2011-1591) - Numeric Errors (CWE-189, CVE-2011-1592) last seen 2020-06-01 modified 2020-06-02 plugin id 54995 published 2011-06-08 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/54995 title SuSE 10 Security Update : wireshark (ZYPP Patch Number 7501) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The text description of this plugin is (C) Novell, Inc. # include("compat.inc"); if (description) { script_id(54995); script_version ("1.16"); script_cvs_date("Date: 2019/10/25 13:36:44"); script_cve_id("CVE-2011-1590", "CVE-2011-1591", "CVE-2011-1592"); script_name(english:"SuSE 10 Security Update : wireshark (ZYPP Patch Number 7501)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 10 host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "This update to wireshark version 1.4.5 fixes the following security issues : - Resource Management Errors. (CWE-399, CVE-2011-1590) - Buffer Errors. (CWE-119, CVE-2011-1591) - Numeric Errors (CWE-189, CVE-2011-1592)" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-1590.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-1591.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-1592.html" ); script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 7501."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Wireshark packet-dect.c Stack Buffer Overflow'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_cwe_id(119, 189, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2011/05/03"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/06/08"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled."); if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE."); if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages."); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) exit(1, "Failed to determine the architecture type."); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented."); flag = 0; if (rpm_check(release:"SLES10", sp:3, reference:"wireshark-1.4.4-0.39.1")) flag++; if (rpm_check(release:"SLES10", sp:3, reference:"wireshark-devel-1.4.4-0.39.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else exit(0, "The host is not affected.");NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2012-0509.NASL description Updated wireshark packages that fix several security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Several flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2011-1590, CVE-2011-4102, CVE-2012-1595) Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2011-1143, CVE-2011-1957, CVE-2011-1958, CVE-2011-1959, CVE-2011-2174, CVE-2011-2175, CVE-2011-2597, CVE-2011-2698, CVE-2012-0041, CVE-2012-0042, CVE-2012-0067, CVE-2012-0066) Users of Wireshark should upgrade to these updated packages, which contain backported patches to correct these issues. All running instances of Wireshark must be restarted for the update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 58849 published 2012-04-25 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/58849 title CentOS 6 : wireshark (CESA-2012:0509) NASL family Fedora Local Security Checks NASL id FEDORA_2011-5569.NASL description Upgrade to latest release, fixing few security bugs. See http://www.wireshark.org/docs/relnotes/wireshark-1.4.5.html and http://www.wireshark.org/docs/relnotes/wireshark-1.4.6.html Upgrade to latest release, fixing few security bugs. See http://www.wireshark.org/docs/relnotes/wireshark-1.4.5.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 53562 published 2011-04-27 reporter This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/53562 title Fedora 14 : wireshark-1.4.6-1.fc14 (2011-5569) NASL family Fedora Local Security Checks NASL id FEDORA_2011-5621.NASL description Upgrade to latest release, fixing few security bugs. See http://www.wireshark.org/docs/relnotes/wireshark-1.4.5.html and http://www.wireshark.org/docs/relnotes/wireshark-1.4.6.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 53563 published 2011-04-27 reporter This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/53563 title Fedora 15 : wireshark-1.4.6-1.fc15 (2011-5621) NASL family Scientific Linux Local Security Checks NASL id SL_20120423_WIRESHARK_ON_SL6_X.NASL description Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Several flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2011-1590, CVE-2011-4102, CVE-2012-1595) Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2011-1143, CVE-2011-1957, CVE-2011-1958, CVE-2011-1959, CVE-2011-2174, CVE-2011-2175, CVE-2011-2597, CVE-2011-2698, CVE-2012-0041, CVE-2012-0042, CVE-2012-0067, CVE-2012-0066) Users of Wireshark should upgrade to these updated packages, which contain backported patches to correct these issues. All running instances of Wireshark must be restarted for the update to take effect. last seen 2020-03-18 modified 2012-08-01 plugin id 61303 published 2012-08-01 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/61303 title Scientific Linux Security Update : wireshark on SL6.x i386/x86_64 (20120423) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2012-0509.NASL description Updated wireshark packages that fix several security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Several flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2011-1590, CVE-2011-4102, CVE-2012-1595) Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2011-1143, CVE-2011-1957, CVE-2011-1958, CVE-2011-1959, CVE-2011-2174, CVE-2011-2175, CVE-2011-2597, CVE-2011-2698, CVE-2012-0041, CVE-2012-0042, CVE-2012-0067, CVE-2012-0066) Users of Wireshark should upgrade to these updated packages, which contain backported patches to correct these issues. All running instances of Wireshark must be restarted for the update to take effect. last seen 2020-04-16 modified 2012-04-24 plugin id 58841 published 2012-04-24 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/58841 title RHEL 6 : wireshark (RHSA-2012:0509) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201110-02.NASL description The remote host is affected by the vulnerability described in GLSA-201110-02 (Wireshark: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Wireshark. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could send specially crafted packets on a network being monitored by Wireshark, entice a user to open a malformed packet trace file using Wireshark, or deploy a specially crafted Lua script for use by Wireshark, possibly resulting in the execution of arbitrary code, or a Denial of Service condition. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 56426 published 2011-10-10 reporter This script is Copyright (C) 2011-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/56426 title GLSA-201110-02 : Wireshark: Multiple vulnerabilities NASL family SuSE Local Security Checks NASL id SUSE_11_WIRESHARK-110503.NASL description This update to wireshark version 1.4.5 fixes the following security issues : - Resource Management Errors. (CWE-399, CVE-2011-1590) - Buffer Errors. (CWE-119, CVE-2011-1591) - Numeric Errors (CWE-189, CVE-2011-1592) last seen 2020-06-01 modified 2020-06-02 plugin id 54994 published 2011-06-08 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/54994 title SuSE 11.1 Security Update : wireshark (SAT Patch Number 4476) NASL family SuSE Local Security Checks NASL id SUSE_WIRESHARK-7500.NASL description This update to wireshark version 1.4.5 fixes the following security issues : - Resource Management Errors. (CWE-399, CVE-2011-1590) - Buffer Errors. (CWE-119, CVE-2011-1591) - Numeric Errors (CWE-189, CVE-2011-1592) last seen 2020-06-01 modified 2020-06-02 plugin id 57262 published 2011-12-13 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/57262 title SuSE 10 Security Update : wireshark (ZYPP Patch Number 7500) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2011-083.NASL description This advisory updates wireshark to the latest version (1.2.16), fixing several security issues : The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 does not properly initialize certain global variables, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file (CVE-2011-1590). Stack-based buffer overflow in the DECT dissector in epan/dissectors/packet-dect.c in Wireshark 1.4.x before 1.4.5 allows remote attackers to execute arbitrary code via a crafted .pcap file (CVE-2011-1591). The NFS dissector in epan/dissectors/packet-nfs.c in Wireshark 1.4.x before 1.4.5 on Windows uses an incorrect integer data type during decoding of SETCLIENTID calls, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file (CVE-2011-1592). The updated packages have been upgraded to the latest 1.2.x version (1.2.16) which is not vulnerable to these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 53882 published 2011-05-13 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/53882 title Mandriva Linux Security Advisory : wireshark (MDVSA-2011:083) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2012-0509.NASL description From Red Hat Security Advisory 2012:0509 : Updated wireshark packages that fix several security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Several flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2011-1590, CVE-2011-4102, CVE-2012-1595) Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2011-1143, CVE-2011-1957, CVE-2011-1958, CVE-2011-1959, CVE-2011-2174, CVE-2011-2175, CVE-2011-2597, CVE-2011-2698, CVE-2012-0041, CVE-2012-0042, CVE-2012-0067, CVE-2012-0066) Users of Wireshark should upgrade to these updated packages, which contain backported patches to correct these issues. All running instances of Wireshark must be restarted for the update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 68516 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68516 title Oracle Linux 6 : wireshark (ELSA-2012-0509) NASL family SuSE Local Security Checks NASL id SUSE9_12708.NASL description This ethereal update fixes the use of uninitialized variables. (CVE-2011-1590) last seen 2020-06-01 modified 2020-06-02 plugin id 54993 published 2011-06-08 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/54993 title SuSE9 Security Update : ethereal (YOU Patch Number 12708) NASL family Windows NASL id WIRESHARK_1_4_5.NASL description The installed version of Wireshark is 1.2.x less than 1.2.16 or 1.4.x less than 1.4.5. Such versions are affected by the following vulnerabilities : - A data type mismatch error exists in the function last seen 2020-06-01 modified 2020-06-02 plugin id 53473 published 2011-04-18 reporter This script is Copyright (C) 2011-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/53473 title Wireshark < 1.2.16 / 1.4.5 Multiple Vulnerabilities
Oval
| accepted | 2013-08-19T04:00:55.593-04:00 | ||||||||||||
| class | vulnerability | ||||||||||||
| contributors |
| ||||||||||||
| definition_extensions |
| ||||||||||||
| description | The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 does not properly initialize certain global variables, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file. | ||||||||||||
| family | windows | ||||||||||||
| id | oval:org.mitre.oval:def:15050 | ||||||||||||
| status | accepted | ||||||||||||
| submitted | 2012-02-27T15:34:33.178-04:00 | ||||||||||||
| title | Vulnerability in X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 | ||||||||||||
| version | 8 |
Redhat
| rpms |
|
References
- http://www.wireshark.org/security/wnpa-sec-2011-05.html
- http://openwall.com/lists/oss-security/2011/04/18/8
- http://www.wireshark.org/security/wnpa-sec-2011-06.html
- http://www.vupen.com/english/advisories/2011/1022
- http://secunia.com/advisories/44172
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5754
- http://openwall.com/lists/oss-security/2011/04/18/2
- http://securitytracker.com/id?1025388
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5793
- http://anonsvn.wireshark.org/viewvc?revision=36608&view=revision
- http://www.osvdb.org/71846
- http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058983.html
- http://secunia.com/advisories/44374
- http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058900.html
- http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058993.html
- http://www.vupen.com/english/advisories/2011/1106
- http://secunia.com/advisories/45149
- http://secunia.com/advisories/44822
- https://hermes.opensuse.org/messages/8701428
- http://www.debian.org/security/2011/dsa-2274
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:083
- http://secunia.com/advisories/48947
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15050