ID CVE-2015-0564 Type cve Reporter NVD Modified 2018-01-04T21:29:59
Description
Buffer underflow in the ssl_decrypt_record function in epan/dissectors/packet-ssl-utils.c in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet that is improperly handled during decryption of an SSL session.
{"title": "CVE-2015-0564", "reporter": "NVD", "published": "2015-01-09T21:59:42", "cpe": ["cpe:/a:wireshark:wireshark:1.10.3", "cpe:/a:wireshark:wireshark:1.10.8", "cpe:/o:debian:debian_linux:8.0", "cpe:/a:wireshark:wireshark:1.10.9", "cpe:/a:wireshark:wireshark:1.10.2", "cpe:/a:wireshark:wireshark:1.10.4", "cpe:/a:wireshark:wireshark:1.10.10", "cpe:/o:oracle:solaris:11.2", "cpe:/a:wireshark:wireshark:1.12.2", "cpe:/a:wireshark:wireshark:1.10.11", "cpe:/a:wireshark:wireshark:1.10.6", "cpe:/o:novell:opensuse:13.2", "cpe:/a:wireshark:wireshark:1.10.5", "cpe:/a:wireshark:wireshark:1.12.1", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:oracle:linux:7.0", "cpe:/a:wireshark:wireshark:1.10.7", "cpe:/a:wireshark:wireshark:1.12.0", "cpe:/a:wireshark:wireshark:1.10.1", "cpe:/a:wireshark:wireshark:1.10.0", "cpe:/o:novell:opensuse:13.1"], "cvelist": ["CVE-2015-0564"], "viewCount": 7, "objectVersion": "1.3", "type": "cve", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0564", "bulletinFamily": "NVD", "hashmap": [{"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "e5fd44389249c8f53b9d401ce6efc653", "key": "cpe"}, {"hash": "75510ecb6cc1d3850829595c9dd61953", "key": "cvelist"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "65e739a7c5a956345a05e40f5308dc80", "key": "description"}, {"hash": "4afdfec6e3a041446701ab67dee36e98", "key": "href"}, {"hash": "755797671e6f9521dfb100605faea5eb", "key": "modified"}, {"hash": "a700d1724077c9dea2ffe0ec13c24c26", "key": "published"}, {"hash": "ac28eebf6f1773319cf5a546bc29de40", "key": "references"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "a2abe34dad9635b1088c4c1e21620bdd", "key": "title"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}], "history": [{"bulletin": {"reporter": "NVD", "published": "2015-01-09T21:59:42", "cvelist": ["CVE-2015-0564"], "title": "CVE-2015-0564", "objectVersion": "1.2", "type": "cve", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0564", "bulletinFamily": "NVD", "id": "CVE-2015-0564", "history": [], "scanner": [], "cpe": ["cpe:/a:wireshark:wireshark:1.10.3", "cpe:/a:wireshark:wireshark:1.10.8", "cpe:/a:wireshark:wireshark:1.10.9", "cpe:/a:wireshark:wireshark:1.10.2", "cpe:/a:wireshark:wireshark:1.10.4", "cpe:/a:wireshark:wireshark:1.10.10", "cpe:/a:wireshark:wireshark:1.12.2", "cpe:/a:wireshark:wireshark:1.10.11", "cpe:/a:wireshark:wireshark:1.10.6", "cpe:/o:novell:opensuse:13.2", "cpe:/a:wireshark:wireshark:1.10.5", "cpe:/a:wireshark:wireshark:1.12.1", "cpe:/a:wireshark:wireshark:1.10.7", "cpe:/a:wireshark:wireshark:1.12.0", "cpe:/a:wireshark:wireshark:1.10.1", "cpe:/a:wireshark:wireshark:1.10.0", "cpe:/o:novell:opensuse:13.1"], "modified": "2015-11-16T23:14:17", "hash": "4bc00736a3d14f988d0c77dddf95f2f74edcfd7987febe23a41c83512fc5f50e", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "viewCount": 1, "edition": 1, "assessment": {"name": "", "href": "", "system": ""}, "references": ["http://www.debian.org/security/2015/dsa-3141", "http://www.mandriva.com/security/advisories?name=MDVSA-2015:022", "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=d3581aecda62d2a51ea7088fd46975415b03ec57", "http://advisories.mageia.org/MGASA-2015-0019.html", "http://lists.opensuse.org/opensuse-updates/2015-01/msg00053.html", "http://www.wireshark.org/security/wnpa-sec-2015-05.html"], "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "65e739a7c5a956345a05e40f5308dc80", "key": "description"}, {"hash": "8cd55fcfc4c5ea2ecef2418436955132", "key": "references"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "a700d1724077c9dea2ffe0ec13c24c26", "key": "published"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "a2abe34dad9635b1088c4c1e21620bdd", "key": "title"}, {"hash": "4afdfec6e3a041446701ab67dee36e98", "key": "href"}, {"hash": "394652752226d5a96102d5aeb7bd73b6", "key": "cpe"}, {"hash": "cad0db017d6b6a443568aeb225d378f2", "key": "modified"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "75510ecb6cc1d3850829595c9dd61953", "key": "cvelist"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}], "lastseen": "2016-09-03T21:56:33", "description": "Buffer underflow in the ssl_decrypt_record function in epan/dissectors/packet-ssl-utils.c in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet that is improperly handled during decryption of an SSL session."}, "differentElements": ["references", "modified", "cpe"], "edition": 1, "lastseen": "2016-09-03T21:56:33"}, {"bulletin": {"reporter": "NVD", "published": "2015-01-09T21:59:42", "cvelist": ["CVE-2015-0564"], "title": "CVE-2015-0564", "objectVersion": "1.2", "description": "Buffer underflow in the ssl_decrypt_record function in epan/dissectors/packet-ssl-utils.c in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet that is improperly handled during decryption of an SSL session.", "type": "cve", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0564", "bulletinFamily": "NVD", "id": "CVE-2015-0564", "history": [], "scanner": [], "enchantments": {"score": {"modified": "2017-04-18T15:55:54", "value": 4.3}}, "modified": "2016-11-28T14:16:53", "hash": "3216cc73cef47305775b88532c95123521e0745e07e9179aad2036cebf3e7800", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "viewCount": 7, "edition": 2, "cpe": ["cpe:/a:wireshark:wireshark:1.10.3", "cpe:/a:wireshark:wireshark:1.10.8", "cpe:/o:debian:debian_linux:8.0", "cpe:/a:wireshark:wireshark:1.10.9", "cpe:/a:wireshark:wireshark:1.10.2", "cpe:/a:wireshark:wireshark:1.10.4", "cpe:/a:wireshark:wireshark:1.10.10", "cpe:/o:oracle:solaris:11.2", "cpe:/a:wireshark:wireshark:1.12.2", "cpe:/a:wireshark:wireshark:1.10.11", "cpe:/a:wireshark:wireshark:1.10.6", "cpe:/o:novell:opensuse:13.2", "cpe:/a:wireshark:wireshark:1.10.5", "cpe:/a:wireshark:wireshark:1.12.1", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:oracle:linux:7.0", "cpe:/a:wireshark:wireshark:1.10.7", "cpe:/a:wireshark:wireshark:1.12.0", "cpe:/a:wireshark:wireshark:1.10.1", "cpe:/a:wireshark:wireshark:1.10.0", "cpe:/o:novell:opensuse:13.1"], "references": ["http://www.debian.org/security/2015/dsa-3141", "http://www.mandriva.com/security/advisories?name=MDVSA-2015:022", "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=d3581aecda62d2a51ea7088fd46975415b03ec57", "http://advisories.mageia.org/MGASA-2015-0019.html", "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", "http://www.securityfocus.com/bid/71922", "http://lists.opensuse.org/opensuse-updates/2015-01/msg00053.html", "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "http://www.wireshark.org/security/wnpa-sec-2015-05.html"], "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "65e739a7c5a956345a05e40f5308dc80", "key": "description"}, {"hash": "4b071e69fce98a5f1854bcb54d396ce9", "key": "modified"}, {"hash": "a700d1724077c9dea2ffe0ec13c24c26", "key": "published"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "a2abe34dad9635b1088c4c1e21620bdd", "key": "title"}, {"hash": "4afdfec6e3a041446701ab67dee36e98", "key": "href"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "75510ecb6cc1d3850829595c9dd61953", "key": "cvelist"}, {"hash": "da6a62ee243c20a75ed57d422cd267da", "key": "references"}, {"hash": "e5fd44389249c8f53b9d401ce6efc653", "key": "cpe"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}], "lastseen": "2017-04-18T15:55:54", "assessment": {"name": "", "href": "", "system": ""}}, "differentElements": ["references", "modified"], "edition": 2, "lastseen": "2017-04-18T15:55:54"}], "scanner": [], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "modified": "2018-01-04T21:29:59", "hash": "638cd4bb06e33e6085f0df83b606f609686b19700863c9d359269a0fc8ea4073", "enchantments": {"vulnersScore": 5.0}, "edition": 3, "description": "Buffer underflow in the ssl_decrypt_record function in epan/dissectors/packet-ssl-utils.c in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet that is improperly handled during decryption of an SSL session.", "references": ["http://www.debian.org/security/2015/dsa-3141", "http://www.mandriva.com/security/advisories?name=MDVSA-2015:022", "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=d3581aecda62d2a51ea7088fd46975415b03ec57", "http://advisories.mageia.org/MGASA-2015-0019.html", "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", "http://www.securityfocus.com/bid/71922", "http://rhn.redhat.com/errata/RHSA-2015-1460.html", "http://lists.opensuse.org/opensuse-updates/2015-01/msg00053.html", "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "http://www.wireshark.org/security/wnpa-sec-2015-05.html"], "id": "CVE-2015-0564", "lastseen": "2018-01-05T11:51:32", "assessment": {"name": "", "href": "", "system": ""}}
{"result": {"openvas": [{"id": "OPENVAS:1361412562310703141", "type": "openvas", "title": "Debian Security Advisory DSA 3141-1 (wireshark - security update)", "description": "Multiple vulnerabilities were discovered\nin the dissectors/parsers for SSL/TLS and DEC DNA, which could result in denial\nof service.", "published": "2015-01-27T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703141", "cvelist": ["CVE-2015-0562", "CVE-2015-0564"], "lastseen": "2018-04-06T11:28:14"}, {"id": "OPENVAS:703141", "type": "openvas", "title": "Debian Security Advisory DSA 3141-1 (wireshark - security update)", "description": "Multiple vulnerabilities were discovered\nin the dissectors/parsers for SSL/TLS and DEC DNA, which could result in denial\nof service.", "published": "2015-01-27T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=703141", "cvelist": ["CVE-2015-0562", "CVE-2015-0564"], "lastseen": "2017-07-24T12:53:29"}, {"id": "OPENVAS:1361412562310805322", "type": "openvas", "title": "Wireshark Multiple Denial-of-Service Vulnerabilities -01 Jan15 (Windows)", "description": "This host is installed with Wireshark\n and is prone to multiple denial-of-service vulnerabilities.", "published": "2015-01-14T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805322", "cvelist": ["CVE-2015-0560", "CVE-2015-0563", "CVE-2015-0562", "CVE-2015-0564", "CVE-2015-0559", "CVE-2015-0561"], "lastseen": "2017-07-17T10:52:07"}, {"id": "OPENVAS:1361412562310805323", "type": "openvas", "title": "Wireshark Multiple Denial-of-Service Vulnerabilities -01 Jan15 (Mac OS X)", "description": "This host is installed with Wireshark\n and is prone to multiple denial-of-service vulnerabilities.", "published": "2015-01-14T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805323", "cvelist": ["CVE-2015-0560", "CVE-2015-0563", "CVE-2015-0562", "CVE-2015-0564", "CVE-2015-0559", "CVE-2015-0561"], "lastseen": "2017-07-06T10:51:18"}, {"id": "OPENVAS:1361412562310123057", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2015-1460", "description": "Oracle Linux Local Security Checks ELSA-2015-1460", "published": "2015-10-06T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123057", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2015-2189", "CVE-2015-0562", "CVE-2014-8713", "CVE-2015-0564", "CVE-2014-8711", "CVE-2015-2191"], "lastseen": "2017-07-24T12:53:02"}, {"id": "OPENVAS:1361412562310120505", "type": "openvas", "title": "Amazon Linux Local Check: ALAS-2015-580", "description": "Amazon Linux Local Security Checks", "published": "2015-09-08T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120505", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2015-2189", "CVE-2015-0562", "CVE-2014-8713", "CVE-2015-0564", "CVE-2014-8711", "CVE-2015-2191"], "lastseen": "2017-07-24T12:53:07"}, {"id": "OPENVAS:1361412562310871408", "type": "openvas", "title": "RedHat Update for wireshark RHSA-2015:1460-01", "description": "Check the version of wireshark", "published": "2015-07-23T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871408", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2015-2189", "CVE-2015-0562", "CVE-2014-8713", "CVE-2015-0564", "CVE-2014-8711", "CVE-2015-2191"], "lastseen": "2017-07-27T10:52:19"}, {"id": "OPENVAS:1361412562310871496", "type": "openvas", "title": "RedHat Update for wireshark RHSA-2015:2393-01", "description": "Check the version of wireshark", "published": "2015-11-20T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871496", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2015-3813", "CVE-2015-0563", "CVE-2015-2189", "CVE-2015-6243", "CVE-2015-6246", "CVE-2015-6245", "CVE-2015-0562", "CVE-2014-8713", "CVE-2015-3182", "CVE-2015-0564", "CVE-2015-2188", "CVE-2014-8711", "CVE-2015-3810", "CVE-2015-3812", "CVE-2015-6244", "CVE-2015-6248", "CVE-2015-2191", "CVE-2015-3811"], "lastseen": "2017-07-27T10:53:37"}, {"id": "OPENVAS:1361412562310122747", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2015-2393", "description": "Oracle Linux Local Security Checks ELSA-2015-2393", "published": "2015-11-24T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122747", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2015-3813", "CVE-2015-0563", "CVE-2015-2189", "CVE-2015-6243", "CVE-2015-6246", "CVE-2015-6245", "CVE-2015-0562", "CVE-2014-8713", "CVE-2015-3182", "CVE-2015-0564", "CVE-2015-2188", "CVE-2014-8711", "CVE-2015-3810", "CVE-2015-3812", "CVE-2015-6244", "CVE-2015-6248", "CVE-2015-2191", "CVE-2015-3811"], "lastseen": "2017-07-24T12:52:41"}], "nessus": [{"id": "DEBIAN_DSA-3141.NASL", "type": "nessus", "title": "Debian DSA-3141-1 : wireshark - security update", "description": "Multiple vulnerabilities were discovered in the dissectors/parsers for SSL/TLS and DEC DNA, which could result in denial of service.", "published": "2015-01-28T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=81028", "cvelist": ["CVE-2015-0562", "CVE-2015-0564"], "lastseen": "2017-10-29T13:45:03"}, {"id": "MANDRIVA_MDVSA-2015-022.NASL", "type": "nessus", "title": "Mandriva Linux Security Advisory : wireshark (MDVSA-2015:022)", "description": "Updated wireshark packages fix security vulnerabilities :\n\nThe DEC DNA Routing Protocol dissector could crash (CVE-2015-0562).\n\nThe SMTP dissector could crash (CVE-2015-0563).\n\nWireshark could crash while decypting TLS/SSL sessions (CVE-2015-0564).", "published": "2015-01-13T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=80468", "cvelist": ["CVE-2015-0563", "CVE-2015-0562", "CVE-2015-0564"], "lastseen": "2017-10-29T13:44:52"}, {"id": "SUSE_11_WIRESHARK-150205.NASL", "type": "nessus", "title": "SuSE 11.3 Security Update : wireshark (SAT Patch Number 10279)", "description": "wireshark has been updated to version 1.10.12 to fix six security issues :\n\n - The WCCP dissector could crash. (bnc#912365).\n (CVE-2015-0559 / CVE-2015-0560)\n\n - The LPP dissector could crash. (bnc#912368).\n (CVE-2015-0561)\n\n - The DEC DNA Routing Protocol dissector could crash.\n (bnc#912369). (CVE-2015-0562)\n\n - The SMTP dissector could crash. (bnc#912370).\n (CVE-2015-0563)\n\n - Wireshark could crash while decypting TLS/SSL sessions (bnc#912372) Further bug fixes and updated protocol support as listed in:. (CVE-2015-0564)\n\nhttps://www.wireshark.org/docs/relnotes/wireshark-1.10.12.html", "published": "2015-03-05T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=81642", "cvelist": ["CVE-2015-0560", "CVE-2015-0563", "CVE-2015-0562", "CVE-2015-0564", "CVE-2015-0559", "CVE-2015-0561"], "lastseen": "2017-10-29T13:41:49"}, {"id": "WIRESHARK_1_12_3.NASL", "type": "nessus", "title": "Wireshark 1.10.x < 1.10.12 / 1.12.x < 1.12.3 Multiple DoS Vulnerabilities", "description": "The remote Windows host has a version of Wireshark installed that is 1.10.x prior to 1.10.12 or 1.12.x prior to 1.12.3. It is, therefore, affected by multiple denial of service vulnerabilities in the following dissectors :\n\n - DEC DNA Routing (CVE-2015-0562)\n - LPP (CVE-2015-0561)\n - SMTP (CVE-2015-0563)\n - WCCP (CVE-2015-0559, CVE-2015-0560)\n\n - A denial of service vulnerability also exists related to a buffer underflow error in TLS/SSL session decryption.\n (CVE-2015-0564)\n\nA remote attacker, using a specially crafted packet or malformed pcap file, can exploit these to cause the application to crash.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "published": "2015-01-12T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=80459", "cvelist": ["CVE-2015-0560", "CVE-2015-0563", "CVE-2015-0562", "CVE-2015-0564", "CVE-2015-0559", "CVE-2015-0561"], "lastseen": "2017-10-29T13:36:53"}, {"id": "OPENSUSE-2015-52.NASL", "type": "nessus", "title": "openSUSE Security Update : wireshark (openSUSE-SU-2015:0113-1)", "description": "This update fixes the following security issues :\n\n + The WCCP dissector could crash wnpa-sec-2015-01 CVE-2015-0559 CVE-2015-0560 [boo#912365]\n\n + The LPP dissector could crash. wnpa-sec-2015-02 CVE-2015-0561 [boo#912368]\n\n + The DEC DNA Routing Protocol dissector could crash.\n wnpa-sec-2015-03 CVE-2015-0562 [boo#912369]\n\n + The SMTP dissector could crash. wnpa-sec-2015-04 CVE-2015-0563 [boo#912370]\n\n + Wireshark could crash while decypting TLS/SSL sessions.\n wnpa-sec-2015-05 CVE-2015-0564 [boo#912372]", "published": "2015-01-26T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=80986", "cvelist": ["CVE-2015-0560", "CVE-2015-0563", "CVE-2015-0562", "CVE-2015-0564", "CVE-2015-0559", "CVE-2015-0561"], "lastseen": "2017-10-29T13:37:11"}, {"id": "REDHAT-RHSA-2015-1460.NASL", "type": "nessus", "title": "RHEL 6 : wireshark (RHSA-2015:1460)", "description": "Updated wireshark packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nWireshark, previously known as Ethereal, is a network protocol analyzer, which is used to capture and browse the traffic running on a computer network.\n\nSeveral denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2014-8714, CVE-2014-8712, CVE-2014-8713, CVE-2014-8711, CVE-2014-8710, CVE-2015-0562, CVE-2015-0564, CVE-2015-2189, CVE-2015-2191)\n\nThis update also fixes the following bugs :\n\n* Previously, the Wireshark tool did not support Advanced Encryption Standard Galois/Counter Mode (AES-GCM) cryptographic algorithm. As a consequence, AES-GCM was not decrypted. Support for AES-GCM has been added to Wireshark, and AES-GCM is now correctly decrypted.\n(BZ#1095065)\n\n* Previously, when installing the system using the kickstart method, a dependency on the shadow-utils packages was missing from the wireshark packages, which could cause the installation to fail with a 'bad scriptlet' error message. With this update, shadow-utils are listed as required in the wireshark packages spec file, and kickstart installation no longer fails. (BZ#1121275)\n\n* Prior to this update, the Wireshark tool could not decode types of elliptic curves in Datagram Transport Layer Security (DTLS) Client Hello. Consequently, Wireshark incorrectly displayed elliptic curves types as data. A patch has been applied to address this bug, and Wireshark now decodes elliptic curves types properly. (BZ#1131203)\n\n* Previously, a dependency on the gtk2 packages was missing from the wireshark packages. As a consequence, the Wireshark tool failed to start under certain circumstances due to an unresolved symbol, 'gtk_combo_box_text_new_with_entry', which was added in gtk version 2.24. With this update, a dependency on gtk2 has been added, and Wireshark now always starts as expected. (BZ#1160388)\n\nIn addition, this update adds the following enhancements :\n\n* With this update, the Wireshark tool supports process substitution, which feeds the output of a process (or processes) into the standard input of another process using the '<(command_list)' syntax. When using process substitution with large files as input, Wireshark failed to decode such input. (BZ#1104210)\n\n* Wireshark has been enhanced to enable capturing packets with nanosecond time stamp precision, which allows better analysis of recorded network traffic. (BZ#1146578)\n\nAll wireshark users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements. All running instances of Wireshark must be restarted for the update to take effect.", "published": "2015-07-23T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=84952", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2015-2189", "CVE-2015-0562", "CVE-2014-8713", "CVE-2015-0564", "CVE-2014-8711", "CVE-2015-2191"], "lastseen": "2017-10-29T13:33:36"}, {"id": "ORACLELINUX_ELSA-2015-1460.NASL", "type": "nessus", "title": "Oracle Linux 6 : wireshark (ELSA-2015-1460)", "description": "From Red Hat Security Advisory 2015:1460 :\n\nUpdated wireshark packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nWireshark, previously known as Ethereal, is a network protocol analyzer, which is used to capture and browse the traffic running on a computer network.\n\nSeveral denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2014-8714, CVE-2014-8712, CVE-2014-8713, CVE-2014-8711, CVE-2014-8710, CVE-2015-0562, CVE-2015-0564, CVE-2015-2189, CVE-2015-2191)\n\nThis update also fixes the following bugs :\n\n* Previously, the Wireshark tool did not support Advanced Encryption Standard Galois/Counter Mode (AES-GCM) cryptographic algorithm. As a consequence, AES-GCM was not decrypted. Support for AES-GCM has been added to Wireshark, and AES-GCM is now correctly decrypted.\n(BZ#1095065)\n\n* Previously, when installing the system using the kickstart method, a dependency on the shadow-utils packages was missing from the wireshark packages, which could cause the installation to fail with a 'bad scriptlet' error message. With this update, shadow-utils are listed as required in the wireshark packages spec file, and kickstart installation no longer fails. (BZ#1121275)\n\n* Prior to this update, the Wireshark tool could not decode types of elliptic curves in Datagram Transport Layer Security (DTLS) Client Hello. Consequently, Wireshark incorrectly displayed elliptic curves types as data. A patch has been applied to address this bug, and Wireshark now decodes elliptic curves types properly. (BZ#1131203)\n\n* Previously, a dependency on the gtk2 packages was missing from the wireshark packages. As a consequence, the Wireshark tool failed to start under certain circumstances due to an unresolved symbol, 'gtk_combo_box_text_new_with_entry', which was added in gtk version 2.24. With this update, a dependency on gtk2 has been added, and Wireshark now always starts as expected. (BZ#1160388)\n\nIn addition, this update adds the following enhancements :\n\n* With this update, the Wireshark tool supports process substitution, which feeds the output of a process (or processes) into the standard input of another process using the '<(command_list)' syntax. When using process substitution with large files as input, Wireshark failed to decode such input. (BZ#1104210)\n\n* Wireshark has been enhanced to enable capturing packets with nanosecond time stamp precision, which allows better analysis of recorded network traffic. (BZ#1146578)\n\nAll wireshark users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements. All running instances of Wireshark must be restarted for the update to take effect.", "published": "2015-07-30T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=85112", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2015-2189", "CVE-2015-0562", "CVE-2014-8713", "CVE-2015-0564", "CVE-2014-8711", "CVE-2015-2191"], "lastseen": "2017-10-29T13:43:54"}, {"id": "ALA_ALAS-2015-580.NASL", "type": "nessus", "title": "Amazon Linux AMI : wireshark (ALAS-2015-580)", "description": "Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2014-8714 , CVE-2014-8712 , CVE-2014-8713 , CVE-2014-8711 , CVE-2014-8710 , CVE-2015-0562 , CVE-2015-0564 , CVE-2015-2189 , CVE-2015-2191)", "published": "2015-08-18T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=85453", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2015-2189", "CVE-2015-0562", "CVE-2014-8713", "CVE-2015-0564", "CVE-2014-8711", "CVE-2015-2191"], "lastseen": "2018-04-19T08:12:23"}, {"id": "CENTOS_RHSA-2015-1460.NASL", "type": "nessus", "title": "CentOS 6 : wireshark (CESA-2015:1460)", "description": "Updated wireshark packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nWireshark, previously known as Ethereal, is a network protocol analyzer, which is used to capture and browse the traffic running on a computer network.\n\nSeveral denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2014-8714, CVE-2014-8712, CVE-2014-8713, CVE-2014-8711, CVE-2014-8710, CVE-2015-0562, CVE-2015-0564, CVE-2015-2189, CVE-2015-2191)\n\nThis update also fixes the following bugs :\n\n* Previously, the Wireshark tool did not support Advanced Encryption Standard Galois/Counter Mode (AES-GCM) cryptographic algorithm. As a consequence, AES-GCM was not decrypted. Support for AES-GCM has been added to Wireshark, and AES-GCM is now correctly decrypted.\n(BZ#1095065)\n\n* Previously, when installing the system using the kickstart method, a dependency on the shadow-utils packages was missing from the wireshark packages, which could cause the installation to fail with a 'bad scriptlet' error message. With this update, shadow-utils are listed as required in the wireshark packages spec file, and kickstart installation no longer fails. (BZ#1121275)\n\n* Prior to this update, the Wireshark tool could not decode types of elliptic curves in Datagram Transport Layer Security (DTLS) Client Hello. Consequently, Wireshark incorrectly displayed elliptic curves types as data. A patch has been applied to address this bug, and Wireshark now decodes elliptic curves types properly. (BZ#1131203)\n\n* Previously, a dependency on the gtk2 packages was missing from the wireshark packages. As a consequence, the Wireshark tool failed to start under certain circumstances due to an unresolved symbol, 'gtk_combo_box_text_new_with_entry', which was added in gtk version 2.24. With this update, a dependency on gtk2 has been added, and Wireshark now always starts as expected. (BZ#1160388)\n\nIn addition, this update adds the following enhancements :\n\n* With this update, the Wireshark tool supports process substitution, which feeds the output of a process (or processes) into the standard input of another process using the '<(command_list)' syntax. When using process substitution with large files as input, Wireshark failed to decode such input. (BZ#1104210)\n\n* Wireshark has been enhanced to enable capturing packets with nanosecond time stamp precision, which allows better analysis of recorded network traffic. (BZ#1146578)\n\nAll wireshark users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements. All running instances of Wireshark must be restarted for the update to take effect.", "published": "2015-07-28T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=85026", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2015-2189", "CVE-2015-0562", "CVE-2014-8713", "CVE-2015-0564", "CVE-2014-8711", "CVE-2015-2191"], "lastseen": "2017-10-29T13:42:56"}, {"id": "SL_20150722_WIRESHARK_ON_SL6_X.NASL", "type": "nessus", "title": "Scientific Linux Security Update : wireshark on SL6.x i386/x86_64", "description": "Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2014-8714, CVE-2014-8712, CVE-2014-8713, CVE-2014-8711, CVE-2014-8710, CVE-2015-0562, CVE-2015-0564, CVE-2015-2189, CVE-2015-2191)\n\nThis update also fixes the following bugs :\n\n - Previously, the Wireshark tool did not support Advanced Encryption Standard Galois/Counter Mode (AES-GCM) cryptographic algorithm. As a consequence, AES-GCM was not decrypted. Support for AES-GCM has been added to Wireshark, and AES-GCM is now correctly decrypted.\n\n - Previously, when installing the system using the kickstart method, a dependency on the shadow-utils packages was missing from the wireshark packages, which could cause the installation to fail with a 'bad scriptlet' error message. With this update, shadow-utils are listed as required in the wireshark packages spec file, and kickstart installation no longer fails.\n\n - Prior to this update, the Wireshark tool could not decode types of elliptic curves in Datagram Transport Layer Security (DTLS) Client Hello. Consequently, Wireshark incorrectly displayed elliptic curves types as data. A patch has been applied to address this bug, and Wireshark now decodes elliptic curves types properly.\n\n - Previously, a dependency on the gtk2 packages was missing from the wireshark packages. As a consequence, the Wireshark tool failed to start under certain circumstances due to an unresolved symbol, 'gtk_combo_box_text_new_with_entry', which was added in gtk version 2.24. With this update, a dependency on gtk2 has been added, and Wireshark now always starts as expected.\n\nIn addition, this update adds the following enhancements :\n\n - With this update, the Wireshark tool supports process substitution, which feeds the output of a process (or processes) into the standard input of another process using the '<(command_list)' syntax. When using process substitution with large files as input, Wireshark failed to decode such input.\n\n - Wireshark has been enhanced to enable capturing packets with nanosecond time stamp precision, which allows better analysis of recorded network traffic.\n\nAll running instances of Wireshark must be restarted for the update to take effect.", "published": "2015-08-04T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=85208", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2015-2189", "CVE-2015-0562", "CVE-2014-8713", "CVE-2015-0564", "CVE-2014-8711", "CVE-2015-2191"], "lastseen": "2017-10-29T13:43:58"}], "debian": [{"id": "DSA-3141", "type": "debian", "title": "wireshark -- security update", "description": "Multiple vulnerabilities were discovered in the dissectors/parsers for SSL/TLS and DEC DNA, which could result in denial of service.\n\nFor the stable distribution (wheezy), these problems have been fixed in version 1.8.2-5wheezy14.\n\nFor the upcoming stable distribution (jessie), these problems have been fixed in version 1.12.1+g01b65bf-3.\n\nFor the unstable distribution (sid), these problems have been fixed in version 1.12.1+g01b65bf-3.\n\nWe recommend that you upgrade your wireshark packages.", "published": "2015-01-27T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://www.debian.org/security/dsa-3141", "cvelist": ["CVE-2015-0562", "CVE-2015-0564"], "lastseen": "2016-09-02T18:27:10"}, {"id": "DLA-198", "type": "debian", "title": "wireshark -- LTS security update", "description": "The following vulnerabilities were discovered in the Squeeze's Wireshark version:\n\n * [CVE-2015-2188](<https://security-tracker.debian.org/tracker/CVE-2015-2188>) The WCP dissector could crash\n * [CVE-2015-0564](<https://security-tracker.debian.org/tracker/CVE-2015-0564>) Wireshark could crash while decypting TLS/SSL sessions\n * [CVE-2015-0562](<https://security-tracker.debian.org/tracker/CVE-2015-0562>) The DEC DNA Routing Protocol dissector could crash\n * [CVE-2014-8714](<https://security-tracker.debian.org/tracker/CVE-2014-8714>) TN5250 infinite loops\n * [CVE-2014-8713](<https://security-tracker.debian.org/tracker/CVE-2014-8713>) NCP crashes\n * [CVE-2014-8712](<https://security-tracker.debian.org/tracker/CVE-2014-8712>) NCP crashes\n * [CVE-2014-8711](<https://security-tracker.debian.org/tracker/CVE-2014-8711>) AMQP crash\n * [CVE-2014-8710](<https://security-tracker.debian.org/tracker/CVE-2014-8710>) SigComp UDVM buffer overflow\n * [CVE-2014-6432](<https://security-tracker.debian.org/tracker/CVE-2014-6432>) Sniffer file parser crash\n * [CVE-2014-6431](<https://security-tracker.debian.org/tracker/CVE-2014-6431>) Sniffer file parser crash\n * [CVE-2014-6430](<https://security-tracker.debian.org/tracker/CVE-2014-6430>) Sniffer file parser crash\n * [CVE-2014-6429](<https://security-tracker.debian.org/tracker/CVE-2014-6429>) Sniffer file parser crash\n * [CVE-2014-6428](<https://security-tracker.debian.org/tracker/CVE-2014-6428>) SES dissector crash\n * [CVE-2014-6423](<https://security-tracker.debian.org/tracker/CVE-2014-6423>) MEGACO dissector infinite loop\n * [CVE-2014-6422](<https://security-tracker.debian.org/tracker/CVE-2014-6422>) RTP dissector crash\n\nSince back-porting upstream patches to 1.2.11-6+squeeze15 did not fix all the outstanding issues and some issues are not even tracked publicly the LTS Team decided to sync squeeze-lts's wireshark package with wheezy-security to provide the best possible security support.\n\nNote that upgrading Wireshark from 1.2.x to 1.8.x introduces several backward-incompatible changes in package structure, shared library API/ABI, availability of dissectors and in syntax of command line parameters.", "published": "2015-04-22T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://www.debian.org/security/2015/dla-198", "cvelist": ["CVE-2014-8710", "CVE-2014-6431", "CVE-2014-8712", "CVE-2014-8714", "CVE-2014-6432", "CVE-2015-0562", "CVE-2014-6422", "CVE-2014-8713", "CVE-2015-0564", "CVE-2015-2188", "CVE-2014-6430", "CVE-2014-8711", "CVE-2014-6428", "CVE-2014-6423", "CVE-2015-2191", "CVE-2014-6429"], "lastseen": "2016-09-02T12:56:45"}], "kaspersky": [{"id": "KLA10453", "type": "kaspersky", "title": "\r KLA10453Multiple vulnerabilities in Wireshark\t\t\t ", "description": "### *CVSS*:\n5.0\n\n### *Detect date*:\n01/07/2015\n\n### *Severity*:\nWarning\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service. These vulnerabilities can be exploited via a specially designed packet.\n\n### *Affected products*:\nWireshark 1.12 versions earlier than 1.12.3 \nWireshark 1.10 versions earlier than 1.10.12\n\n### *Solution*:\nUpdate to latest version \n[Get Wireshark](<https://www.wireshark.org/download.html>)\n\n### *Impacts*:\nDoS \n\n### *Related products*:\n[Wireshark](<https://threats.kaspersky.com/en/product/Wireshark/>)\n\n### *CVE-IDS*:\n[CVE-2015-0564](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0564>) \n[CVE-2015-0563](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0563>) \n[CVE-2015-0562](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0562>) \n[CVE-2015-0561](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0561>) \n[CVE-2015-0560](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0560>) \n[CVE-2015-0559](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0559>)", "published": "2015-01-07T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://threats.kaspersky.com/en/vulnerability/KLA10453", "cvelist": ["CVE-2015-0560", "CVE-2015-0563", "CVE-2015-0562", "CVE-2015-0564", "CVE-2015-0559", "CVE-2015-0561"], "lastseen": "2018-03-30T14:11:41"}], "redhat": [{"id": "RHSA-2015:1460", "type": "redhat", "title": "(RHSA-2015:1460) Moderate: wireshark security, bug fix, and enhancement update", "description": "Wireshark, previously known as Ethereal, is a network protocol analyzer,\nwhich is used to capture and browse the traffic running on a computer\nnetwork.\n\nSeveral denial of service flaws were found in Wireshark. Wireshark could\ncrash or stop responding if it read a malformed packet off a network, or\nopened a malicious dump file. (CVE-2014-8714, CVE-2014-8712, CVE-2014-8713,\nCVE-2014-8711, CVE-2014-8710, CVE-2015-0562, CVE-2015-0564, CVE-2015-2189,\nCVE-2015-2191)\n\nThis update also fixes the following bugs:\n\n* Previously, the Wireshark tool did not support Advanced Encryption\nStandard Galois/Counter Mode (AES-GCM) cryptographic algorithm. As a\nconsequence, AES-GCM was not decrypted. Support for AES-GCM has been added\nto Wireshark, and AES-GCM is now correctly decrypted. (BZ#1095065)\n\n* Previously, when installing the system using the kickstart method, a\ndependency on the shadow-utils packages was missing from the wireshark\npackages, which could cause the installation to fail with a \"bad scriptlet\"\nerror message. With this update, shadow-utils are listed as required in the\nwireshark packages spec file, and kickstart installation no longer fails.\n(BZ#1121275)\n\n* Prior to this update, the Wireshark tool could not decode types of\nelliptic curves in Datagram Transport Layer Security (DTLS) Client Hello.\nConsequently, Wireshark incorrectly displayed elliptic curves types as\ndata. A patch has been applied to address this bug, and Wireshark now\ndecodes elliptic curves types properly. (BZ#1131203)\n\n* Previously, a dependency on the gtk2 packages was missing from the\nwireshark packages. As a consequence, the Wireshark tool failed to start\nunder certain circumstances due to an unresolved symbol,\n\"gtk_combo_box_text_new_with_entry\", which was added in gtk version 2.24.\nWith this update, a dependency on gtk2 has been added, and Wireshark now\nalways starts as expected. (BZ#1160388)\n\nIn addition, this update adds the following enhancements:\n\n* With this update, the Wireshark tool supports process substitution, which\nfeeds the output of a process (or processes) into the standard input of\nanother process using the \"<(command_list)\" syntax. When using process\nsubstitution with large files as input, Wireshark failed to decode such\ninput. (BZ#1104210)\n\n* Wireshark has been enhanced to enable capturing packets with nanosecond\ntime stamp precision, which allows better analysis of recorded network\ntraffic. (BZ#1146578)\n\nAll wireshark users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues and add these\nenhancements. All running instances of Wireshark must be restarted for the\nupdate to take effect.\n", "published": "2015-07-22T04:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2015:1460", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2015-2189", "CVE-2015-0562", "CVE-2014-8713", "CVE-2015-0564", "CVE-2014-8711", "CVE-2015-2191"], "lastseen": "2017-03-07T05:18:51"}, {"id": "RHSA-2015:2393", "type": "redhat", "title": "(RHSA-2015:2393) Moderate: wireshark security, bug fix, and enhancement update", "description": "The wireshark packages contain a network protocol analyzer used to capture\nand browse the traffic running on a computer network.\n\nSeveral denial of service flaws were found in Wireshark. Wireshark could\ncrash or stop responding if it read a malformed packet off a network, or\nopened a malicious dump file. (CVE-2015-2188, CVE-2015-2189, CVE-2015-2191,\nCVE-2015-3810, CVE-2015-3811, CVE-2015-3812, CVE-2015-3813, CVE-2014-8710,\nCVE-2014-8711, CVE-2014-8712, CVE-2014-8713, CVE-2014-8714, CVE-2015-0562,\nCVE-2015-0563, CVE-2015-0564, CVE-2015-3182, CVE-2015-6243, CVE-2015-6244,\nCVE-2015-6245, CVE-2015-6246, CVE-2015-6248)\n\nThe CVE-2015-3182 issue was discovered by Martin \u017dember of Red Hat.\n\nThe wireshark packages have been upgraded to upstream version 1.10.14,\nwhich provides a number of bug fixes and enhancements over the previous\nversion. (BZ#1238676)\n\nThis update also fixes the following bug:\n\n* Prior to this update, when using the tshark utility to capture packets\nover the interface, tshark failed to create output files in the .pcap\nformat even if it was specified using the \"-F\" option. This bug has been\nfixed, the \"-F\" option is now honored, and the result saved in the .pcap\nformat as expected. (BZ#1227199)\n\nIn addition, this update adds the following enhancement:\n\n* Previously, wireshark included only microseconds in the .pcapng format.\nWith this update, wireshark supports nanosecond time stamp precision to\nallow for more accurate time stamps. (BZ#1213339)\n\nAll wireshark users are advised to upgrade to these updated packages, which\ncorrect these issues and add these enhancements. All running instances of\nWireshark must be restarted for the update to take effect.", "published": "2015-11-19T18:43:56", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2015:2393", "cvelist": ["CVE-2014-8710", "CVE-2014-8711", "CVE-2014-8712", "CVE-2014-8713", "CVE-2014-8714", "CVE-2015-0562", "CVE-2015-0563", "CVE-2015-0564", "CVE-2015-2188", "CVE-2015-2189", "CVE-2015-2191", "CVE-2015-3182", "CVE-2015-3810", "CVE-2015-3811", "CVE-2015-3812", "CVE-2015-3813", "CVE-2015-6243", "CVE-2015-6244", "CVE-2015-6245", "CVE-2015-6246", "CVE-2015-6248"], "lastseen": "2018-04-15T14:25:46"}], "oraclelinux": [{"id": "ELSA-2015-1460", "type": "oraclelinux", "title": "wireshark security, bug fix, and enhancement update", "description": "[1.8.10-17.0.2]\n- Fix ocfs2 dissector (John Haxby) [orabug 21505640]\n[1.8.10-17.0.1.el6]\n- Add oracle-ocfs2-network.patch to allow disassembly of OCFS2 interconnect\n[1.8.10-17]\n- security patches\n- Resolves: CVE-2015-2189\n CVE-2015-2191\n[1.8.10-16]\n- security patches\n- Resolves: CVE-2014-8710\n CVE-2014-8711\n CVE-2014-8712\n CVE-2014-8713\n CVE-2014-8714\n CVE-2015-0562\n CVE-2015-0564\n[1.8.10-15]\n- fix AES-GCM decoding\n- Related: rhbz#1095065\n[1.8.10-14]\n- fix requires: shadow-utils\n- Resolves: rhbz#1121275\n[1.8.10-13]\n- add elliptic curves decoding in DTLS HELLO\n- Resolves: rhbz#1131203\n[1.8.10-12]\n- add AES-GCM decryption\n- Resolves: rhbz#1095065\n[1.8.10-11]\n- fix reading from pipes\n- Resolves: rhbz#1104210\n[1.8.10-10]\n- introduced nanosecond time precision\n- Resolves: rhbz#1146578\n[1.8.10-9]\n- fix gtk2 required version\n- Resolves: rhbz#1160388", "published": "2015-07-28T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://linux.oracle.com/errata/ELSA-2015-1460.html", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2015-2189", "CVE-2015-0562", "CVE-2014-8713", "CVE-2015-0564", "CVE-2014-8711", "CVE-2015-2191"], "lastseen": "2016-09-04T11:17:12"}, {"id": "ELSA-2015-2393", "type": "oraclelinux", "title": "wireshark security, bug fix, and enhancement update", "description": "[1.10.14-7.0.1]\n- Add oracle-ocfs2-network.patch to allow disassembly of OCFS2 interconnect\n[1.10.14-7]\n- Rebase some tvbuff API from upstream to 1.10.14\n- Fixes crash when tvb_length_remaining() is used\n- Related: CVE-2015-6244\n[1.10.14-6]\n- Security patch\n- Resolves: CVE-2015-3182\n[1.10.14-5]\n- Fix crash caused by -DGDK_PIXBUF_DEPRECATED on startup\n- Resolves: rhbz#1267959\n[1.10.14-4]\n- Security patches\n- Resolves: CVE-2015-6243\n CVE-2015-6244\n CVE-2015-6245\n CVE-2015-6246\n CVE-2015-6248\n[1.10.14-3]\n- Security patches\n- Resolves: CVE-2015-3810\n CVE-2015-3813\n[1.10.14-2]\n- Add certificate verify message decoding in TLS extension\n- Resolves: #1239150\n[1.10.14-1]\n- Upgrade to 1.10.14\n- Resolves: #1238676\n[1.10.3-20]\n- add master secret extension decoding in TLS extension\n- add encrypt-then-mac extension decoding in TLS extension\n- Resolves: #1222901\n[1.10.3-19]\n- create pcap file if -F pcap specified\n- Resolves: #1227199\n[1.10.3-18]\n- add key exchange algorithms decoding in TLS extension\n- Resolves: #1222600\n[1.10.3-17]\n- add signature algorithms decoding in TLS extension\n- Resolves: #1221701\n[1.10.3-16]\n- add relro check\n- Resolves: #1092532\n[1.10.3-15]\n- add elliptic curves decoding in DTLS HELLO\n- Resolves: #1131202\n[1.10.3-14]\n- introduced nanosecond time precision\n- Resolves: #1213339\n[1.10.3-13]\n- security patches\n- Resolves: #1148267", "published": "2015-11-23T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2015-2393.html", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2015-3813", "CVE-2015-0563", "CVE-2015-2189", "CVE-2015-6243", "CVE-2015-6246", "CVE-2015-6245", "CVE-2015-0562", "CVE-2014-8713", "CVE-2015-3182", "CVE-2015-0564", "CVE-2015-2188", "CVE-2014-8711", "CVE-2015-3810", "CVE-2015-3812", "CVE-2015-6244", "CVE-2015-6248", "CVE-2015-2191", "CVE-2015-3811"], "lastseen": "2016-09-04T11:16:43"}], "centos": [{"id": "CESA-2015:1460", "type": "centos", "title": "wireshark security update", "description": "**CentOS Errata and Security Advisory** CESA-2015:1460\n\n\nWireshark, previously known as Ethereal, is a network protocol analyzer,\nwhich is used to capture and browse the traffic running on a computer\nnetwork.\n\nSeveral denial of service flaws were found in Wireshark. Wireshark could\ncrash or stop responding if it read a malformed packet off a network, or\nopened a malicious dump file. (CVE-2014-8714, CVE-2014-8712, CVE-2014-8713,\nCVE-2014-8711, CVE-2014-8710, CVE-2015-0562, CVE-2015-0564, CVE-2015-2189,\nCVE-2015-2191)\n\nThis update also fixes the following bugs:\n\n* Previously, the Wireshark tool did not support Advanced Encryption\nStandard Galois/Counter Mode (AES-GCM) cryptographic algorithm. As a\nconsequence, AES-GCM was not decrypted. Support for AES-GCM has been added\nto Wireshark, and AES-GCM is now correctly decrypted. (BZ#1095065)\n\n* Previously, when installing the system using the kickstart method, a\ndependency on the shadow-utils packages was missing from the wireshark\npackages, which could cause the installation to fail with a \"bad scriptlet\"\nerror message. With this update, shadow-utils are listed as required in the\nwireshark packages spec file, and kickstart installation no longer fails.\n(BZ#1121275)\n\n* Prior to this update, the Wireshark tool could not decode types of\nelliptic curves in Datagram Transport Layer Security (DTLS) Client Hello.\nConsequently, Wireshark incorrectly displayed elliptic curves types as\ndata. A patch has been applied to address this bug, and Wireshark now\ndecodes elliptic curves types properly. (BZ#1131203)\n\n* Previously, a dependency on the gtk2 packages was missing from the\nwireshark packages. As a consequence, the Wireshark tool failed to start\nunder certain circumstances due to an unresolved symbol,\n\"gtk_combo_box_text_new_with_entry\", which was added in gtk version 2.24.\nWith this update, a dependency on gtk2 has been added, and Wireshark now\nalways starts as expected. (BZ#1160388)\n\nIn addition, this update adds the following enhancements:\n\n* With this update, the Wireshark tool supports process substitution, which\nfeeds the output of a process (or processes) into the standard input of\nanother process using the \"<(command_list)\" syntax. When using process\nsubstitution with large files as input, Wireshark failed to decode such\ninput. (BZ#1104210)\n\n* Wireshark has been enhanced to enable capturing packets with nanosecond\ntime stamp precision, which allows better analysis of recorded network\ntraffic. (BZ#1146578)\n\nAll wireshark users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues and add these\nenhancements. All running instances of Wireshark must be restarted for the\nupdate to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-cr-announce/2015-July/002024.html\n\n**Affected packages:**\nwireshark\nwireshark-devel\nwireshark-gnome\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2015-1460.html", "published": "2015-07-26T14:12:34", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://lists.centos.org/pipermail/centos-cr-announce/2015-July/002024.html", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2015-2189", "CVE-2015-0562", "CVE-2014-8713", "CVE-2015-0564", "CVE-2014-8711", "CVE-2015-2191"], "lastseen": "2017-10-03T18:25:06"}, {"id": "CESA-2015:2393", "type": "centos", "title": "wireshark security update", "description": "**CentOS Errata and Security Advisory** CESA-2015:2393\n\n\nThe wireshark packages contain a network protocol analyzer used to capture\nand browse the traffic running on a computer network.\n\nSeveral denial of service flaws were found in Wireshark. Wireshark could\ncrash or stop responding if it read a malformed packet off a network, or\nopened a malicious dump file. (CVE-2015-2188, CVE-2015-2189, CVE-2015-2191,\nCVE-2015-3810, CVE-2015-3811, CVE-2015-3812, CVE-2015-3813, CVE-2014-8710,\nCVE-2014-8711, CVE-2014-8712, CVE-2014-8713, CVE-2014-8714, CVE-2015-0562,\nCVE-2015-0563, CVE-2015-0564, CVE-2015-3182, CVE-2015-6243, CVE-2015-6244,\nCVE-2015-6245, CVE-2015-6246, CVE-2015-6248)\n\nThe CVE-2015-3182 issue was discovered by Martin \u017dember of Red Hat.\n\nThe wireshark packages have been upgraded to upstream version 1.10.14,\nwhich provides a number of bug fixes and enhancements over the previous\nversion. (BZ#1238676)\n\nThis update also fixes the following bug:\n\n* Prior to this update, when using the tshark utility to capture packets\nover the interface, tshark failed to create output files in the .pcap\nformat even if it was specified using the \"-F\" option. This bug has been\nfixed, the \"-F\" option is now honored, and the result saved in the .pcap\nformat as expected. (BZ#1227199)\n\nIn addition, this update adds the following enhancement:\n\n* Previously, wireshark included only microseconds in the .pcapng format.\nWith this update, wireshark supports nanosecond time stamp precision to\nallow for more accurate time stamps. (BZ#1213339)\n\nAll wireshark users are advised to upgrade to these updated packages, which\ncorrect these issues and add these enhancements. All running instances of\nWireshark must be restarted for the update to take effect.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-cr-announce/2015-November/002675.html\n\n**Affected packages:**\nwireshark\nwireshark-devel\nwireshark-gnome\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2015-2393.html", "published": "2015-11-30T19:55:40", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://lists.centos.org/pipermail/centos-cr-announce/2015-November/002675.html", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2015-3813", "CVE-2015-0563", "CVE-2015-2189", "CVE-2015-6243", "CVE-2015-6246", "CVE-2015-6245", "CVE-2015-0562", "CVE-2014-8713", "CVE-2015-3182", "CVE-2015-0564", "CVE-2015-2188", "CVE-2014-8711", "CVE-2015-3810", "CVE-2015-3812", "CVE-2015-6244", "CVE-2015-6248", "CVE-2015-2191", "CVE-2015-3811"], "lastseen": "2017-10-03T18:25:05"}], "amazon": [{"id": "ALAS-2015-580", "type": "amazon", "title": "Medium: wireshark", "description": "**Issue Overview:**\n\nSeveral denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. ([CVE-2014-8714 __](<https://access.redhat.com/security/cve/CVE-2014-8714>), [CVE-2014-8712 __](<https://access.redhat.com/security/cve/CVE-2014-8712>), [CVE-2014-8713 __](<https://access.redhat.com/security/cve/CVE-2014-8713>), [CVE-2014-8711 __](<https://access.redhat.com/security/cve/CVE-2014-8711>), [CVE-2014-8710 __](<https://access.redhat.com/security/cve/CVE-2014-8710>), [CVE-2015-0562 __](<https://access.redhat.com/security/cve/CVE-2015-0562>), [CVE-2015-0564 __](<https://access.redhat.com/security/cve/CVE-2015-0564>), [CVE-2015-2189 __](<https://access.redhat.com/security/cve/CVE-2015-2189>), [CVE-2015-2191 __](<https://access.redhat.com/security/cve/CVE-2015-2191>))\n\n \n**Affected Packages:** \n\n\nwireshark\n\n \n**Issue Correction:** \nRun _yum update wireshark_ to update your system. \n\n \n**New Packages:**\n \n \n i686: \n wireshark-debuginfo-1.8.10-17.19.amzn1.i686 \n wireshark-1.8.10-17.19.amzn1.i686 \n wireshark-devel-1.8.10-17.19.amzn1.i686 \n \n src: \n wireshark-1.8.10-17.19.amzn1.src \n \n x86_64: \n wireshark-debuginfo-1.8.10-17.19.amzn1.x86_64 \n wireshark-1.8.10-17.19.amzn1.x86_64 \n wireshark-devel-1.8.10-17.19.amzn1.x86_64 \n \n \n", "published": "2015-08-17T12:29:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://alas.aws.amazon.com/ALAS-2015-580.html", "cvelist": ["CVE-2014-8710", "CVE-2014-8712", "CVE-2014-8714", "CVE-2015-2189", "CVE-2015-0562", "CVE-2014-8713", "CVE-2015-0564", "CVE-2014-8711", "CVE-2015-2191"], "lastseen": "2016-09-28T21:04:12"}]}}
