CLSA-2026-1775039763 wireshark: Fix of 11 CVEs

CVE-2023-6175: fix heap buffer overflow in NetScreen file parser - CVE-2024-0208: fix crash in GVCP dissector due to NULL string - CVE-2024-0209: fix uncontrolled recursion in ASN.1 dissectors - CVE-2024-0211: fix infinite loop in DOCSIS dissector - CVE-2024-2955: fix use-after-free in T.38...

CLSA-2026-1775032927 wireshark: Fix of 11 CVEs

CVE-2023-6175: fix heap buffer overflow in NetScreen file parser - CVE-2024-0208: fix crash in GVCP dissector due to NULL string - CVE-2024-0209: fix uncontrolled recursion in ASN.1 dissectors - CVE-2024-0211: fix infinite loop in DOCSIS dissector - CVE-2024-2955: fix use-after-free in T.38...

EUVD-2020-7459

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2024-0208

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file CVE-2024-020...

ROS-20240409-10

A vulnerability in IEEE 1609.2 plug-in dissector of Wireshark computer network traffic analyzer is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service Vulnerability in GVCP dissector of Wireshark computer...

Debian dla-3746 : libwireshark-data - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3746 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3746-1 [email protected]...

Updated wireshark packages fix security vulnerabilities

The updated packages fix security vulnerabilities: RTPS dissector memory leak. CVE-2023-5371 SSH dissector invalid read of memory blocks. CVE-2023-6174 NetScreen File Parsing Heap-based Buffer Overflow. CVE-2023-6175 GVCP dissector crash via packet injection or crafted capture file. CVE-2024-0208...

MGASA-2024-0045 Updated wireshark packages fix security vulnerabilities

The updated packages fix security vulnerabilities: RTPS dissector memory leak. CVE-2023-5371 SSH dissector invalid read of memory blocks. CVE-2023-6174 NetScreen File Parsing Heap-based Buffer Overflow. CVE-2023-6175 GVCP dissector crash via packet injection or crafted capture file. CVE-2024-0208...

Fedora 38 : wireshark (2024-fdc7dfb959)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-fdc7dfb959 advisory. New version 4.0.12. Includes fixes for CVE-2023-5371, CVE-2023-6174, CVE-2023-6175, CVE-2024-0208. Tenable has extracted the preceding description...

Fedora 39 : wireshark (2024-b72131479b)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-b72131479b advisory. New version 4.0.12. Includes fixes for CVE-2023-5371, CVE-2023-6174, CVE-2023-6175, CVE-2024-0208. Tenable has extracted the preceding description...

Amazon Linux 2023 : wireshark-cli, wireshark-devel (ALAS2023-2024-487)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-487 advisory. GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file CVE-2024-0208 IEEE 1609.2 dissector crash in...

Important: wireshark

Issue Overview: GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file CVE-2024-0208 IEEE 1609.2 dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packe...

Important: wireshark

Issue Overview: GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file CVE-2024-0208 Affected Packages: wireshark Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ...

Important: wireshark

Issue Overview: GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file CVE-2024-0208 Affected Packages: wireshark Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ...

Uncontrolled Recursion (Denial Of Service)

GVCP in Wireshark 4.2.0 is vulnerable to Uncontrolled Recursion. The vulnerability is due to packet injection or crafted capture file resulting in denial of service...

Uncontrolled Recursion (Denial Of Service)

GVCP in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 is vulnerable to Uncontrolled Recursion. The vulnerability is due to packet injection or crafted capture file resulting in denial of service...

CVE-2024-0208

A flaw was found in the GVCP dissector of Wireshark. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file...

CVE-2024-0208

GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file...

AZL-37058 CVE-2024-0208 affecting package wireshark for versions less than 4.4.7-1

GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file...

DEBIAN-CVE-2024-0208

GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file...