ID de Prueba:	1.3.6.1.4.1.25623.1.0.880945
Categoría:	CentOS Local Security Checks
Título:	CentOS Update for wireshark CESA-2009:0313 centos4 i386
Resumen:	The remote host is missing an update for the 'wireshark'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'wireshark' package(s) announced via the referenced advisory. Vulnerability Insight: Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Multiple buffer overflow flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malformed dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2008-4683, CVE-2009-0599) Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malformed dump file. (CVE-2008-4680, CVE-2008-4681, CVE-2008-4682, CVE-2008-4684, CVE-2008-4685, CVE-2008-5285, CVE-2009-0600) Users of wireshark should upgrade to these updated packages, which contain Wireshark version 1.0.6, and resolve these issues. All running instances of Wireshark must be restarted for the update to take effect. Affected Software/OS: wireshark on CentOS 4 Solution: Please install the updated packages. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-4680 BugTraq ID: 31838 http://www.securityfocus.com/bid/31838 Bugtraq: 20081211 rPSA-2008-0336-1 tshark wireshark (Google Search) http://www.securityfocus.com/archive/1/499154/100/0/threaded http://www.mandriva.com/security/advisories?name=MDVSA-2008:215 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15091 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9605 http://www.redhat.com/support/errata/RHSA-2009-0313.html http://securitytracker.com/id?1021069 http://secunia.com/advisories/32355 http://secunia.com/advisories/34144 http://www.vupen.com/english/advisories/2008/2872 Common Vulnerability Exposure (CVE) ID: CVE-2008-4681 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11194 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14853 XForce ISS Database: wireshark-bluetoothrfcomm-dos(46014) https://exchange.xforce.ibmcloud.com/vulnerabilities/46014 Common Vulnerability Exposure (CVE) ID: CVE-2008-4682 BugTraq ID: 31468 http://www.securityfocus.com/bid/31468 https://www.exploit-db.com/exploits/6622 http://shinnok.evonet.ro/vulns_html/wireshark.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10955 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14705 http://securityreason.com/securityalert/4462 XForce ISS Database: wireshark-ncfpacket-dos(45505) https://exchange.xforce.ibmcloud.com/vulnerabilities/45505 Common Vulnerability Exposure (CVE) ID: CVE-2008-4683 Debian Security Information: DSA-1673 (Google Search) http://www.debian.org/security/2008/dsa-1673 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14982 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9821 http://secunia.com/advisories/32944 Common Vulnerability Exposure (CVE) ID: CVE-2008-4684 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10223 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14767 Common Vulnerability Exposure (CVE) ID: CVE-2008-4685 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10788 Common Vulnerability Exposure (CVE) ID: CVE-2008-5285 BugTraq ID: 32422 http://www.securityfocus.com/bid/32422 Bugtraq: 20081122 [SVRT-04-08] Vulnerability in WireShark 1.0.4 for DoS Attack (Google Search) http://www.securityfocus.com/archive/1/498562/100/0/threaded http://lists.grok.org.uk/pipermail/full-disclosure/2008-November/065840.html http://www.mandriva.com/security/advisories?name=MDVSA-2008:242 http://www.openwall.com/lists/oss-security/2008/11/24/1 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11351 http://www.securitytracker.com/id?1021275 http://secunia.com/advisories/32840 http://securityreason.com/securityalert/4663 http://www.vupen.com/english/advisories/2008/3231 Common Vulnerability Exposure (CVE) ID: CVE-2009-0599 BugTraq ID: 33690 http://www.securityfocus.com/bid/33690 Bugtraq: 20090312 rPSA-2009-0040-1 tshark wireshark (Google Search) http://www.securityfocus.com/archive/1/501763/100/0/threaded https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00652.html http://osvdb.org/51815 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14732 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9677 http://www.securitytracker.com/id?1021697 http://secunia.com/advisories/33872 http://secunia.com/advisories/34264 http://secunia.com/advisories/34344 SuSE Security Announcement: SUSE-SR:2009:005 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html http://www.vupen.com/english/advisories/2009/0370 Common Vulnerability Exposure (CVE) ID: CVE-2009-0600 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10853 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15041
Copyright	Copyright (c) 2011 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.