Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.892547
Category:Debian Local Security Checks
Title:Debian LTS: Security Advisory for wireshark (DLA-2547-1)
Summary:The remote host is missing an update for the 'wireshark'; package(s) announced via the DLA-2547-1 advisory.
Description:Summary:
The remote host is missing an update for the 'wireshark'
package(s) announced via the DLA-2547-1 advisory.

Vulnerability Insight:
Several vulnerabilities were fixed in Wireshark, a network sniffer.

CVE-2019-13619

ASN.1 BER and related dissectors crash.

CVE-2019-16319

The Gryphon dissector could go into an infinite loop.

CVE-2019-19553

The CMS dissector could crash.

CVE-2020-7045

The BT ATT dissector could crash.

CVE-2020-9428

The EAP dissector could crash.

CVE-2020-9430

The WiMax DLMAP dissector could crash.

CVE-2020-9431

The LTE RRC dissector could leak memory.

CVE-2020-11647

The BACapp dissector could crash.

CVE-2020-13164

The NFS dissector could crash.

CVE-2020-15466

The GVCP dissector could go into an infinite loop.

CVE-2020-25862

The TCP dissector could crash.

CVE-2020-25863

The MIME Multipart dissector could crash.

CVE-2020-26418

Memory leak in the Kafka protocol dissector.

CVE-2020-26421

Crash in USB HID protocol dissector.

CVE-2020-26575

The Facebook Zero Protocol (aka FBZERO) dissector
could enter an infinite loop.

CVE-2020-28030

The GQUIC dissector could crash.

Affected Software/OS:
'wireshark' package(s) on Debian Linux.

Solution:
For Debian 9 stretch, these problems have been fixed in version
2.6.20-0+deb9u1.

We recommend that you upgrade your wireshark packages.

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2020-7045
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16258
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=01f261de41f4dd3233ef578e5c0ffb9c25c7d14d
https://www.wireshark.org/security/wnpa-sec-2020-02.html
https://lists.debian.org/debian-lts-announce/2021/02/msg00008.html
Common Vulnerability Exposure (CVE) ID: CVE-2020-9428
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDVMBCADP73TBISYCS6ARKOSNNJOGXXZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XN2GMGLT5XND7U34WX3O23WKUZ7JHMVN/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DZBICEY2HGSNQ3RPBLMDDYVAHGOGS4E2/
https://security.gentoo.org/glsa/202007-13
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16397
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=9fe2de783dbcbe74144678d60a4e3923367044b2
https://www.wireshark.org/security/wnpa-sec-2020-05.html
SuSE Security Announcement: openSUSE-SU-2020:0362 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html
Common Vulnerability Exposure (CVE) ID: CVE-2020-9430
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16368
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16383
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6b98dc63701b1da1cc7681cb383dabb0b7007d73
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=93d6b03a67953b82880cdbdcf0d30e2a3246d790
https://www.wireshark.org/security/wnpa-sec-2020-04.html
Common Vulnerability Exposure (CVE) ID: CVE-2020-9431
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16341
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=086003c9d616906e08bbeeab9c17b3aa4c6ff850
https://www.wireshark.org/security/wnpa-sec-2020-03.html
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.