Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Debian Security Advisory DSA 2395-1 (wireshark)

Information

Severity

Severity

Medium

Family

Family

Debian Local Security Checks

CVSSv2 Base

CVSSv2 Base

4.3

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:M/Au:N/C:N/I:N/A:P

Solution Type

Solution Type

Vendor Patch

Created

Created

12 years ago

Modified

Modified

5 years ago

Summary

The remote host is missing an update to wireshark announced via advisory DSA 2395-1.

Insight

Insight

Laurent Butti discovered a buffer underflow in the LANalyzer dissector of the Wireshark network traffic analyzer, which could lead to the execution of arbitrary code (CVE-2012-0068) This update also addresses several bugs, which can lead to crashes of Wireshark. These are not treated as security issues, but are fixed nonetheless if security updates are scheduled: CVE-2011-3483, CVE-2012-0041, CVE-2012-0042, CVE-2012-0066 and CVE-2012-0067. For the stable distribution (squeeze), this problem has been fixed in version 1.2.11-6+squeeze6. For the unstable distribution (sid), this problem has been fixed in version 1.6.5-1.

Solution

Solution

We recommend that you upgrade your wireshark packages.