Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
amazonAmazonALAS-2015-580
HistoryAug 17, 2015 - 12:29 p.m.

Medium: wireshark

2015-08-1712:29:00
alas.aws.amazon.com
22

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.004 Low

EPSS

Percentile

72.0%

JSON

Issue Overview:

Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2014-8714, CVE-2014-8712, CVE-2014-8713, CVE-2014-8711, CVE-2014-8710, CVE-2015-0562, CVE-2015-0564, CVE-2015-2189, CVE-2015-2191)

Affected Packages:

wireshark

Issue Correction:
Run yum update wireshark to update your system.

New Packages:

i686:  
    wireshark-debuginfo-1.8.10-17.19.amzn1.i686  
    wireshark-1.8.10-17.19.amzn1.i686  
    wireshark-devel-1.8.10-17.19.amzn1.i686  
  
src:  
    wireshark-1.8.10-17.19.amzn1.src  
  
x86_64:  
    wireshark-debuginfo-1.8.10-17.19.amzn1.x86_64  
    wireshark-1.8.10-17.19.amzn1.x86_64  
    wireshark-devel-1.8.10-17.19.amzn1.x86_64

Additional References

Red Hat: CVE-2014-8710, CVE-2014-8711, CVE-2014-8712, CVE-2014-8713, CVE-2014-8714, CVE-2015-0562, CVE-2015-0564, CVE-2015-2189, CVE-2015-2191

Mitre: CVE-2014-8710, CVE-2014-8711, CVE-2014-8712, CVE-2014-8713, CVE-2014-8714, CVE-2015-0562, CVE-2015-0564, CVE-2015-2189, CVE-2015-2191

Related

nessus 29
veracode 9
redhat 2
openvas 31
oraclelinux 2
centos 2
archlinux 3
osv 3
debian 4
fedora 2
securityvulns 6
mageia 3
prion 9
ubuntucve 9
debiancve 9
cve 9
kaspersky 2
gentoo 1
oracle 1
nessus
nessus
Scientific Linux Security Update : wireshark on SL6.x i386/x86_64 (20150722)
2015-08-04 00:00:00
Oracle Linux 6 : wireshark (ELSA-2015-1460)
2015-07-30 00:00:00
Amazon Linux AMI : wireshark (ALAS-2015-580)
2015-08-18 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:41:09
Buffer Underflow
2019-05-02 05:41:10
Denial Of Service (DoS)
2019-05-02 05:41:09
redhat
redhat
(RHSA-2015:1460) Moderate: wireshark security, bug fix, and enhancement update
2015-07-22 00:00:00
(RHSA-2015:2393) Moderate: wireshark security, bug fix, and enhancement update
2015-11-19 13:43:56
openvas
openvas
Oracle: Security Advisory (ELSA-2015-1460)
2015-10-06 00:00:00
Amazon Linux: Security Advisory (ALAS-2015-580)
2015-09-08 00:00:00
RedHat Update for wireshark RHSA-2015:1460-01
2015-07-23 00:00:00
oraclelinux
oraclelinux
wireshark security, bug fix, and enhancement update
2015-07-28 00:00:00
wireshark security, bug fix, and enhancement update
2015-11-23 00:00:00
centos
centos
wireshark security update
2015-07-26 14:12:34
wireshark security update
2015-11-30 19:55:40
archlinux
archlinux
wireshark-qt: denial of service
2014-11-20 00:00:00
wireshark-gtk: denial of service
2014-11-20 00:00:00
wireshark-cli: denial of service
2014-11-20 00:00:00
osv
osv
wireshark - security update
2014-11-25 00:00:00
wireshark - security update
2015-04-22 00:00:00
wireshark - security update
2015-01-27 00:00:00
debian
debian
[SECURITY] [DSA 3076-1] wireshark security update
2014-11-25 20:51:42
[SECURITY] [DLA 198-1] wireshark security update
2015-04-22 09:45:46
[SECURITY] [DSA 3141-1] wireshark security update
2015-01-27 11:24:49
fedora
fedora
[SECURITY] Fedora 20 Update: wireshark-1.10.11-1.fc20
2014-12-04 06:22:05
[SECURITY] Fedora 21 Update: wireshark-1.12.2-1.fc21
2014-12-06 10:51:00
securityvulns
securityvulns
[ MDVSA-2014:223 ] wireshark
2014-11-24 00:00:00
wireshark multiple security vulnerabilities
2014-11-24 00:00:00
wireshark multiple security vulnerabilities
2015-04-09 00:00:00
mageia
mageia
Updated wireshark packages fix security vulnerabilities
2014-11-21 15:44:16
Updated wireshark package fixes security vulnerabilies
2015-03-28 00:12:10
Updated wireshark packages fix security vulnerabilities
2015-01-09 19:44:12
prion
prion
Code injection
2014-11-23 02:59:00
Integer overflow
2014-11-23 02:59:00
Code injection
2014-11-23 02:59:00
ubuntucve
ubuntucve
CVE-2014-8713
2014-11-23 00:00:00
CVE-2014-8711
2014-11-23 00:00:00
CVE-2014-8714
2014-11-23 00:00:00
debiancve
debiancve
CVE-2014-8713
2014-11-23 02:59:00
CVE-2014-8711
2014-11-23 02:59:00
CVE-2014-8712
2014-11-23 02:59:00
cve
cve
CVE-2014-8712
2014-11-23 02:59:00
CVE-2014-8711
2014-11-23 02:59:00
CVE-2014-8713
2014-11-23 02:59:00
kaspersky
kaspersky
KLA10453 Multiple vulnerabilities in Wireshark
2015-01-07 00:00:00
KLA10518 Denial of service vulnerabilities in Wireshark
2015-03-07 00:00:00
gentoo
gentoo
Wireshark: Multiple vulnerabilities
2015-10-31 00:00:00
oracle
oracle
Oracle Critical Patch Update - October 2017
2017-10-17 00:00:00

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.004 Low

EPSS

Percentile

72.0%

JSON
Related for ALAS-2015-580
nessus29veracode9redhat2openvas31oraclelinux2centos2archlinux3osv3debian4fedora2securityvulns6mageia3prion9ubuntucve9debiancve9cve9kaspersky2gentoo1oracle1