Lucene search
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2023-3252-1.NASLHistoryAug 10, 2023 - 12:00 a.m.
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : wireshark (SUSE-SU-2023:3252-1)
2023-08-1000:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
5
suse sled15
sles15
opensuse 15
wireshark
security update
vulnerabilities
heap-based buffer overflow
code execution
denial of service
crafted capture file
nessus scanner.
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.002
Percentile
57.1%
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3252-1 advisory.
-
Due to failure in validating the length provided by an attacker-crafted MSMMS packet, Wireshark version 4.0.5 and prior, in an unusual configuration, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark (CVE-2023-0667)
-
Due to failure in validating the length provided by an attacker-crafted IEEE-C37.118 packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark. (CVE-2023-0668)
-
Candump log parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file (CVE-2023-2855)
-
VMS TCPIPtrace file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file (CVE-2023-2856)
-
BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file (CVE-2023-2857)
-
NetScaler file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file (CVE-2023-2858)
-
GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file (CVE-2023-2879)
-
XRA dissector infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file (CVE-2023-2952)
-
Kafka dissector crash in Wireshark 4.0.0 to 4.0.6 and 3.6.0 to 3.6.14 allows denial of service via packet injection or crafted capture file (CVE-2023-3648)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# SUSE update advisory SUSE-SU-2023:3252-1. The text itself
# is copyright (C) SUSE.
##
include('compat.inc');
if (description)
{
script_id(179657);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/09/07");
script_cve_id(
"CVE-2023-0667",
"CVE-2023-0668",
"CVE-2023-2855",
"CVE-2023-2856",
"CVE-2023-2857",
"CVE-2023-2858",
"CVE-2023-2879",
"CVE-2023-2952",
"CVE-2023-3648"
);
script_xref(name:"IAVB", value:"2023-B-0036-S");
script_xref(name:"SuSE", value:"SUSE-SU-2023:3252-1");
script_xref(name:"IAVB", value:"2023-B-0051-S");
script_name(english:"SUSE SLED15 / SLES15 / openSUSE 15 Security Update : wireshark (SUSE-SU-2023:3252-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are
affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3252-1 advisory.
- Due to failure in validating the length provided by an attacker-crafted MSMMS packet, Wireshark version
4.0.5 and prior, in an unusual configuration, is susceptible to a heap-based buffer overflow, and possibly
code execution in the context of the process running Wireshark (CVE-2023-0667)
- Due to failure in validating the length provided by an attacker-crafted IEEE-C37.118 packet, Wireshark
version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code
execution in the context of the process running Wireshark. (CVE-2023-0668)
- Candump log parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via
crafted capture file (CVE-2023-2855)
- VMS TCPIPtrace file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service
via crafted capture file (CVE-2023-2856)
- BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted
capture file (CVE-2023-2857)
- NetScaler file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via
crafted capture file (CVE-2023-2858)
- GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet
injection or crafted capture file (CVE-2023-2879)
- XRA dissector infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via
packet injection or crafted capture file (CVE-2023-2952)
- Kafka dissector crash in Wireshark 4.0.0 to 4.0.6 and 3.6.0 to 3.6.14 allows denial of service via packet
injection or crafted capture file (CVE-2023-3648)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1211703");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1211705");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1211706");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1211707");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1211710");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1211793");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1211844");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1212084");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1213319");
# https://lists.suse.com/pipermail/sle-security-updates/2023-August/015828.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?875b3194");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-0667");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-0668");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-2855");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-2856");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-2857");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-2858");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-2879");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-2952");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-3648");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-2952");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2023-2879");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2023/05/24");
script_set_attribute(attribute:"patch_publication_date", value:"2023/08/09");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/08/10");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libwireshark15");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libwiretap12");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libwsutil13");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:wireshark");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:wireshark-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:wireshark-ui-qt");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:15");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"SuSE Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item("Host/SuSE/release");
if (isnull(os_release) || os_release !~ "^(SLED|SLES|SUSE)") audit(AUDIT_OS_NOT, "SUSE / openSUSE");
var os_ver = pregmatch(pattern: "^(SLE(S|D)(?:_SAP)?\d+|SUSE([\d.]+))", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE / openSUSE');
os_ver = os_ver[1];
if (! preg(pattern:"^(SLED15|SLED_SAP15|SLES15|SLES_SAP15|SUSE15\.4|SUSE15\.5)$", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15', 'SUSE / openSUSE (' + os_ver + ')');
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE / openSUSE (' + os_ver + ')', cpu);
var service_pack = get_kb_item("Host/SuSE/patchlevel");
if (isnull(service_pack)) service_pack = "0";
if (os_ver == "SLED15" && (! preg(pattern:"^(4|5)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLED15 SP4/5", os_ver + " SP" + service_pack);
if (os_ver == "SLED_SAP15" && (! preg(pattern:"^(4|5)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLED_SAP15 SP4/5", os_ver + " SP" + service_pack);
if (os_ver == "SLES15" && (! preg(pattern:"^(3|4|5)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES15 SP3/4/5", os_ver + " SP" + service_pack);
if (os_ver == "SLES_SAP15" && (! preg(pattern:"^(4|5)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES_SAP15 SP4/5", os_ver + " SP" + service_pack);
var pkgs = [
{'reference':'libwireshark15-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'libwireshark15-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'libwiretap12-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'libwiretap12-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'libwsutil13-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'libwsutil13-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'wireshark-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'wireshark-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'wireshark-devel-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'wireshark-devel-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'wireshark-ui-qt-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'wireshark-ui-qt-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'libwireshark15-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'libwireshark15-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'libwiretap12-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'libwiretap12-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'libwsutil13-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'libwsutil13-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'wireshark-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'wireshark-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'wireshark-devel-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'wireshark-devel-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'wireshark-ui-qt-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'wireshark-ui-qt-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'libwireshark15-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'SUSE-Manager-Proxy-release-4.3', 'SUSE-Manager-Server-release-4.3', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4', 'suse-manager-server-release-4.3']},
{'reference':'libwireshark15-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'SUSE-Manager-Proxy-release-4.3', 'SUSE-Manager-Server-release-4.3', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4', 'suse-manager-server-release-4.3']},
{'reference':'libwiretap12-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'SUSE-Manager-Proxy-release-4.3', 'SUSE-Manager-Server-release-4.3', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4', 'suse-manager-server-release-4.3']},
{'reference':'libwiretap12-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'SUSE-Manager-Proxy-release-4.3', 'SUSE-Manager-Server-release-4.3', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4', 'suse-manager-server-release-4.3']},
{'reference':'libwsutil13-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'SUSE-Manager-Proxy-release-4.3', 'SUSE-Manager-Server-release-4.3', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4', 'suse-manager-server-release-4.3']},
{'reference':'libwsutil13-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'SUSE-Manager-Proxy-release-4.3', 'SUSE-Manager-Server-release-4.3', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4', 'suse-manager-server-release-4.3']},
{'reference':'wireshark-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'SUSE-Manager-Proxy-release-4.3', 'SUSE-Manager-Server-release-4.3', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4', 'suse-manager-server-release-4.3']},
{'reference':'wireshark-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'SUSE-Manager-Proxy-release-4.3', 'SUSE-Manager-Server-release-4.3', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4', 'suse-manager-server-release-4.3']},
{'reference':'wireshark-devel-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'SUSE-Manager-Proxy-release-4.3', 'SUSE-Manager-Server-release-4.3', 'sle-module-desktop-applications-release-15.4', 'sled-release-15.4', 'sles-release-15.4', 'suse-manager-server-release-4.3']},
{'reference':'wireshark-devel-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'SUSE-Manager-Proxy-release-4.3', 'SUSE-Manager-Server-release-4.3', 'sle-module-desktop-applications-release-15.4', 'sled-release-15.4', 'sles-release-15.4', 'suse-manager-server-release-4.3']},
{'reference':'wireshark-ui-qt-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'SUSE-Manager-Proxy-release-4.3', 'SUSE-Manager-Server-release-4.3', 'sle-module-desktop-applications-release-15.4', 'sled-release-15.4', 'sles-release-15.4', 'suse-manager-server-release-4.3']},
{'reference':'wireshark-ui-qt-3.6.15-150000.3.97.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'SUSE-Manager-Proxy-release-4.3', 'SUSE-Manager-Server-release-4.3', 'sle-module-desktop-applications-release-15.4', 'sled-release-15.4', 'sles-release-15.4', 'suse-manager-server-release-4.3']},
{'reference':'libwireshark15-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'libwireshark15-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'libwiretap12-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'libwiretap12-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'libwsutil13-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'libwsutil13-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'wireshark-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'wireshark-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'wireshark-devel-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-desktop-applications-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'wireshark-devel-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-desktop-applications-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'wireshark-ui-qt-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-desktop-applications-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'wireshark-ui-qt-3.6.15-150000.3.97.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-desktop-applications-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'libwireshark15-3.6.15-150000.3.97.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.3', 'SUSE-Manager-Proxy-release-4.2']},
{'reference':'libwiretap12-3.6.15-150000.3.97.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.3', 'SUSE-Manager-Proxy-release-4.2']},
{'reference':'libwsutil13-3.6.15-150000.3.97.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.3', 'SUSE-Manager-Proxy-release-4.2']},
{'reference':'wireshark-3.6.15-150000.3.97.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.3', 'SUSE-Manager-Proxy-release-4.2']},
{'reference':'wireshark-devel-3.6.15-150000.3.97.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.3']},
{'reference':'wireshark-ui-qt-3.6.15-150000.3.97.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.3']},
{'reference':'libwireshark15-3.6.15-150000.3.97.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SUSE-Manager-Server-release-4.2']},
{'reference':'libwiretap12-3.6.15-150000.3.97.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SUSE-Manager-Server-release-4.2']},
{'reference':'libwsutil13-3.6.15-150000.3.97.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SUSE-Manager-Server-release-4.2']},
{'reference':'wireshark-3.6.15-150000.3.97.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SUSE-Manager-Server-release-4.2']},
{'reference':'libwireshark15-3.6.15-150000.3.97.1', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'libwiretap12-3.6.15-150000.3.97.1', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'libwsutil13-3.6.15-150000.3.97.1', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'wireshark-3.6.15-150000.3.97.1', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'wireshark-devel-3.6.15-150000.3.97.1', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'wireshark-ui-qt-3.6.15-150000.3.97.1', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'libwireshark15-3.6.15-150000.3.97.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'libwiretap12-3.6.15-150000.3.97.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'libwsutil13-3.6.15-150000.3.97.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'wireshark-3.6.15-150000.3.97.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'wireshark-devel-3.6.15-150000.3.97.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'wireshark-ui-qt-3.6.15-150000.3.97.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']}
];
var ltss_caveat_required = FALSE;
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var exists_check = NULL;
var rpm_spec_vers_cmp = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (reference && _release) {
if (exists_check) {
var check_flag = 0;
foreach var check (exists_check) {
if (!rpm_exists(release:_release, rpm:check)) continue;
check_flag++;
}
if (!check_flag) continue;
}
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libwireshark15 / libwiretap12 / libwsutil13 / wireshark / etc');
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | suse_linux | libwireshark15 | p-cpe:/a:novell:suse_linux:libwireshark15 |
| novell | suse_linux | libwiretap12 | p-cpe:/a:novell:suse_linux:libwiretap12 |
| novell | suse_linux | libwsutil13 | p-cpe:/a:novell:suse_linux:libwsutil13 |
| novell | suse_linux | wireshark | p-cpe:/a:novell:suse_linux:wireshark |
| novell | suse_linux | wireshark-devel | p-cpe:/a:novell:suse_linux:wireshark-devel |
| novell | suse_linux | wireshark-ui-qt | p-cpe:/a:novell:suse_linux:wireshark-ui-qt |
| novell | suse_linux | 15 | cpe:/o:novell:suse_linux:15 |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0667
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0668
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2855
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2856
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2857
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2858
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2879
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2952
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3648
www.nessus.org/u?875b3194
bugzilla.suse.com/1211703
bugzilla.suse.com/1211705
bugzilla.suse.com/1211706
bugzilla.suse.com/1211707
bugzilla.suse.com/1211710
bugzilla.suse.com/1211793
bugzilla.suse.com/1211844
bugzilla.suse.com/1212084
bugzilla.suse.com/1213319
www.suse.com/security/cve/CVE-2023-0667
www.suse.com/security/cve/CVE-2023-0668
www.suse.com/security/cve/CVE-2023-2855
www.suse.com/security/cve/CVE-2023-2856
www.suse.com/security/cve/CVE-2023-2857
www.suse.com/security/cve/CVE-2023-2858
www.suse.com/security/cve/CVE-2023-2879
www.suse.com/security/cve/CVE-2023-2952
www.suse.com/security/cve/CVE-2023-3648
Related
openvas
openvas
openSUSE: Security Advisory for wireshark (SUSE-SU-2023:3252-1)
2024-03-04 00:00:00
Debian: Security Advisory (DLA-3443-1)
2023-06-05 00:00:00
Debian: Security Advisory (DSA-5429-1)
2023-06-16 00:00:00
nessus
nessus
Wireshark 3.6.x < 3.6.14 Multiple Vulnerabilities
2023-05-25 00:00:00
Wireshark 3.6.x < 3.6.14 Multiple Vulnerabilities (macOS)
2023-05-25 00:00:00
Oracle Linux 9 : wireshark (ELSA-2023-6469)
2023-11-16 00:00:00
kaspersky
kaspersky
KLA61756 Multiple vulnerabilities in Wireshark
2023-05-24 00:00:00
KLA61757 Multiple vulnerabilities in Wireshark
2023-06-12 00:00:00
debian
debian
[SECURITY] [DLA 3443-1] wireshark security update
2023-06-03 16:29:18
[SECURITY] [DSA 5429-1] wireshark security update
2023-06-15 18:05:29
almalinux
almalinux
Moderate: wireshark security update
2023-11-07 00:00:00
Moderate: wireshark security update
2023-11-14 00:00:00
osv
osv
wireshark - security update
2023-06-03 00:00:00
Moderate: wireshark security update
2023-11-07 00:00:00
wireshark - security update
2023-06-15 00:00:00
redhat
redhat
(RHSA-2023:6469) Moderate: wireshark security update
2023-11-07 06:06:26
(RHSA-2023:7015) Moderate: wireshark security update
2023-11-14 08:42:43
oraclelinux
oraclelinux
wireshark security update
2023-11-11 00:00:00
wireshark security update
2023-11-17 00:00:00
gentoo
gentoo
Wireshark: Multiple Vulnerabilities
2023-09-17 00:00:00
amazon
amazon
Medium: wireshark
2023-08-03 18:10:00
Low: wireshark
2023-07-13 23:57:00
Low: wireshark
2023-07-05 22:01:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2388
2024-04-02 07:22:04
Advisory ROSA-SA-2024-2390
2024-04-02 07:35:41
veracode
veracode
Denial Of Service (DoS)
2023-08-07 00:55:58
Denial Of Service (DoS)
2023-08-07 00:55:59
Denial Of Service (DoS)
2023-08-07 00:55:57
debiancve
debiancve
ubuntucve
ubuntucve
cvelist
cvelist
CVE-2023-2858
2023-05-26 00:00:00
CVE-2023-2855
2023-05-26 00:00:00
CVE-2023-0667 Wireshark MSMMS parsing buffer overflow
2023-06-07 02:38:07
redhatcve
redhatcve
cnvd
cnvd
Wireshark Buffer Overflow Vulnerability (CNVD-2023-43872)
2023-05-30 00:00:00
Wireshark Buffer Overflow Vulnerability (CNVD-2023-62286)
2023-06-08 00:00:00
Wireshark Denial of Service Vulnerability (CNVD-2023-62288)
2023-05-31 00:00:00
nvd
nvd
cve
cve
prion
prion
Design/Logic Flaw
2023-05-26 21:15:00
Heap overflow
2023-06-07 03:15:00
Design/Logic Flaw
2023-05-26 21:15:00
cbl_mariner
cbl_mariner
CVE-2023-0667 affecting package wireshark for versions less than 4.0.8-1
2023-09-28 11:57:58
redos
redos
ROS-20230911-01
2023-09-11 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2023-3.0-0620
2023-07-28 00:00:00
Important Photon OS Security Update - PHSA-2023-4.0-0404
2023-06-07 00:00:00
Moderate Photon OS Security Update - PHSA-2023-3.0-0597
2023-06-14 00:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.002
Percentile
57.1%
Related for SUSE_SU-2023-3252-1.NASL