Lucene search
AmazonALAS-2023-1785HistoryJul 13, 2023 - 11:57 p.m.
Low: wireshark
2023-07-1323:57:00
alas.aws.amazon.com
11
0.001 Low
EPSS
Percentile
42.7%
Issue Overview:
Due to failure in validating the length provided by an attacker-crafted MSMMS packet, Wireshark version 4.0.5 and prior, in an unusual configuration, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark. (CVE-2023-0667)
Affected Packages:
wireshark
Issue Correction:
Run yum update wireshark to update your system.
New Packages:
i686:
wireshark-devel-1.8.10-25.24.amzn1.i686
wireshark-debuginfo-1.8.10-25.24.amzn1.i686
wireshark-1.8.10-25.24.amzn1.i686
src:
wireshark-1.8.10-25.24.amzn1.src
x86_64:
wireshark-devel-1.8.10-25.24.amzn1.x86_64
wireshark-debuginfo-1.8.10-25.24.amzn1.x86_64
wireshark-1.8.10-25.24.amzn1.x86_64
Additional References
Red Hat: CVE-2023-0667
Mitre: CVE-2023-0667
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Amazon Linux | 1 | i686 | wireshark-devel | < 1.8.10-25.24.amzn1 | wireshark-devel-1.8.10-25.24.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | wireshark-debuginfo | < 1.8.10-25.24.amzn1 | wireshark-debuginfo-1.8.10-25.24.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | wireshark | < 1.8.10-25.24.amzn1 | wireshark-1.8.10-25.24.amzn1.i686.rpm |
| Amazon Linux | 1 | x86_64 | wireshark-devel | < 1.8.10-25.24.amzn1 | wireshark-devel-1.8.10-25.24.amzn1.x86_64.rpm |
| Amazon Linux | 1 | x86_64 | wireshark-debuginfo | < 1.8.10-25.24.amzn1 | wireshark-debuginfo-1.8.10-25.24.amzn1.x86_64.rpm |
| Amazon Linux | 1 | x86_64 | wireshark | < 1.8.10-25.24.amzn1 | wireshark-1.8.10-25.24.amzn1.x86_64.rpm |
Related
nessus
nessus
Amazon Linux AMI : wireshark (ALAS-2023-1785)
2023-07-20 00:00:00
Amazon Linux 2 : wireshark (ALAS-2023-2113)
2023-07-20 00:00:00
cvelist
cvelist
CVE-2023-0667 Wireshark MSMMS parsing buffer overflow
2023-06-07 02:38:07
amazon
amazon
Low: wireshark
2023-07-05 22:01:00
cbl_mariner
cbl_mariner
CVE-2023-0667 affecting package wireshark for versions less than 4.0.8-1
2023-09-28 11:57:58
veracode
veracode
Heap-based Buffer Overflow
2023-08-06 23:22:39
cnvd
cnvd
Wireshark Buffer Overflow Vulnerability (CNVD-2023-62286)
2023-06-08 00:00:00
prion
prion
Heap overflow
2023-06-07 03:15:00
cve
cve
CVE-2023-0667
2023-06-07 03:15:09
ubuntucve
ubuntucve
CVE-2023-0667
2023-06-07 00:00:00
redhatcve
redhatcve
CVE-2023-0667
2023-08-07 11:48:53
debiancve
debiancve
CVE-2023-0667
2023-06-07 03:15:09
osv
osv
CVE-2023-0667
2023-06-07 03:15:09
wireshark - security update
2023-06-15 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2023-3.0-0620
2023-07-28 00:00:00
openvas
openvas
openSUSE: Security Advisory for wireshark (SUSE-SU-2023:3252-1)
2024-03-04 00:00:00
Debian: Security Advisory (DSA-5429-1)
2023-06-16 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2388
2024-04-02 07:22:04
gentoo
gentoo
Wireshark: Multiple Vulnerabilities
2023-09-17 00:00:00