Vulnerabilities > CVE-2012-1596 - Resource Management Errors vulnerability in Wireshark

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
wireshark
CWE-399
nessus

Summary

The mp2t_process_fragmented_payload function in epan/dissectors/packet-mp2t.c in the MP2T dissector in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (application crash) via a packet containing an invalid pointer value that triggers an incorrect memory-allocation attempt.

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2012-042.NASL
    descriptionMultiple vulnerabilities was found and corrected in Wireshark : - The ANSI A dissector could dereference a NULL pointer and crash. - The IEEE 802.11 dissector could go into an infinite loop. - The pcap and pcap-ng file parsers could crash trying to read ERF data. - The MP2T dissector could try to allocate too much memory and crash. This advisory provides the latest version of Wireshark (1.6.6) which is not vulnerable to these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id61947
    published2012-09-06
    reporterThis script is Copyright (C) 2012-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/61947
    titleMandriva Linux Security Advisory : wireshark (MDVSA-2012:042)
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Mandriva Linux Security Advisory MDVSA-2012:042. 
    # The text itself is copyright (C) Mandriva S.A.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(61947);
      script_version("1.10");
      script_cvs_date("Date: 2019/08/02 13:32:54");
    
      script_cve_id(
        "CVE-2012-1593",
        "CVE-2012-1594",
        "CVE-2012-1595",
        "CVE-2012-1596"
      );
      script_bugtraq_id(
        52735,
        52736,
        52737,
        52738
      );
      script_xref(name:"MDVSA", value:"2012:042");
    
      script_name(english:"Mandriva Linux Security Advisory : wireshark (MDVSA-2012:042)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Mandriva Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Multiple vulnerabilities was found and corrected in Wireshark :
    
      - The ANSI A dissector could dereference a NULL pointer
        and crash.
    
        - The IEEE 802.11 dissector could go into an infinite
          loop.
    
        - The pcap and pcap-ng file parsers could crash trying
          to read ERF data.
    
      - The MP2T dissector could try to allocate too much memory
        and crash.
    
    This advisory provides the latest version of Wireshark (1.6.6) which
    is not vulnerable to these issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.wireshark.org/security/wnpa-sec-2012-04.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.wireshark.org/security/wnpa-sec-2012-05.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.wireshark.org/security/wnpa-sec-2012-06.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.wireshark.org/security/wnpa-sec-2012-07.html"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:dumpcap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64wireshark-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64wireshark1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libwireshark-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libwireshark1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:rawshark");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:tshark");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:wireshark");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:wireshark-tools");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2011");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2012/03/27");
      script_set_attribute(attribute:"patch_publication_date", value:"2012/03/28");
      script_set_attribute(attribute:"plugin_publication_date", value:"2012/09/06");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2012-2019 Tenable Network Security, Inc.");
      script_family(english:"Mandriva Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
    if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"MDK2011", reference:"dumpcap-1.6.6-0.1-mdv2011.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2011", cpu:"x86_64", reference:"lib64wireshark-devel-1.6.6-0.1-mdv2011.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2011", cpu:"x86_64", reference:"lib64wireshark1-1.6.6-0.1-mdv2011.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2011", cpu:"i386", reference:"libwireshark-devel-1.6.6-0.1-mdv2011.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2011", cpu:"i386", reference:"libwireshark1-1.6.6-0.1-mdv2011.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2011", reference:"rawshark-1.6.6-0.1-mdv2011.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2011", reference:"tshark-1.6.6-0.1-mdv2011.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2011", reference:"wireshark-1.6.6-0.1-mdv2011.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2011", reference:"wireshark-tools-1.6.6-0.1-mdv2011.0", yank:"mdv")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyWindows
    NASL idWIRESHARK_1_4_12.NASL
    descriptionThe installed version of Wireshark is 1.4.x before 1.4.12. This version is affected by the following vulnerabilities : - An error exists in the pcap and pcap-ng parsers that can allow them to crash when reading
    last seen2020-06-01
    modified2020-06-02
    plugin id58517
    published2012-03-28
    reporterThis script is Copyright (C) 2012-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/58517
    titleWireshark 1.4.x < 1.4.12 Multiple Denial of Service Vulnerabilities
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(58517);
      script_version("1.11");
      script_cvs_date("Date: 2018/11/15 20:50:29");
    
      script_cve_id("CVE-2012-1593", "CVE-2012-1594", "CVE-2012-1595", "CVE-2012-1596");
      script_bugtraq_id(52735, 52736, 52737, 52738);
      script_xref(name:"EDB-ID", value:"18758");
    
      script_name(english:"Wireshark 1.4.x < 1.4.12 Multiple Denial of Service Vulnerabilities");
      script_summary(english:"Does a version check");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote Windows host contains an application that is affected by
    multiple denial of service vulnerabilities.");
      script_set_attribute(attribute:"description", value:
    "The installed version of Wireshark is 1.4.x before 1.4.12.  This
    version is affected by the following vulnerabilities :
    
     - An error exists in the pcap and pcap-ng parsers that
       can allow them to crash when reading 'ERF' data.
       (Issue 6804)
    
     - An error exists in the 'ANSI A' dissector that can allow
       it to crash after dereferencing a NULL pointer.
       (Issue 6823)
    
     - An error exists in the 'MP2T' dissector that can allow
       it to allocate too much memory thus, resulting in
       crashes. (Issue 6833)");
      script_set_attribute(attribute:"see_also", value:"https://www.wireshark.org/security/wnpa-sec-2012-04.html");
      script_set_attribute(attribute:"see_also", value:"https://www.wireshark.org/security/wnpa-sec-2012-06.html");
      script_set_attribute(attribute:"see_also", value:"https://www.wireshark.org/security/wnpa-sec-2012-07.html");
      script_set_attribute(attribute:"see_also", value:"https://www.wireshark.org/docs/relnotes/wireshark-1.4.12.html");
      script_set_attribute(attribute:"solution", value:"Upgrade to Wireshark version 1.4.12 or later.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2012/03/27");
      script_set_attribute(attribute:"patch_publication_date", value:"2012/03/27");
      script_set_attribute(attribute:"plugin_publication_date", value:"2012/03/28");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:wireshark:wireshark");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Windows");
    
      script_copyright(english:"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.");
    
      script_dependencies("wireshark_installed.nasl");
      script_require_keys("SMB/Wireshark/Installed");
    
      exit(0);
    }
    
    include("global_settings.inc");
    include("misc_func.inc");
    
    # Check each install.
    installs = get_kb_list_or_exit("SMB/Wireshark/*");
    
    info  = '';
    info2 = '';
    
    foreach install(keys(installs))
    {
      if ("/Installed" >< install) continue;
    
      version = install - "SMB/Wireshark/";
    
      if (version =~ "^1\.4($|\.([0-9]|1[01]))($|[^0-9])")
        info +=
          '\n  Path              : ' + installs[install] +
          '\n  Installed version : ' + version +
          '\n  Fixed version     : 1.4.12\n';
      else
        info2 += 'Version ' + version + ', under ' + installs[install] + ' ';
    }
    
    # Remove trailing space on info2
    if (strlen(info2) > 1)
      info2 = substr(info2, 0, strlen(info2) -2);
    
    # Report if any were found to be vulnerable.
    if (info)
    {
      if (report_verbosity > 0)
      {
        if (max_index(split(info)) > 4) s = "s of Wireshark are";
        else s = " of Wireshark is";
    
        report =
          '\n' +
          'The following vulnerable instance' + s + ' installed :\n' +
          '\n' + info;
        security_warning(port:get_kb_item("SMB/transport"), extra:report);
      }
      else security_warning(get_kb_item("SMB/transport"));
      exit(0);
    }
    if (info2) exit(0, "The following installed instance(s) of Wireshark are not affected : " + info2 + ".");
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2012-5256.NASL
    descriptionThe following vulnerabilities have been fixed. wnpa-sec-2012-04: The ANSI A dissector could dereference a NULL pointer and crash. (Bug 6823) wnpa-sec-2012-06: The pcap and pcap-ng file parsers could crash trying to read ERF data. (Bug 6804) wnpa-sec-2012-07: The MP2T dissector could try to allocate too much memory and crash. (Bug 6833) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2012-04-19
    plugin id58783
    published2012-04-19
    reporterThis script is Copyright (C) 2012-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/58783
    titleFedora 15 : wireshark-1.4.12-1.fc15 (2012-5256)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory 2012-5256.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(58783);
      script_version("1.9");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12");
    
      script_cve_id("CVE-2012-1593", "CVE-2012-1595", "CVE-2012-1596");
      script_bugtraq_id(52736, 52737);
      script_xref(name:"FEDORA", value:"2012-5256");
    
      script_name(english:"Fedora 15 : wireshark-1.4.12-1.fc15 (2012-5256)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The following vulnerabilities have been fixed. wnpa-sec-2012-04: The
    ANSI A dissector could dereference a NULL pointer and crash. (Bug
    6823)
    
    wnpa-sec-2012-06: The pcap and pcap-ng file parsers could crash trying
    to read ERF data. (Bug 6804)
    
    wnpa-sec-2012-07: The MP2T dissector could try to allocate too much
    memory and crash. (Bug 6833)
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=807644"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=807661"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2012-April/078769.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?a5b1072c"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected wireshark package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:wireshark");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:15");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2012/04/02");
      script_set_attribute(attribute:"plugin_publication_date", value:"2012/04/19");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2012-2020 Tenable Network Security, Inc.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! ereg(pattern:"^15([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 15.x", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    flag = 0;
    if (rpm_check(release:"FC15", reference:"wireshark-1.4.12-1.fc15")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "wireshark");
    }
    
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS11_WIRESHARK_20120626.NASL
    descriptionThe remote Solaris system is missing necessary patches to address security updates : - epan/dissectors/packet-ansi_a.c in the ANSI A dissector in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed packet. (CVE-2012-1593) - epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. (CVE-2012-1594) - The pcap_process_pseudo_header function in wiretap/pcap-common.c in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (application crash) via a WTAP_ENCAP_ERF file containing an Extension or Multi-Channel header with an invalid pseudoheader size, related to the pcap and pcap-ng file parsers. (CVE-2012-1595) - The mp2t_process_fragmented_payload function in epan/dissectors/packet-mp2t.c in the MP2T dissector in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (application crash) via a packet containing an invalid pointer value that triggers an incorrect memory-allocation attempt. (CVE-2012-1596)
    last seen2020-06-01
    modified2020-06-02
    plugin id80802
    published2015-01-19
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/80802
    titleOracle Solaris Third-Party Patch Update : wireshark (multiple_vulnerabilities_in_wireshark)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from the Oracle Third Party software advisories.
    #
    include("compat.inc");
    
    if (description)
    {
      script_id(80802);
      script_version("1.2");
      script_cvs_date("Date: 2018/11/15 20:50:24");
    
      script_cve_id("CVE-2012-1593", "CVE-2012-1594", "CVE-2012-1595", "CVE-2012-1596");
    
      script_name(english:"Oracle Solaris Third-Party Patch Update : wireshark (multiple_vulnerabilities_in_wireshark)");
      script_summary(english:"Check for the 'entire' version.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Solaris system is missing a security patch for third-party
    software."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote Solaris system is missing necessary patches to address
    security updates :
    
      - epan/dissectors/packet-ansi_a.c in the ANSI A dissector
        in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6
        allows remote attackers to cause a denial of service
        (NULL pointer dereference and application crash) via a
        malformed packet. (CVE-2012-1593)
    
      - epan/dissectors/packet-ieee80211.c in the IEEE 802.11
        dissector in Wireshark 1.6.x before 1.6.6 allows remote
        attackers to cause a denial of service (infinite loop)
        via a crafted packet. (CVE-2012-1594)
    
      - The pcap_process_pseudo_header function in
        wiretap/pcap-common.c in Wireshark 1.4.x before 1.4.12
        and 1.6.x before 1.6.6 allows remote attackers to cause
        a denial of service (application crash) via a
        WTAP_ENCAP_ERF file containing an Extension or
        Multi-Channel header with an invalid pseudoheader size,
        related to the pcap and pcap-ng file parsers.
        (CVE-2012-1595)
    
      - The mp2t_process_fragmented_payload function in
        epan/dissectors/packet-mp2t.c in the MP2T dissector in
        Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6
        allows remote attackers to cause a denial of service
        (application crash) via a packet containing an invalid
        pointer value that triggers an incorrect
        memory-allocation attempt. (CVE-2012-1596)"
      );
      # https://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?4a913f44"
      );
      # https://blogs.oracle.com/sunsecurity/multiple-vulnerabilities-in-wireshark
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?6ccbc2d4"
      );
      script_set_attribute(attribute:"solution", value:"Upgrade to Solaris 11/11 SRU 8.5.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:solaris:11.0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:solaris:wireshark");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2012/06/26");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/01/19");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.");
      script_family(english:"Solaris Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Solaris11/release", "Host/Solaris11/pkg-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("solaris.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/Solaris11/release");
    if (isnull(release)) audit(AUDIT_OS_NOT, "Solaris11");
    pkg_list = solaris_pkg_list_leaves();
    if (isnull (pkg_list)) audit(AUDIT_PACKAGE_LIST_MISSING, "Solaris pkg-list packages");
    
    if (empty_or_null(egrep(string:pkg_list, pattern:"^wireshark$"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, "wireshark");
    
    flag = 0;
    
    if (solaris_check_release(release:"0.5.11-0.175.0.8.0.5.0", sru:"SRU 8.5") > 0) flag++;
    
    if (flag)
    {
      error_extra = 'Affected package : wireshark\n' + solaris_get_report2();
      error_extra = ereg_replace(pattern:"version", replace:"OS version", string:error_extra);
      if (report_verbosity > 0) security_warning(port:0, extra:error_extra);
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_PACKAGE_NOT_AFFECTED, "wireshark");
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2012-5243.NASL
    descriptionThe following vulnerabilities have been fixed. wnpa-sec-2012-04: The ANSI A dissector could dereference a NULL pointer and crash. (Bug 6823) wnpa-sec-2012-06: The pcap and pcap-ng file parsers could crash trying to read ERF data. (Bug 6804) wnpa-sec-2012-07: The MP2T dissector could try to allocate too much memory and crash. (Bug 6833) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2012-04-19
    plugin id58782
    published2012-04-19
    reporterThis script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/58782
    titleFedora 16 : wireshark-1.6.6-1.fc16 (2012-5243)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_WIRESHARK-8085.NASL
    descriptionThis version upgrade of wireshark fixes the following security vulnerabilities : - The ANSI A dissector could dereference a NULL pointer and crash. (CVE-2012-1593) - The pcap and pcap-ng file parsers could crash trying to read ERF data. (CVE-2012-1595) - The MP2T dissector could try to allocate too much memory and crash. (CVE-2012-1596) Additionally, various other non-security bugs have been fixed.
    last seen2020-06-05
    modified2012-05-01
    plugin id58945
    published2012-05-01
    reporterThis script is Copyright (C) 2012-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/58945
    titleSuSE 10 Security Update : wireshark (ZYPP Patch Number 8085)
  • NASL familyWindows
    NASL idWIRESHARK_1_6_6.NASL
    descriptionThe installed version of Wireshark is 1.6.x before 1.6.6. This version is affected by the following vulnerabilities : - An error exists in the pcap and pcap-ng parsers that can allow them to crash when reading
    last seen2020-06-01
    modified2020-06-02
    plugin id58518
    published2012-03-28
    reporterThis script is Copyright (C) 2012-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/58518
    titleWireshark 1.6.x < 1.6.6 Multiple Denial of Service Vulnerabilities
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_WIRESHARK-120417.NASL
    descriptionThis version upgrade of wireshark fixes the following security vulnerabilities : - The ANSI A dissector could dereference a NULL pointer and crash. (CVE-2012-1593) - The pcap and pcap-ng file parsers could crash trying to read ERF data. (CVE-2012-1595) - The MP2T dissector could try to allocate too much memory and crash. (CVE-2012-1596) Additionally, various other non-security bugs have been fixed.
    last seen2020-06-05
    modified2012-05-01
    plugin id58944
    published2012-05-01
    reporterThis script is Copyright (C) 2012-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/58944
    titleSuSE 11.1 Security Update : wireshark (SAT Patch Number 6170)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2012-248.NASL
    descriptionChanges in wireshark : - update to 1.4.12 - fix bnc#754474, bnc#754476, bnc#754477(fixed upstream) - Security fixes : - wnpa-sec-2012-04 The ANSI A dissector could dereference a NULL pointer and crash. (Bug 6823) - wnpa-sec-2012-06 The pcap and pcap-ng file parsers could crash trying to read ERF data. (Bug 6804) - wnpa-sec-2012-07 The MP2T dissector could try to allocate too much memory and crash. (Bug 6804) - The Windows installers now include GnuTLS 1.12.18, which fixes several vulnerabilities. - Bug fixes : - Some PGM options are not parsed correctly. (Bug 5687) - dumpcap crashes when capturing from pipe to a pcap-ng file (e.g., when passing data from CACE Pilot to Wireshark). (Bug 5939) - No error for UDP/IPv6 packet with zero checksum. (Bug 6232) - packetBB dissector bug: More than 1000000 items in the tree -- possible infinite loop. (Bug 6687) - Ethernet traces in K12 text format sometimes give bogus
    last seen2020-06-05
    modified2014-06-13
    plugin id74610
    published2014-06-13
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/74610
    titleopenSUSE Security Update : wireshark (openSUSE-SU-2012:0558-1)

Oval

accepted2013-08-19T04:01:03.464-04:00
classvulnerability
contributors
  • nameShane Shaffer
    organizationG2, Inc.
  • nameShane Shaffer
    organizationG2, Inc.
definition_extensions
commentWireshark is installed on the system.
ovaloval:org.mitre.oval:def:6589
descriptionThe mp2t_process_fragmented_payload function in epan/dissectors/packet-mp2t.c in the MP2T dissector in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (application crash) via a packet containing an invalid pointer value that triggers an incorrect memory-allocation attempt.
familywindows
idoval:org.mitre.oval:def:15194
statusaccepted
submitted2012-04-12T08:48:06.747-04:00
titleMP2T dissector vulnerability in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6
version7