Solution Run 'dnf update wireshark -releasever=200308' to update your system. Memory exhaustion in the Kafka protocol dissector in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9 allows denial of service via packet injection or crafted capture file (CVE-2022-4344) - Infinite loops in the BPv6, OpenFlow, and Kafka protocol dissectors in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9 allows denial of service via packet injection or crafted capture file (CVE-2022-4345) - Excessive loops in multiple dissectors in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file (CVE-2023-0411) - TIPC dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file (CVE-2023-0412) - Dissection engine bug in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file (CVE-2023-0413) - Crash in the EAP dissector in Wireshark 4.0.0 to 4.0.2 allows denial of service via packet injection or crafted capture file (CVE-2023-0414) - iSCSI dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file (CVE-2023-0415) - GNW dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file (CVE-2023-0416) - Memory leak in the NFS dissector in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file (CVE-2023-0417) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. Wireshark is layered on top of Pcap to provide an easy to utilize interface and packet filter. On Windows, Wireshark utilizes the Windows Pcap module as its underlying engine to capture packets. It will add wireshark group and anyone who is a member of this group will be able to capture packets without being root user. Wireshark is a simple to install and easy to use packet capturing tool that is supported on both Windows and Linux. Description It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-120 advisory. 1 2 sudo apt update sudo apt install -y tshark During installation you will be asked if you want to allow non-root users to able to capture packets. CentOS 8 died a premature death at the end of 2021 - migrate to Rocky/Alma/OEL/Springdale ASAP. They should be in different packages: wireshark vs wireshark-cli. Synopsis The remote Amazon Linux 2023 host is missing a security update. wireshark is the GUI, the text command is tshark.
0 Comments
Leave a Reply. |