K000151220: Multiple Wireshark/tshark vulnerabilities

Security Advisory Description CVE-2020-26575 In Wireshark through 3.2.7, the Facebook Zero Protocol aka FBZERO dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement. CVE-2018-14339 In Wireshark 2.6.0 to...

Linux Distros Unpatched Vulnerability : CVE-2018-19622

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-mmse.c by...

SUSE CVE-2018-19622

In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-mmse.c by preventing length overflows...

SUSE: Security Advisory (SUSE-SU-2018:4295-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for wireshark (EulerOS-SA-2021-1859)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:4298-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NewStart CGSL CORE 5.04 / MAIN 5.04 : wireshark Multiple Vulnerabilities (NS-SA-2020-0064)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has wireshark packages installed that are affected by multiple vulnerabilities: - In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by...

Amazon Linux 2 : wireshark (ALAS-2020-1438)

The version of wireshark installed on the remote host is prior to 1.10.14-24. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1438 advisory. In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Radiotap dissector could crash. This was...

Scientific Linux Security Update : wireshark on SL7.x x86_64 (20200407)

wireshark: Out-of-bounds read in packet-ldss.c wireshark: Multiple dissectors could crash wnpa-sec-2018-36 wireshark: DICOM dissector infinite loop wnpa-sec-2018-39 wireshark: Bazaar dissector infinite loop wnpa-sec-2018-40 wireshark: SIGCOMP dissector crash in packet-sigcomp.c wireshark: Radiota...

wireshark security update

CentOS Errata and Security Advisory CESA-2020:1047 An update for wireshark is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severit...

openSUSE Security Update : wireshark (openSUSE-2019-1045)

This update for wireshark fixes the following issues : Update to Wireshark 2.4.11 bsc1117740. Security issues fixed : - CVE-2018-19625: The Wireshark dissection engine could crash wnpa-sec-2018-51 - CVE-2018-19626: The DCOM dissector could crash wnpa-sec-2018-52 - CVE-2018-19623: The LBMPDM...

Fedora 29 : 1:wireshark (2018-cb410a3812)

New version 2.6.5, contains fixes for CVE-2018-19622, CVE-2018-19623, CVE-2018-19624, CVE-2018-19625, CVE-2018-19626, CVE-2018-19627, CVE-2018-19628 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempt...

Fedora 28 : 1:wireshark (2018-1b6cb1df72)

New version 2.6.5, contains fixes for CVE-2018-19622, CVE-2018-19623, CVE-2018-19624, CVE-2018-19625, CVE-2018-19626, CVE-2018-19627, CVE-2018-19628 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempt...

SUSE SLED15 / SLES15 Security Update : wireshark (SUSE-SU-2018:4295-1)

This update for wireshark fixes the following issues : Update to Wireshark 2.4.11 bsc1117740. Security issues fixed : CVE-2018-19625: The Wireshark dissection engine could crash wnpa-sec-2018-51 CVE-2018-19626: The DCOM dissector could crash wnpa-sec-2018-52 CVE-2018-19623: The LBMPDM dissector...

openSUSE: Security Advisory for wireshark (openSUSE-SU-2018:4307-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE SLED12 / SLES12 Security Update : wireshark (SUSE-SU-2018:4298-1)

This update for wireshark fixes the following issues : Update to Wireshark 2.4.11 bsc1117740. Security issues fixed : CVE-2018-19625: The Wireshark dissection engine could crash wnpa-sec-2018-51 CVE-2018-19626: The DCOM dissector could crash wnpa-sec-2018-52 CVE-2018-19623: The LBMPDM dissector...

openSUSE Security Update : wireshark (openSUSE-2018-1620)

This update for wireshark fixes the following issues : Update to Wireshark 2.4.11 bsc1117740. Security issues fixed : - CVE-2018-19625: The Wireshark dissection engine could crash wnpa-sec-2018-51 - CVE-2018-19626: The DCOM dissector could crash wnpa-sec-2018-52 - CVE-2018-19623: The LBMPDM...

SUSE-SU-2018:4295-1 Security update for wireshark

This update for wireshark fixes the following issues: Update to Wireshark 2.4.11 bsc1117740. Security issues fixed: - CVE-2018-19625: The Wireshark dissection engine could crash wnpa-sec-2018-51 - CVE-2018-19626: The DCOM dissector could crash wnpa-sec-2018-52 - CVE-2018-19623: The LBMPDM dissect...

Security fix for the ALT Linux 9 package wireshark version 2.6.5-alt1

Dec. 3, 2018 Anton Farygin 2.6.5-alt1 - 2.6.5 - added devel package closes: 29869 - fixes: The Wireshark dissection engine could crash. CVE-2018-19625 The DCOM dissector could crash. CVE-2018-19626 The LBMPDM dissector could crash. CVE-2018-19623 The MMSE dissector could go into an infinite loop...

CVE-2018-19622

In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-mmse.c by preventing length overflows...