7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.9 High
AI Score
Confidence
High
0.008 Low
EPSS
Percentile
82.0%
Several vulnerabilities were fixed in Wireshark, a network sniffer.
CVE-2019-13619
ASN.1 BER and related dissectors crash.
CVE-2019-16319
The Gryphon dissector could go into an infinite loop.
CVE-2019-19553
The CMS dissector could crash.
CVE-2020-7045
The BT ATT dissector could crash.
CVE-2020-9428
The EAP dissector could crash.
CVE-2020-9430
The WiMax DLMAP dissector could crash.
CVE-2020-9431
The LTE RRC dissector could leak memory.
CVE-2020-11647
The BACapp dissector could crash.
CVE-2020-13164
The NFS dissector could crash.
CVE-2020-15466
The GVCP dissector could go into an infinite loop.
CVE-2020-25862
The TCP dissector could crash.
CVE-2020-25863
The MIME Multipart dissector could crash.
CVE-2020-26418
Memory leak in the Kafka protocol dissector.
CVE-2020-26421
Crash in USB HID protocol dissector.
CVE-2020-26575
The Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop.
CVE-2020-28030
The GQUIC dissector could crash.
For Debian 9 stretch, these problems have been fixed in version 2.6.20-0+deb9u1.
We recommend that you upgrade your wireshark packages.
For the detailed security status of wireshark please refer to its security tracker page at:
https://security-tracker.debian.org/tracker/wireshark
NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DLA-2547-1. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#
include('compat.inc');
if (description)
{
script_id(146291);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/01/23");
script_cve_id(
"CVE-2019-13619",
"CVE-2019-16319",
"CVE-2019-19553",
"CVE-2020-11647",
"CVE-2020-13164",
"CVE-2020-15466",
"CVE-2020-25862",
"CVE-2020-25863",
"CVE-2020-26418",
"CVE-2020-26421",
"CVE-2020-26575",
"CVE-2020-28030",
"CVE-2020-7045",
"CVE-2020-9428",
"CVE-2020-9430",
"CVE-2020-9431"
);
script_name(english:"Debian DLA-2547-1 : wireshark security update");
script_set_attribute(attribute:"synopsis", value:
"The remote Debian host is missing a security update.");
script_set_attribute(attribute:"description", value:
"Several vulnerabilities were fixed in Wireshark, a network sniffer.
CVE-2019-13619
ASN.1 BER and related dissectors crash.
CVE-2019-16319
The Gryphon dissector could go into an infinite loop.
CVE-2019-19553
The CMS dissector could crash.
CVE-2020-7045
The BT ATT dissector could crash.
CVE-2020-9428
The EAP dissector could crash.
CVE-2020-9430
The WiMax DLMAP dissector could crash.
CVE-2020-9431
The LTE RRC dissector could leak memory.
CVE-2020-11647
The BACapp dissector could crash.
CVE-2020-13164
The NFS dissector could crash.
CVE-2020-15466
The GVCP dissector could go into an infinite loop.
CVE-2020-25862
The TCP dissector could crash.
CVE-2020-25863
The MIME Multipart dissector could crash.
CVE-2020-26418
Memory leak in the Kafka protocol dissector.
CVE-2020-26421
Crash in USB HID protocol dissector.
CVE-2020-26575
The Facebook Zero Protocol (aka FBZERO) dissector could enter an
infinite loop.
CVE-2020-28030
The GQUIC dissector could crash.
For Debian 9 stretch, these problems have been fixed in version
2.6.20-0+deb9u1.
We recommend that you upgrade your wireshark packages.
For the detailed security status of wireshark please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/wireshark
NOTE: Tenable Network Security has extracted the preceding description
block directly from the DLA security advisory. Tenable has attempted
to automatically clean and format it as much as possible without
introducing additional issues.");
script_set_attribute(attribute:"see_also", value:"https://lists.debian.org/debian-lts-announce/2021/02/msg00008.html");
script_set_attribute(attribute:"see_also", value:"https://packages.debian.org/source/stretch/wireshark");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/source-package/wireshark");
script_set_attribute(attribute:"solution", value:
"Upgrade the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-16319");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2020-9431");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2019/07/17");
script_set_attribute(attribute:"patch_publication_date", value:"2021/02/06");
script_set_attribute(attribute:"plugin_publication_date", value:"2021/02/08");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libwireshark-data");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libwireshark-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libwireshark8");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libwiretap-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libwiretap6");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libwscodecs1");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libwsutil-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libwsutil7");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:tshark");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:wireshark");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:wireshark-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:wireshark-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:wireshark-doc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:wireshark-gtk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:wireshark-qt");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:9.0");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Debian Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("debian_package.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (deb_check(release:"9.0", prefix:"libwireshark-data", reference:"2.6.20-0+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"libwireshark-dev", reference:"2.6.20-0+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"libwireshark8", reference:"2.6.20-0+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"libwiretap-dev", reference:"2.6.20-0+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"libwiretap6", reference:"2.6.20-0+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"libwscodecs1", reference:"2.6.20-0+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"libwsutil-dev", reference:"2.6.20-0+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"libwsutil7", reference:"2.6.20-0+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"tshark", reference:"2.6.20-0+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"wireshark", reference:"2.6.20-0+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"wireshark-common", reference:"2.6.20-0+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"wireshark-dev", reference:"2.6.20-0+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"wireshark-doc", reference:"2.6.20-0+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"wireshark-gtk", reference:"2.6.20-0+deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"wireshark-qt", reference:"2.6.20-0+deb9u1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
else security_hole(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
Vendor | Product | Version | CPE |
---|---|---|---|
debian | debian_linux | libwireshark-data | p-cpe:/a:debian:debian_linux:libwireshark-data |
debian | debian_linux | libwireshark-dev | p-cpe:/a:debian:debian_linux:libwireshark-dev |
debian | debian_linux | libwireshark8 | p-cpe:/a:debian:debian_linux:libwireshark8 |
debian | debian_linux | libwiretap-dev | p-cpe:/a:debian:debian_linux:libwiretap-dev |
debian | debian_linux | libwiretap6 | p-cpe:/a:debian:debian_linux:libwiretap6 |
debian | debian_linux | libwscodecs1 | p-cpe:/a:debian:debian_linux:libwscodecs1 |
debian | debian_linux | libwsutil-dev | p-cpe:/a:debian:debian_linux:libwsutil-dev |
debian | debian_linux | libwsutil7 | p-cpe:/a:debian:debian_linux:libwsutil7 |
debian | debian_linux | tshark | p-cpe:/a:debian:debian_linux:tshark |
debian | debian_linux | wireshark | p-cpe:/a:debian:debian_linux:wireshark |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13619
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16319
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19553
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11647
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13164
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15466
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25862
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25863
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26418
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26421
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26575
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28030
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7045
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9428
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9430
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9431
lists.debian.org/debian-lts-announce/2021/02/msg00008.html
packages.debian.org/source/stretch/wireshark
security-tracker.debian.org/tracker/source-package/wireshark
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.9 High
AI Score
Confidence
High
0.008 Low
EPSS
Percentile
82.0%