Family: Fedora Local Security Checks --> Category: infos
Fedora Core 6 2006-1140: wireshark Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the wireshark package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory FEDORA-2006-1140 (wireshark).
Wireshark is a network traffic analyzer for Unix-ish operating systems.
This package lays base for libpcap, a packet capture and filtering
library, contains command-line utilities, contains tests and
documentation for wireshark. A graphical user interface is packaged
separately to GTK+ package.
Update information :
* Wed Nov 1 2006 Radek Vok├┬íl 0.99.4-1
- upgrade to 0.99.4-1, fixes multiple security issues
- CVE-2006-5468 - The HTTP dissector could dereference a null pointer.
- CVE-2006-5469 - The WBXML dissector could crash.
- CVE-2006-5470 - The LDAP dissector (and possibly others) could crash.
- CVE-2006-4805 - Basic DoS, The XOT dissector could attempt to allocate a larg
e amount of memory and crash.
- CVE-2006-4574 - Single byte \0 overflow written onto the heap
Solution : Get the newest Fedora Updates
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.