scip AG

NASLDB: FreeBSD : Wireshark -- Multiple vulnerabilities (4cdfe875-e8d6-11e1-bea0-002354ed89bc)

General

ID: 61588
Name: FreeBSD : Wireshark — Multiple vulnerabilities (4cdfe875-e8d6-11e1-bea0-002354ed89bc)

Summary: Checks for updated packages in pkg_info output

Credits: Tenable Network Security, Inc.

Classification

Risk: –

CVSS: –
CVSS Base Vector: CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C
CVSS Temporal Vector: –

Port: 0
Family: FreeBSD Local Security Checks
Type: Local

Description

Wireshark reports :

It may be possible to make Wireshark crash by injecting a malformed
packet onto the wire or by convincing someone to read a malformed
packet trace file.

It may be possible to make Wireshark consume excessive CPU resources
by injecting a malformed packet onto the wire or by convincing someone
to read a malformed packet trace file.

The PPP dissector could crash.

The NFS dissector could use excessive amounts of CPU.

The DCP ETSI dissector could trigger a zero division.

The MongoDB dissector could go into a large loop.

The XTP dissector could go into an infinite loop.

The ERF dissector could overflow a buffer.

The AFP dissector could go into a large loop.

The RTPS2 dissector could overflow a buffer.

The GSM RLC MAC dissector could overflow a buffer.

The CIP dissector could exhaust system memory.

The STUN dissector could crash.

The EtherCAT Mailbox dissector could abort.

The CTDB dissector could go into a large loop.

The pcap-ng file parser could trigger a zero division.

The Ixia IxVeriWave file parser could overflow a buffer.

Exploiting

Exploit Available: –
Exploitability Ease: –

Sources

CVE: CVE-2012-4048
OSVDB: –
Bugtraq: –
scipID: –

Timeline

Vulnerability Disclosure: 2012/07/22
Patch Release: 2012/08/18
Plugin Release: 2012/08/20

Plugin

Version: 1.3
Filename: freebsd_pkg_4cdfe875e8d611e1bea0002354ed89bc.nasl
Filesize: 7394 bytes
MD5 Hash: d5786b50cc2b86873469e752a689062e

Identification: Host/local_checks_enabled
Require Keys: Host/local_checks_enabled", "Host/FreeBSD/release", "Host/FreeBSD/pkg_info
Dependencies: "ssh_get_info.nasl"

Copyright: This script is© 2012 Tenable Network Security, Inc.

Letzte Plugins

• Letzte Plugins
  • USN-1611-1 : thunderbird vulnerabilities
  • USN-1610-1 : linux vulnerability
  • USN-1609-1 : linux-ti-omap4 vulnerability
  • SuSE 10 Security Update : PostgreSQL
  • RHSA-2012-1364: bind97
  • RHSA-2012-1363: bind
  • RHSA-2012-1362: thunderbird
  • RHSA-2012-1361: xulrunner
  • Mandriva Linux Security Advisory : graphicsmagick
  • FreeBSD : phpMyAdmin — Multiple XSS due to unescaped HTML output in Trigger, Procedure and Event pages and Fetching the version information from a non-SSL site is vulnerable to a MITM attack

• Archiv
• scip VulDB
• Syndication
  • RSS
  • Twitter