Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DLA-198-1:FF28E
HistoryApr 22, 2015 - 9:45 a.m.

[SECURITY] [DLA 198-1] wireshark security update

2015-04-2209:45:46
lists.debian.org
12

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.003 Low

EPSS

Percentile

70.6%

JSON

Package : wireshark
Version : 1.8.2-5wheezy15~deb6u1
CVE ID : CVE-2015-2191 CVE-2015-2188 CVE-2015-0564 CVE-2015-0562
CVE-2014-8714 CVE-2014-8713 CVE-2014-8712 CVE-2014-8711
CVE-2014-8710 CVE-2014-6432 CVE-2014-6431 CVE-2014-6430
CVE-2014-6429 CVE-2014-6428 CVE-2014-6423 CVE-2014-6422

The following vulnerabilities were discovered in the Squeeze's Wireshark
version:

CVE-2015-2188 The WCP dissector could crash
CVE-2015-0564 Wireshark could crash while decypting TLS/SSL sessions
CVE-2015-0562 The DEC DNA Routing Protocol dissector could crash
CVE-2014-8714 TN5250 infinite loops
CVE-2014-8713 NCP crashes
CVE-2014-8712 NCP crashes
CVE-2014-8711 AMQP crash
CVE-2014-8710 SigComp UDVM buffer overflow
CVE-2014-6432 Sniffer file parser crash
CVE-2014-6431 Sniffer file parser crash
CVE-2014-6430 Sniffer file parser crash
CVE-2014-6429 Sniffer file parser crash
CVE-2014-6428 SES dissector crash
CVE-2014-6423 MEGACO dissector infinite loop
CVE-2014-6422 RTP dissector crash

Since back-porting upstream patches to 1.2.11-6+squeeze15 did not fix
all the outstanding issues and some issues are not even tracked publicly
the LTS Team decided to sync squeeze-lts's wireshark package with
wheezy-security to provide the best possible security support.

Note that upgrading Wireshark from 1.2.x to 1.8.x introduces
several backward-incompatible changes in package structure, shared
library API/ABI, availability of dissectors and in syntax of command
line parameters.

Related

nessus 43
openvas 42
osv 4
veracode 20
redhat 4
oraclelinux 4
centos 4
amazon 2
archlinux 3
fedora 4
securityvulns 8
mageia 4
debian 4
f5 2
gentoo 1
suse 1
prion 13
ubuntucve 12
debiancve 11
cve 12
kaspersky 1
nessus
nessus
Debian DLA-198-1 : wireshark security update
2015-04-23 00:00:00
RHEL 6 : wireshark (RHSA-2015:1460)
2015-07-23 00:00:00
Scientific Linux Security Update : wireshark on SL6.x i386/x86_64 (20150722)
2015-08-04 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-198-1)
2023-03-08 00:00:00
Oracle: Security Advisory (ELSA-2015-1460)
2015-10-06 00:00:00
Amazon Linux: Security Advisory (ALAS-2015-580)
2015-09-08 00:00:00
osv
osv
wireshark - security update
2015-04-22 00:00:00
wireshark - security update
2014-11-25 00:00:00
wireshark - security update
2014-10-14 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:41:09
Buffer Underflow
2019-05-02 05:41:10
Out-of-bounds Read
2019-05-02 05:41:10
redhat
redhat
(RHSA-2015:1460) Moderate: wireshark security, bug fix, and enhancement update
2015-07-22 00:00:00
(RHSA-2014:1677) Moderate: wireshark security update
2014-10-21 00:00:00
(RHSA-2014:1676) Moderate: wireshark security update
2014-10-21 00:00:00
oraclelinux
oraclelinux
wireshark security, bug fix, and enhancement update
2015-07-28 00:00:00
wireshark security update
2014-10-22 00:00:00
wireshark security update
2014-10-21 00:00:00
centos
centos
wireshark security update
2015-07-26 14:12:34
wireshark security update
2014-10-21 23:32:37
wireshark security update
2014-10-21 19:49:27
amazon
amazon
Medium: wireshark
2015-08-17 12:29:00
Medium: wireshark
2014-11-11 10:27:00
archlinux
archlinux
wireshark-cli: denial of service
2014-11-20 00:00:00
wireshark-gtk: denial of service
2014-11-20 00:00:00
wireshark-qt: denial of service
2014-11-20 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: wireshark-1.10.11-1.fc20
2014-12-04 06:22:05
[SECURITY] Fedora 21 Update: wireshark-1.12.2-1.fc21
2014-12-06 10:51:00
[SECURITY] Fedora 20 Update: wireshark-1.10.10-1.fc20
2014-09-25 10:41:18
securityvulns
securityvulns
[ MDVSA-2014:223 ] wireshark
2014-11-24 00:00:00
[ MDVSA-2014:188 ] wireshark
2014-09-29 00:00:00
wireshark multiple security vulnerabilities
2014-09-29 00:00:00
mageia
mageia
Updated wireshark packages fix security vulnerabilities
2014-11-21 15:44:16
Updated wireshark packages fix security vulnerabilities
2014-09-24 20:44:28
Updated wireshark packages fix security vulnerabilities
2015-01-09 19:44:12
debian
debian
[SECURITY] [DSA 3076-1] wireshark security update
2014-11-25 20:51:42
[SECURITY] [DSA 3049-1] wireshark security update
2014-10-14 19:36:14
[SECURITY] [DSA 3141-1] wireshark security update
2015-01-27 11:24:49
f5
f5
SOL16940 - Multiple Wireshark vulnerabilities
2015-07-08 00:00:00
K16940 : Multiple Wireshark vulnerabilities
2015-09-17 00:00:00
gentoo
gentoo
Wireshark: Multiple vulnerabilities
2014-12-28 00:00:00
suse
suse
Security update for wireshark (important)
2014-09-27 00:04:33
prion
prion
Code injection
2014-11-23 02:59:00
Integer overflow
2014-11-23 02:59:00
Code injection
2014-09-20 10:55:00
ubuntucve
ubuntucve
CVE-2014-8713
2014-11-23 00:00:00
CVE-2014-6431
2014-09-20 00:00:00
CVE-2014-8714
2014-11-23 00:00:00
debiancve
debiancve
CVE-2014-8713
2014-11-23 02:59:00
CVE-2014-6422
2014-09-20 10:55:00
CVE-2014-8712
2014-11-23 02:59:00
cve
cve
CVE-2014-8712
2014-11-23 02:59:00
CVE-2014-8711
2014-11-23 02:59:00
CVE-2014-8713
2014-11-23 02:59:00
kaspersky
kaspersky
KLA10518 Denial of service vulnerabilities in Wireshark
2015-03-07 00:00:00

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.003 Low

EPSS

Percentile

70.6%

JSON
Related for DEBIAN:DLA-198-1:FF28E
nessus43openvas42osv4veracode20redhat4oraclelinux4centos4amazon2archlinux3fedora4securityvulns8mageia4debian4f52gentoo1suse1prion13ubuntucve12debiancve11cve12kaspersky1