General : Wireshark Security Updates (wnpa-sec-2019-06, wnpa-sec-2019-07, wnpa-sec-2019-08)

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.814867

Categoría: General

Título: Wireshark Security Updates (wnpa-sec-2019-06, wnpa-sec-2019-07, wnpa-sec-2019-08) - Mac OS X

Resumen: Wireshark is prone to multiple vulnerabilities.

Descripción: Summary:
Wireshark is prone to multiple vulnerabilities.

Vulnerability Insight:
Multiple flaws exist due to:

- NULL pointer dereferences in epan/dissectors/asn1/tcap/tcap.cnf
and pan/dissectors/packet-rpcap.c

- Buffer overflow error in epan/dissectors/packet-ber.c

Vulnerability Impact:
Successful exploitation will allow attackers
to crash Wireshark dissectors by injecting a malformed packet into the network
or by tricking a victim into opening a malicious packet trace file.

Affected Software/OS:
Wireshark versions 2.4.0 to 2.4.12 and
2.6.0 to 2.6.6.

Solution:
Update to version 2.4.13, 2.6.7 or later.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2019-9208
BugTraq ID: 107203
http://www.securityfocus.com/bid/107203
Bugtraq: 20190324 [SECURITY] [DSA 4416-1] wireshark security update (Google Search)
https://seclists.org/bugtraq/2019/Mar/35
Debian Security Information: DSA-4416 (Google Search)
https://www.debian.org/security/2019/dsa-4416
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15464
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3d1b8004ed3a07422ca5d4e4ee8097150b934fd2
https://www.oracle.com/security-alerts/cpujan2020.html
https://www.wireshark.org/security/wnpa-sec-2019-07.html
SuSE Security Announcement: openSUSE-SU-2019:1108 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00007.html
SuSE Security Announcement: openSUSE-SU-2019:1390 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00027.html
SuSE Security Announcement: openSUSE-SU-2020:0362 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html
https://usn.ubuntu.com/3986-1/
Common Vulnerability Exposure (CVE) ID: CVE-2019-9209
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15447
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=f8fbe9f934d65b2694fa74622e5eb2e1dc8cd20b
https://www.wireshark.org/security/wnpa-sec-2019-06.html
https://lists.debian.org/debian-lts-announce/2019/03/msg00031.html
Common Vulnerability Exposure (CVE) ID: CVE-2019-9214
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15536
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=c557bb0910be271e49563756411a690a1bc53ce5
https://www.wireshark.org/security/wnpa-sec-2019-08.html

Copyright Copyright (C) 2019 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.814867
Categoría:	General
Título:	Wireshark Security Updates (wnpa-sec-2019-06, wnpa-sec-2019-07, wnpa-sec-2019-08) - Mac OS X
Resumen:	Wireshark is prone to multiple vulnerabilities.
Descripción:	Summary: Wireshark is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws exist due to: - NULL pointer dereferences in epan/dissectors/asn1/tcap/tcap.cnf and pan/dissectors/packet-rpcap.c - Buffer overflow error in epan/dissectors/packet-ber.c Vulnerability Impact: Successful exploitation will allow attackers to crash Wireshark dissectors by injecting a malformed packet into the network or by tricking a victim into opening a malicious packet trace file. Affected Software/OS: Wireshark versions 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6. Solution: Update to version 2.4.13, 2.6.7 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2019-9208 BugTraq ID: 107203 http://www.securityfocus.com/bid/107203 Bugtraq: 20190324 [SECURITY] [DSA 4416-1] wireshark security update (Google Search) https://seclists.org/bugtraq/2019/Mar/35 Debian Security Information: DSA-4416 (Google Search) https://www.debian.org/security/2019/dsa-4416 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15464 https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3d1b8004ed3a07422ca5d4e4ee8097150b934fd2 https://www.oracle.com/security-alerts/cpujan2020.html https://www.wireshark.org/security/wnpa-sec-2019-07.html SuSE Security Announcement: openSUSE-SU-2019:1108 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00007.html SuSE Security Announcement: openSUSE-SU-2019:1390 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00027.html SuSE Security Announcement: openSUSE-SU-2020:0362 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html https://usn.ubuntu.com/3986-1/ Common Vulnerability Exposure (CVE) ID: CVE-2019-9209 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15447 https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=f8fbe9f934d65b2694fa74622e5eb2e1dc8cd20b https://www.wireshark.org/security/wnpa-sec-2019-06.html https://lists.debian.org/debian-lts-announce/2019/03/msg00031.html Common Vulnerability Exposure (CVE) ID: CVE-2019-9214 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15536 https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=c557bb0910be271e49563756411a690a1bc53ce5 https://www.wireshark.org/security/wnpa-sec-2019-08.html
Copyright	Copyright (C) 2019 Greenbone Networks GmbH