CVE-2015-8733

The ngsnifferprocessrecord function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service...

CVE-2015-8726

Wireshark contains CVE-2015-8726 in the VeriWave file parser (wiretap/vwr.c): it does not validate certain signature and MCS data in crafted files, enabling remote attackers to trigger a DoS via out-of-bounds reads and app crashes. Affected: Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1. ...

CVE-2015-8726

wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and Modulation and Coding Scheme MCS data, which allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted file...

CVE-2015-8729

The ascendseek function in wiretap/ascendtext.c in the Ascend file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not ensure the presence of a '\0' character at the end of a date string, which allows remote attackers to cause a denial of service out-of-bounds read and...

MGASA-2015-0403 Updated wireshark packages fix security vulnerabilities

Updated wireshark packages fix security vulnerabilities: In Wireshark before 1.12.8, the pcapng file parser could crash while copying an interface filter. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet...

CVE-2015-3906

The logcatdumptext function in wiretap/logcat.c in the Android Logcat file parser in Wireshark 1.12.x before 1.12.5 does not properly handle a lack of \0 termination, which allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted message in a...

wireshark-gtk: denial of service

CVE-2015-3808 denial of service There is an infinite loop condition in dissectlbmrpser in epan/dissectors/packet-lbmr.c. It's possible for an attacker to set the the variable 'optionlen' to 0, causing the loop to never terminate. This issue is leading to excessive CPU resources consumption by...

Wireshark Android Logcat File Parser Remote Denial of Service Vulnerability

Wireshark is the most popular network protocol parser. A remote denial of service vulnerability exists in the Android Logcat File parser in Wireshark versions 1.12.0-1.12.4. An attacker can exploit this vulnerability to exhaust CPU resources and cause a denial of service...

Wireshark 1.10.x < 1.10.14 / 1.12.x < 1.12.5 Multiple DoS Vulnerabilities

The version of Wireshark installed on the remote Windows host is 1.10.x prior to 1.10.14, or 1.12.x prior to 1.12.5. It is, therefore, affected by various denial of service vulnerabilities in the following items : - LBMR dissector CVE-2015-3808, CVE-2015-3809 - WebSocket dissector CVE-2015-3810 -...

DLA-198-1 wireshark - security update

Bulletin has no description...

SuSE 11.3 Security Update : wireshark (SAT Patch Number 10444)

Wireshark was updated to version 1.10.13 fixing bugs and security issues : The following security issues have been fixed. - The WCP dissector could crash. wnpa-sec-2015-07 CVE-2015-2188 bnc920696 - The pcapng file parser could crash. wnpa-sec-2015-08 CVE-2015-2189 bnc920697 - The TNEF dissector...

Updated wireshark package fixes security vulnerabilies

The WCP dissector could crash CVE-2015-2188. The pcapng file parser could crash CVE-2015-2189. The TNEF dissector could go into an infinite loop CVE-2015-2191...

openSUSE Security Update : wireshark (openSUSE-2015-226)

Wireshark was updated to 1.10.13 on openSUSE 13.1 to fix bugs and security issues. Wireshark was updated to 1.12.4 on openSUSE 13.2 to fix bugs and security issues. The following security issues were fixed in 1.10.13 : - The WCP dissector could crash. wnpa-sec-2015-07 CVE-2015-2188 bnc920696 - Th...

Wireshark Denial-of-Service Vulnerability-02 (Mar 2015) - Windows

Wireshark is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark"...

Out-of-bounds

Off-by-one error in the pcapngread function in wiretap/pcapng.c in the pcapng file parser in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service out-of-bounds read and application crash via an invalid Interface Statistics Block ISB interfa...

Wireshark 1.10.x < 1.10.13 / 1.12.x < 1.12.4 Multiple DoS Vulnerabilities

The version of Wireshark installed remote Windows host is 1.10.x prior to 1.10.13, or 1.12.x prior to 1.12.4. It is, therefore, affected by denial of service vulnerabilities in the following items : - ATN-CPDLC dissector CVE-2015-2187 - WCP dissector CVE-2015-2188 - pcapng file parser CVE-2015-21...

Oracle Solaris Third-Party Patch Update : wireshark (multiple_vulnerabilities_in_wireshark11)

The remote Solaris system is missing necessary patches to address security updates : - Use-after-free vulnerability in the SDP dissector in Wireshark 1.10.x before 1.10.10 allows remote attackers to cause a denial of service application crash via a crafted packet that leverages split memory...

wireshark: DOS Sniffer file parser flaw (wnpa-sec-2014-19)

The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not properly handle empty input data, which allows remote attackers to cause a denial of service application crash via a crafted file...

[ MDVSA-2014:188 ] wireshark

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:188 http://www.mandriva.com/en/support/security/ Package : wireshark Date : September 25, 2014 Affected: Business Server 1.0 Problem Description: Updated wireshark packages fix security vulnerabilities: RTP...

MGASA-2014-0386 Updated wireshark packages fix security vulnerabilities

Updated wireshark packages fix security vulnerabilities: RTP dissector crash CVE-2014-6421, CVE-2014-6422. MEGACO dissector infinite loop CVE-2014-6423. Netflow dissector crash CVE-2014-6424. RTSP dissector crash CVE-2014-6427. SES dissector crash CVE-2014-6428. Sniffer file parser crash...