ID CVE-2015-8718 Type cve Reporter NVD Modified 2016-12-07T13:29:33
Description
Double free vulnerability in epan/dissectors/packet-nlm.c in the NLM dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1, when the "Match MSG/RES packets for async NLM" option is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted packet.
{"title": "CVE-2015-8718", "reporter": "NVD", "enchantments": {"vulnersScore": 5.0}, "published": "2016-01-04T00:59:08", "cvelist": ["CVE-2015-8718"], "viewCount": 2, "objectVersion": "1.2", "type": "cve", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8718", "bulletinFamily": "NVD", "hashmap": [{"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "e6770303fa1ed78636e6e92d859245fd", "key": "cpe"}, {"hash": "8a4b74e4f3f9fe9eaa0bfc8d280fa7cc", "key": "cvelist"}, {"hash": "3873c836ae45fd496c2b40bae50467ed", "key": "cvss"}, {"hash": "d3acc8f1728e18862f30efd31c9ec3cc", "key": "description"}, {"hash": "39ba57a30443d277d29054091ba2c55e", "key": "href"}, {"hash": "26805904651225511cd2998b4044cd30", "key": "modified"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "d92a06bbd27f2d0c7ee5273f034b0246", "key": "published"}, {"hash": "d83b609e00d1bfbc18dd3ae60c3a43dc", "key": "references"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "fb9202464667c10246e8cb7f4571d0db", "key": "title"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}], "history": [{"bulletin": {"reporter": "NVD", "published": "2016-01-04T00:59:08", "cvelist": ["CVE-2015-8718"], "title": "CVE-2015-8718", "objectVersion": "1.2", "type": "cve", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8718", "bulletinFamily": "NVD", "id": "CVE-2015-8718", "history": [], "scanner": [], "cpe": ["cpe:/a:wireshark:wireshark:1.12.8", "cpe:/a:wireshark:wireshark:1.12.5", "cpe:/a:wireshark:wireshark:2.0.0", "cpe:/a:wireshark:wireshark:1.12.6", "cpe:/a:wireshark:wireshark:1.12.2", "cpe:/a:wireshark:wireshark:1.12.1", "cpe:/a:wireshark:wireshark:1.12.3", "cpe:/a:wireshark:wireshark:1.12.7", "cpe:/a:wireshark:wireshark:1.12.4", "cpe:/a:wireshark:wireshark:1.12.0"], "modified": "2016-01-05T11:31:04", "hash": "745adc4872b13631eaf43be261710a7da828a512be808241cd098f4edd8e77ac", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "viewCount": 0, "edition": 1, "assessment": {"name": "", "href": "", "system": ""}, "references": ["http://www.wireshark.org/security/wnpa-sec-2015-37.html", "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=81dfe6d450ada42d12f20ac26a6d8ae2302df37e"], "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "d92a06bbd27f2d0c7ee5273f034b0246", "key": "published"}, {"hash": "39ba57a30443d277d29054091ba2c55e", "key": "href"}, {"hash": "fb9202464667c10246e8cb7f4571d0db", "key": "title"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "4a727ba281919a0db6fcab867bb25ea9", "key": "references"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "3873c836ae45fd496c2b40bae50467ed", "key": "cvss"}, {"hash": "78518342ca27094638c66c1c6733d8b2", "key": "modified"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "d3acc8f1728e18862f30efd31c9ec3cc", "key": "description"}, {"hash": "8a4b74e4f3f9fe9eaa0bfc8d280fa7cc", "key": "cvelist"}, {"hash": "e6770303fa1ed78636e6e92d859245fd", "key": "cpe"}], "lastseen": "2016-09-03T23:27:43", "description": "Double free vulnerability in epan/dissectors/packet-nlm.c in the NLM dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1, when the \"Match MSG/RES packets for async NLM\" option is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted packet."}, "differentElements": ["references", "modified"], "edition": 1, "lastseen": "2016-09-03T23:27:43"}], "scanner": [], "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "modified": "2016-12-07T13:29:33", "hash": "ce1c34314020a499359e8ca25b84869e45591b98d8f6717281e92940fe9f16c8", "cpe": ["cpe:/a:wireshark:wireshark:1.12.8", "cpe:/a:wireshark:wireshark:1.12.5", "cpe:/a:wireshark:wireshark:2.0.0", "cpe:/a:wireshark:wireshark:1.12.6", "cpe:/a:wireshark:wireshark:1.12.2", "cpe:/a:wireshark:wireshark:1.12.1", "cpe:/a:wireshark:wireshark:1.12.3", "cpe:/a:wireshark:wireshark:1.12.7", "cpe:/a:wireshark:wireshark:1.12.4", "cpe:/a:wireshark:wireshark:1.12.0"], "edition": 2, "description": "Double free vulnerability in epan/dissectors/packet-nlm.c in the NLM dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1, when the \"Match MSG/RES packets for async NLM\" option is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted packet.", "references": ["http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", "http://www.securityfocus.com/bid/79814", "https://security.gentoo.org/glsa/201604-05", "http://www.wireshark.org/security/wnpa-sec-2015-37.html", "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=81dfe6d450ada42d12f20ac26a6d8ae2302df37e", "http://www.debian.org/security/2016/dsa-3505", "http://www.securitytracker.com/id/1034551"], "id": "CVE-2015-8718", "lastseen": "2017-04-18T15:58:45", "assessment": {"name": "", "href": "", "system": ""}}
{"result": {"openvas": [{"id": "OPENVAS:1361412562310806946", "type": "openvas", "title": "Wireshark Multiple Denial-of-Service Vulnerabilities-02 January16 (Mac OS X)", "description": "This host is installed with Wireshark\n and is prone to multiple denial of service vulnerabilities.", "published": "2016-01-11T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310806946", "cvelist": ["CVE-2015-8730", "CVE-2015-8733", "CVE-2015-8722", "CVE-2015-8726", "CVE-2015-8731", "CVE-2015-8724", "CVE-2015-8723", "CVE-2015-8720", "CVE-2015-8725", "CVE-2015-8729", "CVE-2015-8721", "CVE-2015-8727", "CVE-2015-8728", "CVE-2015-8732", "CVE-2015-8711", "CVE-2015-8718"], "lastseen": "2017-07-02T21:13:00"}, {"id": "OPENVAS:1361412562310806945", "type": "openvas", "title": "Wireshark Multiple Denial-of-Service Vulnerabilities-02 January16 (Windows)", "description": "This host is installed with Wireshark\n and is prone to multiple denial of service vulnerabilities.", "published": "2016-01-11T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310806945", "cvelist": ["CVE-2015-8730", "CVE-2015-8733", "CVE-2015-8722", "CVE-2015-8726", "CVE-2015-8731", "CVE-2015-8724", "CVE-2015-8723", "CVE-2015-8720", "CVE-2015-8725", "CVE-2015-8729", "CVE-2015-8721", "CVE-2015-8727", "CVE-2015-8728", "CVE-2015-8732", "CVE-2015-8711", "CVE-2015-8718"], "lastseen": "2017-07-02T21:13:08"}, {"id": "OPENVAS:703505", "type": "openvas", "title": "Debian Security Advisory DSA 3505-1 (wireshark - security update)", "description": "Multiple vulnerabilities were\ndiscovered in the dissectors/parsers for Pcapng, NBAP, UMTS FP, DCOM, AllJoyn,\nT.38, SDP, NLM, DNS, BED, SCTP, 802.11, DIAMETER, VeriWave, RVSP, ANSi A, GSM A,\nAscend, NBAP, ZigBee ZCL and Sniffer which could result in denial of service.", "published": "2016-03-04T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=703505", "cvelist": ["CVE-2015-8713", "CVE-2015-8717", "CVE-2015-8730", "CVE-2015-8714", "CVE-2015-8733", "CVE-2015-8722", "CVE-2015-8719", "CVE-2015-8715", "CVE-2015-8726", "CVE-2015-8724", "CVE-2015-8723", "CVE-2015-8720", "CVE-2015-8725", "CVE-2015-8729", "CVE-2015-8721", "CVE-2015-8727", "CVE-2015-7830", "CVE-2015-8728", "CVE-2015-8712", "CVE-2015-8732", "CVE-2015-8716", "CVE-2015-8711", "CVE-2015-8718"], "lastseen": "2017-07-24T12:54:14"}, {"id": "OPENVAS:1361412562310703505", "type": "openvas", "title": "Debian Security Advisory DSA 3505-1 (wireshark - security update)", "description": "Multiple vulnerabilities were\ndiscovered in the dissectors/parsers for Pcapng, NBAP, UMTS FP, DCOM, AllJoyn,\nT.38, SDP, NLM, DNS, BED, SCTP, 802.11, DIAMETER, VeriWave, RVSP, ANSi A, GSM A,\nAscend, NBAP, ZigBee ZCL and Sniffer which could result in denial of service.", "published": "2016-03-04T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703505", "cvelist": ["CVE-2015-8713", "CVE-2015-8717", "CVE-2015-8730", "CVE-2015-8714", "CVE-2015-8733", "CVE-2015-8722", "CVE-2015-8719", "CVE-2015-8715", "CVE-2015-8726", "CVE-2015-8724", "CVE-2015-8723", "CVE-2015-8720", "CVE-2015-8725", "CVE-2015-8729", "CVE-2015-8721", "CVE-2015-8727", "CVE-2015-7830", "CVE-2015-8728", "CVE-2015-8712", "CVE-2015-8732", "CVE-2015-8716", "CVE-2015-8711", "CVE-2015-8718"], "lastseen": "2017-12-19T10:55:48"}, {"id": "OPENVAS:1361412562310121461", "type": "openvas", "title": "Gentoo Linux Local Check: https://security.gentoo.org/glsa/201604-05", "description": "Gentoo Linux Local Security Checks https://security.gentoo.org/glsa/201604-05", "published": "2016-05-09T00:00:00", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121461", "cvelist": ["CVE-2015-8713", "CVE-2015-8717", "CVE-2015-8741", "CVE-2015-8730", "CVE-2015-8714", "CVE-2015-8733", "CVE-2016-2531", "CVE-2015-8722", "CVE-2016-2527", "CVE-2016-2530", "CVE-2016-2524", "CVE-2015-8719", "CVE-2015-8715", "CVE-2015-8736", "CVE-2015-8726", "CVE-2016-2521", "CVE-2015-8731", "CVE-2015-8739", "CVE-2015-8724", "CVE-2015-8742", "CVE-2015-8738", "CVE-2016-2529", "CVE-2015-8723", "CVE-2015-8720", "CVE-2016-2528", "CVE-2016-2526", "CVE-2015-8725", "CVE-2015-8737", "CVE-2015-8735", "CVE-2015-8729", "CVE-2015-8721", "CVE-2015-8727", "CVE-2015-8728", "CVE-2016-2532", "CVE-2015-8712", "CVE-2016-2523", "CVE-2016-2525", "CVE-2016-2522", "CVE-2015-8732", "CVE-2015-8716", "CVE-2015-8734", "CVE-2015-8711", "CVE-2015-8740", "CVE-2015-8718"], "lastseen": "2017-12-08T11:51:09"}], "nessus": [{"id": "F5_BIGIP_SOL01837042.NASL", "type": "nessus", "title": "F5 Networks BIG-IP : Multiple Wireshark (tshark) vulnerabilities (K01837042)", "description": "CVE-2015-8711\n\nepan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate conversation data, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.\n\nCVE-2015-8714 The dissect_dcom_OBJREF function in epan/dissectors/packet-dcom.c in the DCOM dissector in Wireshark 1.12.x before 1.12.9 does not initialize a certain IPv4 data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.\n\nCVE-2015-8716 The init_t38_info_conv function in epan/dissectors/packet-t38.c in the T.38 dissector in Wireshark 1.12.x before 1.12.9 does not ensure that a conversation exists, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.\n\nCVE-2015-8717 The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.12.x before 1.12.9 does not prevent use of a negative media count, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.\n\nCVE-2015-8718 Double free vulnerability in epan/dissectors/packet-nlm.c in the NLM dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1, when the 'Match MSG/RES packets for async NLM' option is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted packet.\n\nCVE-2015-8720 The dissect_ber_GeneralizedTime function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly checks an sscanf return value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.\n\nCVE-2015-8721 Buffer overflow in the tvb_uncompress function in epan/tvbuff_zlib.c in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet with zlib compression.\n\nCVE-2015-8723 The AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationship between the total length and the capture length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.\n\nCVE-2015-8725 The dissect_diameter_base_framed_ipv6_prefix function in epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the IPv6 prefix length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.\n\nCVE-2015-8729 The ascend_seek function in wiretap/ascendtext.c in the Ascend file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not ensure the presence of a '\\0' character at the end of a date string, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.\n\nCVE-2015-8730 epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the number of items, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted packet.\n\nCVE-2015-8733 The ngsniffer_process_record function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.\n\nCVE-2016-2523 The dnp3_al_process_object function in epan/dissectors/packet-dnp.c in the DNP3 dissector in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.\n\nCVE-2016-4006 epan/proto.c in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not limit the protocol-tree depth, which allows remote attackers to cause a denial of service (stack memory consumption and application crash) via a crafted packet.\n\nCVE-2016-4078 The IEEE 802.11 dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not properly restrict element lists, which allows remote attackers to cause a denial of service (deep recursion and application crash) via a crafted packet, related to epan/dissectors/packet-capwap.c and epan/dissectors/packet-ieee80211.c.\n\nCVE-2016-4079 epan/dissectors/packet-pktc.c in the PKTC dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not verify BER identifiers, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) via a crafted packet.\n\nCVE-2016-4080 epan/dissectors/packet-pktc.c in the PKTC dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 misparses timestamp fields, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.\n\nCVE-2016-4081 epan/dissectors/packet-iax2.c in the IAX2 dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.\n\nCVE-2016-4085 Stack-based buffer overflow in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.12.x before 1.12.11 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long string in a packet.\n\nImpact\n\nIf Wireshark is launched manually by a user with Advanced Shell ( bash ) access, dissection of specially crafted packets could cause Wireshark to consume excessive resources. Wireshark is not part of normal BIG-IP operation; only users who actively run Wireshark are vulnerable.", "published": "2016-06-27T00:00:00", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=91838", "cvelist": ["CVE-2015-8717", "CVE-2015-8730", "CVE-2015-8714", "CVE-2015-8733", "CVE-2016-4081", "CVE-2016-4079", "CVE-2015-8723", "CVE-2015-8720", "CVE-2016-4085", "CVE-2015-8725", "CVE-2015-8729", "CVE-2015-8721", "CVE-2016-4006", "CVE-2016-4080", "CVE-2016-2523", "CVE-2016-4078", "CVE-2015-8716", "CVE-2015-8711", "CVE-2015-8718"], "lastseen": "2017-12-21T23:53:39"}, {"id": "OPENSUSE-2016-12.NASL", "type": "nessus", "title": "openSUSE Security Update : wireshark (openSUSE-2016-12)", "description": "Wireshark was updated to 1.12.9 to fix a number of crashes in protocol dissectors. [boo#960382]\n\n - CVE-2015-8711: epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate conversation data, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.\n\n - CVE-2015-8712: The dissect_hsdsch_channel_info function in epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not validate the number of PDUs, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.\n\n - CVE-2015-8713: epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not properly reserve memory for channel ID mappings, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.\n\n - CVE-2015-8714: The dissect_dcom_OBJREF function in epan/dissectors/packet-dcom.c in the DCOM dissector in Wireshark 1.12.x before 1.12.9 does not initialize a certain IPv4 data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.\n\n - CVE-2015-8715: epan/dissectors/packet-alljoyn.c in the AllJoyn dissector in Wireshark 1.12.x before 1.12.9 does not check for empty arguments, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.\n\n - CVE-2015-8716: The init_t38_info_conv function in epan/dissectors/packet-t38.c in the T.38 dissector in Wireshark 1.12.x before 1.12.9 does not ensure that a conversation exists, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.\n\n - CVE-2015-8717: The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.12.x before 1.12.9 does not prevent use of a negative media count, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.\n\n - CVE-2015-8718: Double free vulnerability in epan/dissectors/packet-nlm.c in the NLM dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1, when the 'Match MSG/RES packets for async NLM' option is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted packet.\n\n - CVE-2015-8719: The dissect_dns_answer function in epan/dissectors/packet-dns.c in the DNS dissector in Wireshark 1.12.x before 1.12.9 mishandles the EDNS0 Client Subnet option, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.\n\n - CVE-2015-8720: The dissect_ber_GeneralizedTime function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly checks an sscanf return value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.\n\n - CVE-2015-8721: Buffer overflow in the tvb_uncompress function in epan/tvbuff_zlib.c in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet with zlib compression.\n\n - CVE-2015-8722: epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the frame pointer, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.\n\n - CVE-2015-8723: The AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationship between the total length and the capture length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted\n\n - CVE-2015-8724: The AirPDcapDecryptWPABroadcastKey function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not verify the WPA broadcast key length, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.\n\n - CVE-2015-8725: The dissect_diameter_base_framed_ipv6_prefix function in epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the IPv6 prefix length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.\n\n - CVE-2015-8726: wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and Modulation and Coding Scheme (MCS) data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.\n\n - CVE-2015-8727: The dissect_rsvp_common function in epan/dissectors/packet-rsvp.c in the RSVP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not properly maintain request-key data, which allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet.\n\n - CVE-2015-8728: The Mobile Identity parser in (1) epan/dissectors/packet-ansi_a.c in the ANSI A dissector and (2) epan/dissectors/packet-gsm_a_common.c in the GSM A dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly uses the tvb_bcd_dig_to_wmem_packet_str function, which allows remote attackers to cause a denial of service (buffer overflow and application crash) via a crafted packet.\n\n - CVE-2015-8729: The ascend_seek function in wiretap/ascendtext.c in the Ascend file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not ensure the presence of a '\\0' character at the end of a date string, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.\n\n - CVE-2015-8730: epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the number of items, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted packet.\n\n - CVE-2015-8731: The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not reject unknown TLV types, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.\n\n - CVE-2015-8732: The dissect_zcl_pwr_prof_pwrprofstatersp function in epan/dissectors/packet-zbee-zcl-general.c in the ZigBee ZCL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the Total Profile Number field, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.\n\n - CVE-2015-8733: The ngsniffer_process_record function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.", "published": "2016-01-11T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=87833", "cvelist": ["CVE-2015-8713", "CVE-2015-8717", "CVE-2015-8730", "CVE-2015-8714", "CVE-2015-8733", "CVE-2015-8722", "CVE-2015-8719", "CVE-2015-8715", "CVE-2015-8726", "CVE-2015-8731", "CVE-2015-8724", "CVE-2015-8723", "CVE-2015-8720", "CVE-2015-8725", "CVE-2015-8729", "CVE-2015-8721", "CVE-2015-8727", "CVE-2015-8728", "CVE-2015-8712", "CVE-2015-8732", "CVE-2015-8716", "CVE-2015-8711", "CVE-2015-8718"], "lastseen": "2017-10-29T13:39:48"}, {"id": "WIRESHARK_1_12_9.NASL", "type": "nessus", "title": "Wireshark 1.12.x < 1.12.9 Multiple DoS", "description": "The version of Wireshark installed on the remote Windows host is 1.12.x prior to 1.12.9. It is, therefore, affected by multiple denial of service vulnerabilities in the following components :\n\n - 802.11 dissector\n - AllJoyn dissector\n - ANSI A dissector\n - Ascend file parser\n - BER dissector\n - DCOM dissector\n - DIAMETER dissector\n - DNS dissector\n - GSM A dissector\n - NBAP dissector\n - NLM dissector\n - RSL dissector\n - RSVP dissector\n - SCTP dissector\n - SDP dissector\n - Sniffer file parser\n - T.38 dissector\n - UMTS FP dissector\n - VeriWave file parser\n - ZigBee ZCL dissector\n - zlib compression\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "published": "2016-01-08T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=87824", "cvelist": ["CVE-2015-8713", "CVE-2015-8717", "CVE-2015-8730", "CVE-2015-8714", "CVE-2015-8733", "CVE-2015-8722", "CVE-2015-8719", "CVE-2015-8715", "CVE-2015-8726", "CVE-2015-8731", "CVE-2015-8724", "CVE-2015-8723", "CVE-2015-8720", "CVE-2015-8725", "CVE-2015-8729", "CVE-2015-8721", "CVE-2015-8727", "CVE-2015-8728", "CVE-2015-8712", "CVE-2015-8732", "CVE-2015-8716", "CVE-2015-8711", "CVE-2015-8718"], "lastseen": "2017-10-29T13:36:39"}, {"id": "DEBIAN_DSA-3505.NASL", "type": "nessus", "title": "Debian DSA-3505-1 : wireshark - security update", "description": "Multiple vulnerabilities were discovered in the dissectors/parsers for Pcapng, NBAP, UMTS FP, DCOM, AllJoyn, T.38, SDP, NLM, DNS, BED, SCTP, 802.11, DIAMETER, VeriWave, RVSP, ANSi A, GSM A, Ascend, NBAP, ZigBee ZCL and Sniffer which could result in denial of service.", "published": "2016-03-07T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=89695", "cvelist": ["CVE-2015-8713", "CVE-2015-8717", "CVE-2015-8730", "CVE-2015-8714", "CVE-2015-8733", "CVE-2015-8722", "CVE-2015-8719", "CVE-2015-8715", "CVE-2015-8726", "CVE-2015-8724", "CVE-2015-8723", "CVE-2015-8720", "CVE-2015-8725", "CVE-2015-8729", "CVE-2015-8721", "CVE-2015-8727", "CVE-2015-7830", "CVE-2015-8728", "CVE-2015-8712", "CVE-2015-8732", "CVE-2015-8716", "CVE-2015-8711", "CVE-2015-8718"], "lastseen": "2017-10-29T13:33:08"}, {"id": "SUSE_SU-2016-0110-1.NASL", "type": "nessus", "title": "SUSE SLED11 / SLES11 Security Update : wireshark (SUSE-SU-2016:0110-1)", "description": "This update contains Wireshark 1.12.9 and fixes the following issues :\n\n - CVE-2015-7830: pcapng file parser could crash while copying an interface filter (bsc#950437)\n\n - CVE-2015-8711: epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate conversation data, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.\n\n - CVE-2015-8712: The dissect_hsdsch_channel_info function in epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not validate the number of PDUs, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.\n\n - CVE-2015-8713: epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not properly reserve memory for channel ID mappings, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.\n\n - CVE-2015-8714: The dissect_dcom_OBJREF function in epan/dissectors/packet-dcom.c in the DCOM dissector in Wireshark 1.12.x before 1.12.9 does not initialize a certain IPv4 data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.\n\n - CVE-2015-8715: epan/dissectors/packet-alljoyn.c in the AllJoyn dissector in Wireshark 1.12.x before 1.12.9 does not check for empty arguments, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.\n\n - CVE-2015-8716: The init_t38_info_conv function in epan/dissectors/packet-t38.c in the T.38 dissector in Wireshark 1.12.x before 1.12.9 does not ensure that a conversation exists, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.\n\n - CVE-2015-8717: The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.12.x before 1.12.9 does not prevent use of a negative media count, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.\n\n - CVE-2015-8718: Double free vulnerability in epan/dissectors/packet-nlm.c in the NLM dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1, when the 'Match MSG/RES packets for async NLM' option is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted packet.\n\n - CVE-2015-8719: The dissect_dns_answer function in epan/dissectors/packet-dns.c in the DNS dissector in Wireshark 1.12.x before 1.12.9 mishandles the EDNS0 Client Subnet option, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.\n\n - CVE-2015-8720: The dissect_ber_GeneralizedTime function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly checks an sscanf return value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.\n\n - CVE-2015-8721: Buffer overflow in the tvb_uncompress function in epan/tvbuff_zlib.c in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet with zlib compression.\n\n - CVE-2015-8722: epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the frame pointer, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.\n\n - CVE-2015-8723: The AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationship between the total length and the capture length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted\n\n - CVE-2015-8724: The AirPDcapDecryptWPABroadcastKey function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not verify the WPA broadcast key length, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.\n\n - CVE-2015-8725: The dissect_diameter_base_framed_ipv6_prefix function in epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the IPv6 prefix length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.\n\n - CVE-2015-8726: wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and Modulation and Coding Scheme (MCS) data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.\n\n - CVE-2015-8727: The dissect_rsvp_common function in epan/dissectors/packet-rsvp.c in the RSVP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not properly maintain request-key data, which allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet.\n\n - CVE-2015-8728: The Mobile Identity parser in (1) epan/dissectors/packet-ansi_a.c in the ANSI A dissector and (2) epan/dissectors/packet-gsm_a_common.c in the GSM A dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly uses the tvb_bcd_dig_to_wmem_packet_str function, which allows remote attackers to cause a denial of service (buffer overflow and application crash) via a crafted packet.\n\n - CVE-2015-8729: The ascend_seek function in wiretap/ascendtext.c in the Ascend file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not ensure the presence of a '\\0' character at the end of a date string, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.\n\n - CVE-2015-8730: epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the number of items, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted packet.\n\n - CVE-2015-8731: The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not reject unknown TLV types, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.\n\n - CVE-2015-8732: The dissect_zcl_pwr_prof_pwrprofstatersp function in epan/dissectors/packet-zbee-zcl-general.c in the ZigBee ZCL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the Total Profile Number field, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.\n\n - CVE-2015-8733: The ngsniffer_process_record function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2016-01-14T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=87912", "cvelist": ["CVE-2015-8713", "CVE-2015-8717", "CVE-2015-8730", "CVE-2015-8714", "CVE-2015-8733", "CVE-2015-8722", "CVE-2015-8719", "CVE-2015-8715", "CVE-2015-8726", "CVE-2015-8731", "CVE-2015-8724", "CVE-2015-8723", "CVE-2015-8720", "CVE-2015-8725", "CVE-2015-8729", "CVE-2015-8721", "CVE-2015-8727", "CVE-2015-7830", "CVE-2015-8728", "CVE-2015-8712", "CVE-2015-8732", "CVE-2015-8716", "CVE-2015-8711", "CVE-2015-8718"], "lastseen": "2017-12-13T23:33:38"}, {"id": "WIRESHARK_2_0_1.NASL", "type": "nessus", "title": "Wireshark 2.0.0 Multiple DoS", "description": "The version of Wireshark installed on the remote Windows host is 2.0.0. It is, therefore, affected by multiple denial of service vulnerabilities in the following components :\n\n - 802.11 dissector\n - ANSI A dissector\n - Ascend file parser\n - BER dissector\n - Bluetooth Attribute dissector\n - DIAMETER dissector\n - GSM A dissector\n - IPMI dissector\n - MP2T file parser\n - MS-WSP dissector\n - NBAP dissector\n - NLM dissector\n - NWP dissector\n - PPI dissector\n - RSL dissector\n - RSVP dissector\n - S7COMM dissector\n - SCTP dissector\n - Sniffer file parser\n - TDS dissector\n - VeriWave file parser\n - ZigBee ZCL dissector\n - zlib compression\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "published": "2016-01-08T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=87825", "cvelist": ["CVE-2015-8741", "CVE-2015-8730", "CVE-2015-8733", "CVE-2015-8722", "CVE-2015-8736", "CVE-2015-8726", "CVE-2015-8731", "CVE-2015-8739", "CVE-2015-8724", "CVE-2015-8742", "CVE-2015-8738", "CVE-2015-8723", "CVE-2015-8720", "CVE-2015-8725", "CVE-2015-8737", "CVE-2015-8735", "CVE-2015-8729", "CVE-2015-8721", "CVE-2015-8727", "CVE-2015-8728", "CVE-2015-8732", "CVE-2015-8734", "CVE-2015-8711", "CVE-2015-8740", "CVE-2015-8718"], "lastseen": "2017-10-29T13:37:59"}, {"id": "SUSE_SU-2016-0109-1.NASL", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : wireshark (SUSE-SU-2016:0109-1)", "description": "This update contains Wireshark 1.12.9 and fixes the following issues :\n\n - CVE-2015-7830: pcapng file parser could crash while copying an interface filter (bsc#950437)\n\n - CVE-2015-8711: epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate conversation data, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.\n\n - CVE-2015-8712: The dissect_hsdsch_channel_info function in epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not validate the number of PDUs, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.\n\n - CVE-2015-8713: epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not properly reserve memory for channel ID mappings, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.\n\n - CVE-2015-8714: The dissect_dcom_OBJREF function in epan/dissectors/packet-dcom.c in the DCOM dissector in Wireshark 1.12.x before 1.12.9 does not initialize a certain IPv4 data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.\n\n - CVE-2015-8715: epan/dissectors/packet-alljoyn.c in the AllJoyn dissector in Wireshark 1.12.x before 1.12.9 does not check for empty arguments, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.\n\n - CVE-2015-8716: The init_t38_info_conv function in epan/dissectors/packet-t38.c in the T.38 dissector in Wireshark 1.12.x before 1.12.9 does not ensure that a conversation exists, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.\n\n - CVE-2015-8717: The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.12.x before 1.12.9 does not prevent use of a negative media count, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.\n\n - CVE-2015-8718: Double free vulnerability in epan/dissectors/packet-nlm.c in the NLM dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1, when the 'Match MSG/RES packets for async NLM' option is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted packet.\n\n - CVE-2015-8719: The dissect_dns_answer function in epan/dissectors/packet-dns.c in the DNS dissector in Wireshark 1.12.x before 1.12.9 mishandles the EDNS0 Client Subnet option, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.\n\n - CVE-2015-8720: The dissect_ber_GeneralizedTime function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly checks an sscanf return value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.\n\n - CVE-2015-8721: Buffer overflow in the tvb_uncompress function in epan/tvbuff_zlib.c in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet with zlib compression.\n\n - CVE-2015-8722: epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the frame pointer, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.\n\n - CVE-2015-8723: The AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationship between the total length and the capture length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted\n\n - CVE-2015-8724: The AirPDcapDecryptWPABroadcastKey function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not verify the WPA broadcast key length, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.\n\n - CVE-2015-8725: The dissect_diameter_base_framed_ipv6_prefix function in epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the IPv6 prefix length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.\n\n - CVE-2015-8726: wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and Modulation and Coding Scheme (MCS) data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.\n\n - CVE-2015-8727: The dissect_rsvp_common function in epan/dissectors/packet-rsvp.c in the RSVP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not properly maintain request-key data, which allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet.\n\n - CVE-2015-8728: The Mobile Identity parser in (1) epan/dissectors/packet-ansi_a.c in the ANSI A dissector and (2) epan/dissectors/packet-gsm_a_common.c in the GSM A dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly uses the tvb_bcd_dig_to_wmem_packet_str function, which allows remote attackers to cause a denial of service (buffer overflow and application crash) via a crafted packet.\n\n - CVE-2015-8729: The ascend_seek function in wiretap/ascendtext.c in the Ascend file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not ensure the presence of a '\\0' character at the end of a date string, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.\n\n - CVE-2015-8730: epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the number of items, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted packet.\n\n - CVE-2015-8731: The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not reject unknown TLV types, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.\n\n - CVE-2015-8732: The dissect_zcl_pwr_prof_pwrprofstatersp function in epan/dissectors/packet-zbee-zcl-general.c in the ZigBee ZCL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the Total Profile Number field, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.\n\n - CVE-2015-8733: The ngsniffer_process_record function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2016-01-14T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=87911", "cvelist": ["CVE-2015-8713", "CVE-2015-8717", "CVE-2015-8730", "CVE-2015-8714", "CVE-2015-8733", "CVE-2015-8722", "CVE-2015-8719", "CVE-2015-8715", "CVE-2015-8726", "CVE-2015-8731", "CVE-2015-8724", "CVE-2015-8723", "CVE-2015-8720", "CVE-2015-8725", "CVE-2015-8729", "CVE-2015-8721", "CVE-2015-8727", "CVE-2015-7830", "CVE-2015-8728", "CVE-2015-8712", "CVE-2015-8732", "CVE-2015-8716", "CVE-2015-8711", "CVE-2015-8718"], "lastseen": "2017-10-29T13:34:55"}, {"id": "GENTOO_GLSA-201604-05.NASL", "type": "nessus", "title": "GLSA-201604-05 : Wireshark: Multiple vulnerabilities", "description": "The remote host is affected by the vulnerability described in GLSA-201604-05 (Wireshark: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Wireshark. Please review the CVE identifiers referenced below for details.\n Impact :\n\n Remote attackers could cause Denial of Service and local attackers could escalate privileges.\n Workaround :\n\n There is no known workaround at this time.", "published": "2016-04-27T00:00:00", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=90744", "cvelist": ["CVE-2015-8713", "CVE-2015-8717", "CVE-2015-8741", "CVE-2015-8730", "CVE-2015-8714", "CVE-2015-8733", "CVE-2016-2531", "CVE-2015-8722", "CVE-2016-2527", "CVE-2016-2530", "CVE-2016-2524", "CVE-2015-8719", "CVE-2015-8715", "CVE-2015-8736", "CVE-2015-8726", "CVE-2016-2521", "CVE-2015-8731", "CVE-2015-8739", "CVE-2015-8724", "CVE-2015-8742", "CVE-2015-8738", "CVE-2016-2529", "CVE-2015-8723", "CVE-2015-8720", "CVE-2016-2528", "CVE-2016-2526", "CVE-2015-8725", "CVE-2015-8737", "CVE-2015-8735", "CVE-2015-8729", "CVE-2015-8721", "CVE-2015-8727", "CVE-2015-8728", "CVE-2016-2532", "CVE-2015-8712", "CVE-2016-2523", "CVE-2016-2525", "CVE-2016-2522", "CVE-2015-8732", "CVE-2015-8716", "CVE-2015-8734", "CVE-2015-8711", "CVE-2015-8740", "CVE-2015-8718"], "lastseen": "2017-10-29T13:45:06"}], "f5": [{"id": "F5:K01837042", "type": "f5", "title": "Multiple Wireshark (tshark) vulnerabilities", "description": "\nF5 Product Development has assigned ID 597176 (BIG-IP) and ID 600847 (ARX) to this vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Severity | Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM | 13.0.0 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.2 | 13.1.0 \n12.1.3 \n11.2.1 \n10.2.1 - 10.2.4 | Medium | Wireshark (tshark) \nBIG-IP AAM | 13.0.0 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.2 | 13.1.0 \n12.1.3 | Medium | Wireshark (tshark) \nBIG-IP AFM | 13.0.0 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.2 | 13.1.0 \n12.1.3 | Medium | Wireshark (tshark) \nBIG-IP Analytics | 13.0.0 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.2 | 13.1.0 \n12.1.3 \n11.2.1 | Medium | Wireshark (tshark) \nBIG-IP APM | 13.0.0 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.2 | 13.1.0 \n12.1.3 \n11.2.1 \n10.2.1 - 10.2.4 | Medium | Wireshark (tshark) \nBIG-IP ASM | 13.0.0 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.2 | 13.1.0 \n12.1.3 \n11.2.1 \n10.2.1 - 10.2.4 | Medium | Wireshark (tshark) \nBIG-IP DNS | 13.0.0 \n12.0.0 - 12.1.2 | 13.1.0 \n12.1.3 | Medium | Wireshark (tshark) \nBIG-IP Edge Gateway | None | 11.2.1 \n10.2.1 - 10.2.4 | Not vulnerable | None \nBIG-IP GTM | 11.4.0 - 11.6.2 | 11.2.1 \n10.2.1 - 10.2.4 | Medium | Wireshark (tshark) \nBIG-IP Link Controller | 13.0.0 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.2 | 13.1.0 \n12.1.3 \n11.2.1 \n10.2.1 - 10.2.4 | Medium | Wireshark (tshark) \nBIG-IP PEM | 13.0.0 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.2 | 13.1.0 \n12.1.3 | Medium | Wireshark (tshark) \nBIG-IP PSM | 11.4.0 - 11.4.1 | 10.2.1 - 10.2.4 | Medium | Wireshark (tshark) \nBIG-IP WebAccelerator | None | 11.2.1 \n10.2.1 - 10.2.4 | Not vulnerable | None \nBIG-IP WOM | None | 11.2.1 \n10.2.1 - 10.2.4 | Not vulnerable | None \nARX | 6.2.0 - 6.4.0 | None | Low | Wireshark (tshark) \nEnterprise Manager | 3.1.1 | None | Medium | Wireshark (tshark) \nFirePass | None | 7.0.0 | Not vulnerable | None \nBIG-IQ Cloud | 4.0.0 - 4.5.0 | None | Medium | Wireshark (tshark) \nBIG-IQ Device | 4.2.0 - 4.5.0 | None | Medium | Wireshark (tshark) \nBIG-IQ Security | 4.0.0 - 4.5.0 | None | Medium | Wireshark (tshark) \nBIG-IQ ADC | 4.5.0 | None | Medium | Wireshark (tshark) \nBIG-IQ Centralized Management | 5.0.0 | None | Medium | Wireshark (tshark) \nBIG-IQ Cloud and Orchestration | 1.0.0 | None | Medium | Wireshark (tshark) \nF5 iWorkflow | 2.0.0 | None | Medium | Wireshark (tshark) \nLineRate | None | 2.5.0 - 2.6.1 | Not vulnerable | None \nF5 MobileSafe | None | 1.0.0 | Not vulnerable | None \nF5 WebSafe | None | 1.0.0 | Not vulnerable | None \nTraffix SDC | None | 5.0.0 \n4.0.0 - 4.4.0 | Not vulnerable | None\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nTo mitigate this vulnerability, avoid using Wireshark (tshark) on the BIG-IP system. For troubleshooting purposes, the **tcpdump** utility can be safely used.\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K13123: Managing BIG-IP product hotfixes (11.x - 13.x)](<https://support.f5.com/csp/article/K13123>)\n * [K9502: BIG-IP hotfix matrix](<https://support.f5.com/csp/article/K9502>)\n * [K15106: Managing BIG-IQ product hotfixes](<https://support.f5.com/csp/article/K15106>)\n * [K15113: BIG-IQ hotfix matrix](<https://support.f5.com/csp/article/K15113>)\n * [K12766: ARX hotfix matrix](<https://support.f5.com/csp/article/K12766>)\n", "published": "2016-06-25T00:18:00", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://support.f5.com/csp/article/K01837042", "cvelist": ["CVE-2015-8717", "CVE-2015-8730", "CVE-2015-8714", "CVE-2015-8733", "CVE-2016-4081", "CVE-2016-4079", "CVE-2015-8723", "CVE-2015-8720", "CVE-2016-4085", "CVE-2015-8725", "CVE-2015-8729", "CVE-2015-8721", "CVE-2016-4006", "CVE-2016-4080", "CVE-2016-2523", "CVE-2016-4078", "CVE-2015-8716", "CVE-2015-8711", "CVE-2015-8718"], "lastseen": "2017-12-20T23:16:42"}, {"id": "SOL01837042", "type": "f5", "title": "SOL01837042 - Multiple Wireshark (tshark) vulnerabilities", "description": "Vulnerability Recommended Actions\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nTo mitigate this vulnerability, avoid using Wireshark (tshark) on the BIG-IP system. For troubleshooting purposes, the **tcpdump** utility can be safely used.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n * SOL13123: Managing BIG-IP product hotfixes (11.x - 12.x)\n * SOL9502: BIG-IP hotfix matrix\n * SOL15106: Managing BIG-IQ product hotfixes\n * SOL15113: BIG-IQ hotfix matrix\n * SOL12766: ARX hotfix matrix\n", "published": "2016-06-24T00:00:00", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://support.f5.com/kb/en-us/solutions/public/k/01/sol01837042.html", "cvelist": ["CVE-2015-8717", "CVE-2015-8730", "CVE-2015-8714", "CVE-2015-8733", "CVE-2016-4081", "CVE-2016-4079", "CVE-2015-8723", "CVE-2015-8720", "CVE-2016-4085", "CVE-2015-8725", "CVE-2015-8729", "CVE-2015-8721", "CVE-2016-4006", "CVE-2016-4080", "CVE-2016-2523", "CVE-2016-4078", "CVE-2015-8716", "CVE-2015-8711", "CVE-2015-8718"], "lastseen": "2016-11-09T00:09:59"}], "archlinux": [{"id": "ASA-201601-5", "type": "archlinux", "title": "wireshark-gtk: denial of service", "description": "- CVE-2015-8742 (denial of service)\nThe dissect_CPMSetBindings function in epan/dissectors/packet-mswsp.c\nin the MS-WSP dissector in Wireshark 2.0.x before 2.0.1 does not\nvalidate the column size, which allows remote attackers to cause a\ndenial of service (memory consumption or application crash) via a\ncrafted packet.\n\n- CVE-2015-8741 (denial of service)\nThe dissect_ppi function in epan/dissectors/packet-ppi.c in the PPI\ndissector in Wireshark 2.0.x before 2.0.1 does not initialize a\npacket-header data structure, which allows remote attackers to cause a\ndenial of service (application crash) via a crafted packet.\n\n- CVE-2015-8740 (denial of service)\nThe dissect_tds7_colmetadata_token function in\nepan/dissectors/packet-tds.c in the TDS dissector in Wireshark 2.0.x\nbefore 2.0.1 does not validate the number of columns, which allows\nremote attackers to cause a denial of service (stack-based buffer\noverflow and application crash) via a crafted packet.\n\n- CVE-2015-8738 (denial of service)\nThe s7comm_decode_ud_cpu_szl_subfunc function in\nepan/dissectors/packet-s7comm_szl_ids.c in the S7COMM dissector in\nWireshark 2.0.x before 2.0.1 does not validate the list count in an\nSZL response, which allows remote attackers to cause a denial of\nservice (divide-by-zero error and application crash) via a crafted\npacket.\n\n- CVE-2015-8739 (denial of service)\nThe ipmi_fmt_udpport function in epan/dissectors/packet-ipmi.c in the\nIPMI dissector in Wireshark 2.0.x before 2.0.1 improperly attempts to\naccess a packet scope, which allows remote attackers to cause a denial\nof service (assertion failure and application exit) via a crafted\npacket.\n\n- CVE-2015-8737 (denial of service)\nThe mp2t_open function in wiretap/mp2t.c in the MP2T file parser in\nWireshark 2.0.x before 2.0.1 does not validate the bit rate, which\nallows remote attackers to cause a denial of service (divide-by-zero\nerror and application crash) via a crafted file.\n\n- CVE-2015-8736 (denial of service)\nThe mp2t_find_next_pcr function in wiretap/mp2t.c in the MP2T file\nparser in Wireshark 2.0.x before 2.0.1 does not reserve memory for a\ntrailer, which allows remote attackers to cause a denial of service\n(stack-based buffer overflow and application crash) via a crafted\nfile.\n\n- CVE-2015-8735 (denial of service)\nThe get_value function in epan/dissectors/packet-btatt.c in the\nBluetooth Attribute (aka BT ATT) dissector in Wireshark 2.0.x before\n2.0.1 uses an incorrect integer data type, which allows remote\nattackers to cause a denial of service (invalid write operation and\napplication crash) via a crafted packet.\n\n- CVE-2015-8734 (denial of service)\nThe dissect_nwp function in epan/dissectors/packet-nwp.c in the NWP\ndissector in Wireshark 2.0.x before 2.0.1 mishandles the packet type,\nwhich allows remote attackers to cause a denial of service\n(application crash) via a crafted packet.\n\n- CVE-2015-8733 (denial of service)\nThe ngsniffer_process_record function in wiretap/ngsniffer.c in the\nSniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before\n2.0.1 does not validate the relationships between record lengths and\nrecord header lengths, which allows remote attackers to cause a denial\nof service (out-of-bounds read and application crash) via a crafted\nfile.\n\n- CVE-2015-8732 (denial of service)\nThe dissect_zcl_pwr_prof_pwrprofstatersp function in\nepan/dissectors/packet-zbee-zcl-general.c in the ZigBee ZCL dissector\nin Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not\nvalidate the Total Profile Number field, which allows remote attackers\nto cause a denial of service (out-of-bounds read and application\ncrash) via a crafted packet.\n\n- CVE-2015-8730 (denial of service)\nepan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark\n1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the\nnumber of items, which allows remote attackers to cause a denial of\nservice (invalid read operation and application crash) via a crafted\npacket.\n\n- CVE-2015-8731 (denial of service)\nThe dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c\nin the RSL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x\nbefore 2.0.1 does not reject unknown TLV types, which allows remote\nattackers to cause a denial of service (out-of-bounds read and\napplication crash) via a crafted packet.\n\n- CVE-2015-8729 (denial of service)\nThe ascend_seek function in wiretap/ascendtext.c in the Ascend file\nparser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does\nnot ensure the presence of a '\\0' character at the end of a date\nstring, which allows remote attackers to cause a denial of service\n(out-of-bounds read and application crash) via a crafted file.\n\n- CVE-2015-8728 (denial of service)\nThe Mobile Identity parser in (1) epan/dissectors/packet-ansi_a.c in\nthe ANSI A dissector and (2) epan/dissectors/packet-gsm_a_common.c in\nthe GSM A dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before\n2.0.1 improperly uses the tvb_bcd_dig_to_wmem_packet_str function,\nwhich allows remote attackers to cause a denial of service (buffer\noverflow and application crash) via a crafted packet.\n\n- CVE-2015-8727 (denial of service)\nThe dissect_rsvp_common function in epan/dissectors/packet-rsvp.c in\nthe RSVP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before\n2.0.1 does not properly maintain request-key data, which allows remote\nattackers to cause a denial of service (use-after-free and application\ncrash) via a crafted packet\n\n- CVE-2015-8726 (denial of service)\nwiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before\n1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and\nModulation and Coding Scheme (MCS) data, which allows remote attackers\nto cause a denial of service (out-of-bounds read and application\ncrash) via a crafted file.\n\n- CVE-2015-8725 (denial of service)\nThe dissect_diameter_base_framed_ipv6_prefix function in\nepan/dissectors/packet-diameter.c in the DIAMETER dissector in\nWireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not\nvalidate the IPv6 prefix length, which allows remote attackers to\ncause a denial of service (stack-based buffer overflow and application\ncrash) via a crafted packet.\n\n- CVE-2015-8724 (denial of service)\nThe AirPDcapDecryptWPABroadcastKey function in epan/crypt/airpdcap.c\nin the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x\nbefore 2.0.1 does not verify the WPA broadcast key length, which\nallows remote attackers to cause a denial of service (out-of-bounds\nread and application crash) via a crafted packet.\n\n- CVE-2015-8723 (denial of service)\nThe AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the\n802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before\n2.0.1 does not validate the relationship between the total length and\nthe capture length, which allows remote attackers to cause a denial of\nservice (stack-based buffer overflow and application crash) via a\ncrafted packet.\n\n- CVE-2015-8722 (denial of service)\nepan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark\n1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the\nframe pointer, which allows remote attackers to cause a denial of\nservice (NULL pointer dereference and application crash) via a crafted\npacket.\n\n- CVE-2015-8721 (denial of service)\nBuffer overflow in the tvb_uncompress function in epan/tvbuff_zlib.c\nin Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 allows remote\nattackers to cause a denial of service (application crash) via a\ncrafted packet with zlib compression.\n\n- CVE-2015-8720 (denial of service)\nThe dissect_ber_GeneralizedTime function in\nepan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.12.x\nbefore 1.12.9 and 2.0.x before 2.0.1 improperly checks an sscanf\nreturn value, which allows remote attackers to cause a denial of\nservice (application crash) via a crafted packet.\n\n- CVE-2015-8718 (denial of service)\nDouble free vulnerability in epan/dissectors/packet-nlm.c in the NLM\ndissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1,\nwhen the "Match MSG/RES packets for async NLM" option is enabled,\nallows remote attackers to cause a denial of service (application\ncrash) via a crafted packet.\n\n- CVE-2015-8711 (denial of service)\nepan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark\n1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate\nconversation data, which allows remote attackers to cause a denial of\nservice (NULL pointer dereference and application crash) via a crafted\npacket.", "published": "2016-01-09T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://lists.archlinux.org/pipermail/arch-security/2016-January/000484.html", "cvelist": ["CVE-2015-8741", "CVE-2015-8730", "CVE-2015-8733", "CVE-2015-8722", "CVE-2015-8736", "CVE-2015-8726", "CVE-2015-8731", "CVE-2015-8739", "CVE-2015-8724", "CVE-2015-8742", "CVE-2015-8738", "CVE-2015-8723", "CVE-2015-8720", "CVE-2015-8725", "CVE-2015-8737", "CVE-2015-8735", "CVE-2015-8729", "CVE-2015-8721", "CVE-2015-8727", "CVE-2015-8728", "CVE-2015-8732", "CVE-2015-8734", "CVE-2015-8711", "CVE-2015-8740", "CVE-2015-8718"], "lastseen": "2016-09-02T18:44:41"}, {"id": "ASA-201601-4", "type": "archlinux", "title": "wireshark-cli: denial of service", "description": "- CVE-2015-8742 (denial of service)\nThe dissect_CPMSetBindings function in epan/dissectors/packet-mswsp.c\nin the MS-WSP dissector in Wireshark 2.0.x before 2.0.1 does not\nvalidate the column size, which allows remote attackers to cause a\ndenial of service (memory consumption or application crash) via a\ncrafted packet.\n\n- CVE-2015-8741 (denial of service)\nThe dissect_ppi function in epan/dissectors/packet-ppi.c in the PPI\ndissector in Wireshark 2.0.x before 2.0.1 does not initialize a\npacket-header data structure, which allows remote attackers to cause a\ndenial of service (application crash) via a crafted packet.\n\n- CVE-2015-8740 (denial of service)\nThe dissect_tds7_colmetadata_token function in\nepan/dissectors/packet-tds.c in the TDS dissector in Wireshark 2.0.x\nbefore 2.0.1 does not validate the number of columns, which allows\nremote attackers to cause a denial of service (stack-based buffer\noverflow and application crash) via a crafted packet.\n\n- CVE-2015-8738 (denial of service)\nThe s7comm_decode_ud_cpu_szl_subfunc function in\nepan/dissectors/packet-s7comm_szl_ids.c in the S7COMM dissector in\nWireshark 2.0.x before 2.0.1 does not validate the list count in an\nSZL response, which allows remote attackers to cause a denial of\nservice (divide-by-zero error and application crash) via a crafted\npacket.\n\n- CVE-2015-8739 (denial of service)\nThe ipmi_fmt_udpport function in epan/dissectors/packet-ipmi.c in the\nIPMI dissector in Wireshark 2.0.x before 2.0.1 improperly attempts to\naccess a packet scope, which allows remote attackers to cause a denial\nof service (assertion failure and application exit) via a crafted\npacket.\n\n- CVE-2015-8737 (denial of service)\nThe mp2t_open function in wiretap/mp2t.c in the MP2T file parser in\nWireshark 2.0.x before 2.0.1 does not validate the bit rate, which\nallows remote attackers to cause a denial of service (divide-by-zero\nerror and application crash) via a crafted file.\n\n- CVE-2015-8736 (denial of service)\nThe mp2t_find_next_pcr function in wiretap/mp2t.c in the MP2T file\nparser in Wireshark 2.0.x before 2.0.1 does not reserve memory for a\ntrailer, which allows remote attackers to cause a denial of service\n(stack-based buffer overflow and application crash) via a crafted\nfile.\n\n- CVE-2015-8735 (denial of service)\nThe get_value function in epan/dissectors/packet-btatt.c in the\nBluetooth Attribute (aka BT ATT) dissector in Wireshark 2.0.x before\n2.0.1 uses an incorrect integer data type, which allows remote\nattackers to cause a denial of service (invalid write operation and\napplication crash) via a crafted packet.\n\n- CVE-2015-8734 (denial of service)\nThe dissect_nwp function in epan/dissectors/packet-nwp.c in the NWP\ndissector in Wireshark 2.0.x before 2.0.1 mishandles the packet type,\nwhich allows remote attackers to cause a denial of service\n(application crash) via a crafted packet.\n\n- CVE-2015-8733 (denial of service)\nThe ngsniffer_process_record function in wiretap/ngsniffer.c in the\nSniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before\n2.0.1 does not validate the relationships between record lengths and\nrecord header lengths, which allows remote attackers to cause a denial\nof service (out-of-bounds read and application crash) via a crafted\nfile.\n\n- CVE-2015-8732 (denial of service)\nThe dissect_zcl_pwr_prof_pwrprofstatersp function in\nepan/dissectors/packet-zbee-zcl-general.c in the ZigBee ZCL dissector\nin Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not\nvalidate the Total Profile Number field, which allows remote attackers\nto cause a denial of service (out-of-bounds read and application\ncrash) via a crafted packet.\n\n- CVE-2015-8730 (denial of service)\nepan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark\n1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the\nnumber of items, which allows remote attackers to cause a denial of\nservice (invalid read operation and application crash) via a crafted\npacket.\n\n- CVE-2015-8731 (denial of service)\nThe dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c\nin the RSL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x\nbefore 2.0.1 does not reject unknown TLV types, which allows remote\nattackers to cause a denial of service (out-of-bounds read and\napplication crash) via a crafted packet.\n\n- CVE-2015-8729 (denial of service)\nThe ascend_seek function in wiretap/ascendtext.c in the Ascend file\nparser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does\nnot ensure the presence of a '\\0' character at the end of a date\nstring, which allows remote attackers to cause a denial of service\n(out-of-bounds read and application crash) via a crafted file.\n\n- CVE-2015-8728 (denial of service)\nThe Mobile Identity parser in (1) epan/dissectors/packet-ansi_a.c in\nthe ANSI A dissector and (2) epan/dissectors/packet-gsm_a_common.c in\nthe GSM A dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before\n2.0.1 improperly uses the tvb_bcd_dig_to_wmem_packet_str function,\nwhich allows remote attackers to cause a denial of service (buffer\noverflow and application crash) via a crafted packet.\n\n- CVE-2015-8727 (denial of service)\nThe dissect_rsvp_common function in epan/dissectors/packet-rsvp.c in\nthe RSVP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before\n2.0.1 does not properly maintain request-key data, which allows remote\nattackers to cause a denial of service (use-after-free and application\ncrash) via a crafted packet\n\n- CVE-2015-8726 (denial of service)\nwiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before\n1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and\nModulation and Coding Scheme (MCS) data, which allows remote attackers\nto cause a denial of service (out-of-bounds read and application\ncrash) via a crafted file.\n\n- CVE-2015-8725 (denial of service)\nThe dissect_diameter_base_framed_ipv6_prefix function in\nepan/dissectors/packet-diameter.c in the DIAMETER dissector in\nWireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not\nvalidate the IPv6 prefix length, which allows remote attackers to\ncause a denial of service (stack-based buffer overflow and application\ncrash) via a crafted packet.\n\n- CVE-2015-8724 (denial of service)\nThe AirPDcapDecryptWPABroadcastKey function in epan/crypt/airpdcap.c\nin the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x\nbefore 2.0.1 does not verify the WPA broadcast key length, which\nallows remote attackers to cause a denial of service (out-of-bounds\nread and application crash) via a crafted packet.\n\n- CVE-2015-8723 (denial of service)\nThe AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the\n802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before\n2.0.1 does not validate the relationship between the total length and\nthe capture length, which allows remote attackers to cause a denial of\nservice (stack-based buffer overflow and application crash) via a\ncrafted packet.\n\n- CVE-2015-8722 (denial of service)\nepan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark\n1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the\nframe pointer, which allows remote attackers to cause a denial of\nservice (NULL pointer dereference and application crash) via a crafted\npacket.\n\n- CVE-2015-8721 (denial of service)\nBuffer overflow in the tvb_uncompress function in epan/tvbuff_zlib.c\nin Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 allows remote\nattackers to cause a denial of service (application crash) via a\ncrafted packet with zlib compression.\n\n- CVE-2015-8720 (denial of service)\nThe dissect_ber_GeneralizedTime function in\nepan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.12.x\nbefore 1.12.9 and 2.0.x before 2.0.1 improperly checks an sscanf\nreturn value, which allows remote attackers to cause a denial of\nservice (application crash) via a crafted packet.\n\n- CVE-2015-8718 (denial of service)\nDouble free vulnerability in epan/dissectors/packet-nlm.c in the NLM\ndissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1,\nwhen the "Match MSG/RES packets for async NLM" option is enabled,\nallows remote attackers to cause a denial of service (application\ncrash) via a crafted packet.\n\n- CVE-2015-8711 (denial of service)\nepan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark\n1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate\nconversation data, which allows remote attackers to cause a denial of\nservice (NULL pointer dereference and application crash) via a crafted\npacket.", "published": "2016-01-09T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://lists.archlinux.org/pipermail/arch-security/2016-January/000483.html", "cvelist": ["CVE-2015-8741", "CVE-2015-8730", "CVE-2015-8733", "CVE-2015-8722", "CVE-2015-8736", "CVE-2015-8726", "CVE-2015-8731", "CVE-2015-8739", "CVE-2015-8724", "CVE-2015-8742", "CVE-2015-8738", "CVE-2015-8723", "CVE-2015-8720", "CVE-2015-8725", "CVE-2015-8737", "CVE-2015-8735", "CVE-2015-8729", "CVE-2015-8721", "CVE-2015-8727", "CVE-2015-8728", "CVE-2015-8732", "CVE-2015-8734", "CVE-2015-8711", "CVE-2015-8740", "CVE-2015-8718"], "lastseen": "2016-09-02T18:44:44"}, {"id": "ASA-201601-6", "type": "archlinux", "title": "wireshark-qt: denial of service", "description": "- CVE-2015-8742 (denial of service)\nThe dissect_CPMSetBindings function in epan/dissectors/packet-mswsp.c\nin the MS-WSP dissector in Wireshark 2.0.x before 2.0.1 does not\nvalidate the column size, which allows remote attackers to cause a\ndenial of service (memory consumption or application crash) via a\ncrafted packet.\n\n- CVE-2015-8741 (denial of service)\nThe dissect_ppi function in epan/dissectors/packet-ppi.c in the PPI\ndissector in Wireshark 2.0.x before 2.0.1 does not initialize a\npacket-header data structure, which allows remote attackers to cause a\ndenial of service (application crash) via a crafted packet.\n\n- CVE-2015-8740 (denial of service)\nThe dissect_tds7_colmetadata_token function in\nepan/dissectors/packet-tds.c in the TDS dissector in Wireshark 2.0.x\nbefore 2.0.1 does not validate the number of columns, which allows\nremote attackers to cause a denial of service (stack-based buffer\noverflow and application crash) via a crafted packet.\n\n- CVE-2015-8738 (denial of service)\nThe s7comm_decode_ud_cpu_szl_subfunc function in\nepan/dissectors/packet-s7comm_szl_ids.c in the S7COMM dissector in\nWireshark 2.0.x before 2.0.1 does not validate the list count in an\nSZL response, which allows remote attackers to cause a denial of\nservice (divide-by-zero error and application crash) via a crafted\npacket.\n\n- CVE-2015-8739 (denial of service)\nThe ipmi_fmt_udpport function in epan/dissectors/packet-ipmi.c in the\nIPMI dissector in Wireshark 2.0.x before 2.0.1 improperly attempts to\naccess a packet scope, which allows remote attackers to cause a denial\nof service (assertion failure and application exit) via a crafted\npacket.\n\n- CVE-2015-8737 (denial of service)\nThe mp2t_open function in wiretap/mp2t.c in the MP2T file parser in\nWireshark 2.0.x before 2.0.1 does not validate the bit rate, which\nallows remote attackers to cause a denial of service (divide-by-zero\nerror and application crash) via a crafted file.\n\n- CVE-2015-8736 (denial of service)\nThe mp2t_find_next_pcr function in wiretap/mp2t.c in the MP2T file\nparser in Wireshark 2.0.x before 2.0.1 does not reserve memory for a\ntrailer, which allows remote attackers to cause a denial of service\n(stack-based buffer overflow and application crash) via a crafted\nfile.\n\n- CVE-2015-8735 (denial of service)\nThe get_value function in epan/dissectors/packet-btatt.c in the\nBluetooth Attribute (aka BT ATT) dissector in Wireshark 2.0.x before\n2.0.1 uses an incorrect integer data type, which allows remote\nattackers to cause a denial of service (invalid write operation and\napplication crash) via a crafted packet.\n\n- CVE-2015-8734 (denial of service)\nThe dissect_nwp function in epan/dissectors/packet-nwp.c in the NWP\ndissector in Wireshark 2.0.x before 2.0.1 mishandles the packet type,\nwhich allows remote attackers to cause a denial of service\n(application crash) via a crafted packet.\n\n- CVE-2015-8733 (denial of service)\nThe ngsniffer_process_record function in wiretap/ngsniffer.c in the\nSniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before\n2.0.1 does not validate the relationships between record lengths and\nrecord header lengths, which allows remote attackers to cause a denial\nof service (out-of-bounds read and application crash) via a crafted\nfile.\n\n- CVE-2015-8732 (denial of service)\nThe dissect_zcl_pwr_prof_pwrprofstatersp function in\nepan/dissectors/packet-zbee-zcl-general.c in the ZigBee ZCL dissector\nin Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not\nvalidate the Total Profile Number field, which allows remote attackers\nto cause a denial of service (out-of-bounds read and application\ncrash) via a crafted packet.\n\n- CVE-2015-8730 (denial of service)\nepan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark\n1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the\nnumber of items, which allows remote attackers to cause a denial of\nservice (invalid read operation and application crash) via a crafted\npacket.\n\n- CVE-2015-8731 (denial of service)\nThe dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c\nin the RSL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x\nbefore 2.0.1 does not reject unknown TLV types, which allows remote\nattackers to cause a denial of service (out-of-bounds read and\napplication crash) via a crafted packet.\n\n- CVE-2015-8729 (denial of service)\nThe ascend_seek function in wiretap/ascendtext.c in the Ascend file\nparser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does\nnot ensure the presence of a '\\0' character at the end of a date\nstring, which allows remote attackers to cause a denial of service\n(out-of-bounds read and application crash) via a crafted file.\n\n- CVE-2015-8728 (denial of service)\nThe Mobile Identity parser in (1) epan/dissectors/packet-ansi_a.c in\nthe ANSI A dissector and (2) epan/dissectors/packet-gsm_a_common.c in\nthe GSM A dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before\n2.0.1 improperly uses the tvb_bcd_dig_to_wmem_packet_str function,\nwhich allows remote attackers to cause a denial of service (buffer\noverflow and application crash) via a crafted packet.\n\n- CVE-2015-8727 (denial of service)\nThe dissect_rsvp_common function in epan/dissectors/packet-rsvp.c in\nthe RSVP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before\n2.0.1 does not properly maintain request-key data, which allows remote\nattackers to cause a denial of service (use-after-free and application\ncrash) via a crafted packet\n\n- CVE-2015-8726 (denial of service)\nwiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before\n1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and\nModulation and Coding Scheme (MCS) data, which allows remote attackers\nto cause a denial of service (out-of-bounds read and application\ncrash) via a crafted file.\n\n- CVE-2015-8725 (denial of service)\nThe dissect_diameter_base_framed_ipv6_prefix function in\nepan/dissectors/packet-diameter.c in the DIAMETER dissector in\nWireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not\nvalidate the IPv6 prefix length, which allows remote attackers to\ncause a denial of service (stack-based buffer overflow and application\ncrash) via a crafted packet.\n\n- CVE-2015-8724 (denial of service)\nThe AirPDcapDecryptWPABroadcastKey function in epan/crypt/airpdcap.c\nin the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x\nbefore 2.0.1 does not verify the WPA broadcast key length, which\nallows remote attackers to cause a denial of service (out-of-bounds\nread and application crash) via a crafted packet.\n\n- CVE-2015-8723 (denial of service)\nThe AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the\n802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before\n2.0.1 does not validate the relationship between the total length and\nthe capture length, which allows remote attackers to cause a denial of\nservice (stack-based buffer overflow and application crash) via a\ncrafted packet.\n\n- CVE-2015-8722 (denial of service)\nepan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark\n1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the\nframe pointer, which allows remote attackers to cause a denial of\nservice (NULL pointer dereference and application crash) via a crafted\npacket.\n\n- CVE-2015-8721 (denial of service)\nBuffer overflow in the tvb_uncompress function in epan/tvbuff_zlib.c\nin Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 allows remote\nattackers to cause a denial of service (application crash) via a\ncrafted packet with zlib compression.\n\n- CVE-2015-8720 (denial of service)\nThe dissect_ber_GeneralizedTime function in\nepan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.12.x\nbefore 1.12.9 and 2.0.x before 2.0.1 improperly checks an sscanf\nreturn value, which allows remote attackers to cause a denial of\nservice (application crash) via a crafted packet.\n\n- CVE-2015-8718 (denial of service)\nDouble free vulnerability in epan/dissectors/packet-nlm.c in the NLM\ndissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1,\nwhen the "Match MSG/RES packets for async NLM" option is enabled,\nallows remote attackers to cause a denial of service (application\ncrash) via a crafted packet.\n\n- CVE-2015-8711 (denial of service)\nepan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark\n1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate\nconversation data, which allows remote attackers to cause a denial of\nservice (NULL pointer dereference and application crash) via a crafted\npacket.", "published": "2016-01-09T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://lists.archlinux.org/pipermail/arch-security/2016-January/000485.html", "cvelist": ["CVE-2015-8741", "CVE-2015-8730", "CVE-2015-8733", "CVE-2015-8722", "CVE-2015-8736", "CVE-2015-8726", "CVE-2015-8731", "CVE-2015-8739", "CVE-2015-8724", "CVE-2015-8742", "CVE-2015-8738", "CVE-2015-8723", "CVE-2015-8720", "CVE-2015-8725", "CVE-2015-8737", "CVE-2015-8735", "CVE-2015-8729", "CVE-2015-8721", "CVE-2015-8727", "CVE-2015-8728", "CVE-2015-8732", "CVE-2015-8734", "CVE-2015-8711", "CVE-2015-8740", "CVE-2015-8718"], "lastseen": "2016-09-02T18:44:36"}], "debian": [{"id": "DSA-3505", "type": "debian", "title": "wireshark -- security update", "description": "Multiple vulnerabilities were discovered in the dissectors/parsers for Pcapng, NBAP, UMTS FP, DCOM, AllJoyn, T.38, SDP, NLM, DNS, BED, SCTP, 802.11, DIAMETER, VeriWave, RVSP, ANSi A, GSM A, Ascend, NBAP, ZigBee ZCL and Sniffer which could result in denial of service.\n\nFor the oldstable distribution (wheezy), these problems have been fixed in version 1.8.2-5wheezy17.\n\nFor the stable distribution (jessie), these problems have been fixed in version 1.12.1+g01b65bf-4+deb8u4.\n\nFor the testing distribution (stretch), these problems have been fixed in version 2.0.2+ga16e22e-1.\n\nFor the unstable distribution (sid), these problems have been fixed in version 2.0.2+ga16e22e-1.\n\nWe recommend that you upgrade your wireshark packages.", "published": "2016-03-04T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://www.debian.org/security/dsa-3505", "cvelist": ["CVE-2015-8713", "CVE-2015-8717", "CVE-2015-8730", "CVE-2015-8714", "CVE-2015-8733", "CVE-2015-8722", "CVE-2015-8719", "CVE-2015-8715", "CVE-2015-8726", "CVE-2015-8724", "CVE-2015-8723", "CVE-2015-8720", "CVE-2015-8725", "CVE-2015-8729", "CVE-2015-8721", "CVE-2015-8727", "CVE-2015-7830", "CVE-2015-8728", "CVE-2015-8712", "CVE-2015-8732", "CVE-2015-8716", "CVE-2015-8711", "CVE-2015-8718"], "lastseen": "2016-09-02T18:22:10"}], "kaspersky": [{"id": "KLA10730", "type": "kaspersky", "title": "\r KLA10730Denial of service vulnerabilities in Wireshark\t\t\t ", "description": "### *CVSS*:\n4.3\n\n### *Detect date*:\n01/04/2016\n\n### *Severity*:\nWarning\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service.\n\n### *Affected products*:\nWireshark 1.12 versions earlier than 1.12.9 \nWireshark 2.0 versions earlier than 2.0.1\n\n### *Solution*:\nUpdate to the latest version \n[Download Wireshark](<https://www.wireshark.org/#download>)\n\n### *Original advisories*:\n[Wireshark adviosries list](<https://www.wireshark.org/security/>) \n\n\n### *Impacts*:\nDoS \n\n### *Related products*:\n[Wireshark](<https://threats.kaspersky.com/en/product/Wireshark/>)\n\n### *CVE-IDS*:\n[CVE-2015-8713](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8713>) \n[CVE-2015-8714](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8714>) \n[CVE-2015-8715](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8715>) \n[CVE-2015-8716](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8716>) \n[CVE-2015-8717](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8717>) \n[CVE-2015-8718](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8718>) \n[CVE-2015-8719](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8719>) \n[CVE-2015-8720](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8720>) \n[CVE-2015-8721](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8721>) \n[CVE-2015-8722](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8722>) \n[CVE-2015-8723](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8723>) \n[CVE-2015-8724](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8724>) \n[CVE-2015-8725](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8725>) \n[CVE-2015-8726](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8726>) \n[CVE-2015-8727](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8727>) \n[CVE-2015-8728](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8728>) \n[CVE-2015-8729](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8729>) \n[CVE-2015-8730](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8730>) \n[CVE-2015-8731](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8731>) \n[CVE-2015-8732](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8732>) \n[CVE-2015-8733](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8733>) \n[CVE-2015-8734](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8734>) \n[CVE-2015-8735](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8735>) \n[CVE-2015-8736](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8736>) \n[CVE-2015-8737](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8737>) \n[CVE-2015-8738](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8738>) \n[CVE-2015-8739](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8739>) \n[CVE-2015-8740](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8740>) \n[CVE-2015-8741](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8741>) \n[CVE-2015-8742](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8742>)", "published": "2016-01-04T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://threats.kaspersky.com/en/vulnerability/KLA10730", "cvelist": ["CVE-2015-8713", "CVE-2015-8717", "CVE-2015-8741", "CVE-2015-8730", "CVE-2015-8714", "CVE-2015-8733", "CVE-2015-8722", "CVE-2015-8719", "CVE-2015-8715", "CVE-2015-8736", "CVE-2015-8726", "CVE-2015-8731", "CVE-2015-8739", "CVE-2015-8724", "CVE-2015-8742", "CVE-2015-8738", "CVE-2015-8723", "CVE-2015-8720", "CVE-2015-8725", "CVE-2015-8737", "CVE-2015-8735", "CVE-2015-8729", "CVE-2015-8721", "CVE-2015-8727", "CVE-2015-8728", "CVE-2015-8732", "CVE-2015-8716", "CVE-2015-8734", "CVE-2015-8740", "CVE-2015-8718"], "lastseen": "2018-03-30T14:10:46"}], "gentoo": [{"id": "GLSA-201604-05", "type": "gentoo", "title": "Wireshark: Multiple vulnerabilities", "description": "### Background\n\nWireshark is a network protocol analyzer formerly known as ethereal.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Wireshark. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nRemote attackers could cause Denial of Service and local attackers could escalate privileges. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Wireshark users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-analyzer/wireshark-2.0.2\"", "published": "2016-04-26T00:00:00", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://security.gentoo.org/glsa/201604-05", "cvelist": ["CVE-2015-8713", "CVE-2015-8717", "CVE-2015-8741", "CVE-2015-8730", "CVE-2015-8714", "CVE-2015-8733", "CVE-2016-2531", "CVE-2015-8722", "CVE-2016-2527", "CVE-2016-2530", "CVE-2016-2524", "CVE-2015-8719", "CVE-2015-8715", "CVE-2015-8736", "CVE-2015-8726", "CVE-2016-2521", "CVE-2015-8731", "CVE-2015-8739", "CVE-2015-8724", "CVE-2015-8742", "CVE-2015-8738", "CVE-2016-2529", "CVE-2015-8723", "CVE-2015-8720", "CVE-2016-2528", "CVE-2016-2526", "CVE-2015-8725", "CVE-2015-8737", "CVE-2015-8735", "CVE-2015-8729", "CVE-2015-8721", "CVE-2015-8727", "CVE-2015-8728", "CVE-2016-2532", "CVE-2015-8712", "CVE-2016-2523", "CVE-2016-2525", "CVE-2016-2522", "CVE-2015-8732", "CVE-2015-8716", "CVE-2015-8734", "CVE-2015-8711", "CVE-2015-8740", "CVE-2015-8718"], "lastseen": "2016-09-06T19:46:14"}]}}