CLSA-2026-1778128255 wireshark: Fix of 8 CVEs

CVE-2022-0585: fix large/infinite loops in multiple dissectors AMP, ATN-ULCS, BP, GDSDB, PMUL, WAP, ZigBee ZCL, OpenFlow v5/v6, IPDC, TDS, ASN.1 PER, FTUINTBYTES/STRING - CVE-2022-4344: fix Kafka dissector memory exhaustion via decompression/loop bounds - CVE-2023-0666: fix RTPS dissector...

MiracleLinux 9 : wireshark-3.4.10-6.el9 (AXSA:2023-6852:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6852:02 advisory. wireshark: RTPS dissector crash CVE-2023-0666 wireshark: IEEE C37.118 Synchrophasor dissector crash CVE-2023-0668 wireshark: Candump log file parser...

Linux Distros Unpatched Vulnerability : CVE-2023-2855

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Candump log parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file CVE-2023-2855 Note that Nessus relies...

wireshark: Candump log file parser crash

A flaw was found in the Candump log file parser of Wireshark. This issue occurs when decoding malformed packets from a pcap file or from the network, causing a buffer overflow, resulting in a denial of service...

canTot

This is a Python-based CLI framework called "canTot" that is designed for CAN Bus hacking and exploitation. It is similar to an exploit framework but focused on known CAN Bus vulnerabilities or "fun CAN Bus hacks." The framework is made up of several modules, each with its own specific...

Denial Of Service (DoS)

wireshark is vulnerable to Denial Of Service DoS. The vulnerability exists through the Candump log parser in the library, allowing an attacker to cause an application crash via maliciously crafted file...

Amazon Linux 2023 : wireshark-cli, wireshark-devel (ALAS2023-2023-197)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-197 advisory. Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark version between 4.0.0 to 4.0.5, by default, is susceptible to a heap-based buffer overflow, and...

OESA-2023-1321 wireshark security update

Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless WiFi or Bluetooth networks, USB devices,and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful featur...

CVE-2023-2855

Candump log parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file...

DEBIAN-CVE-2023-2855

Candump log parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file...

Design/Logic Flaw

Candump log parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file...

UBUNTU-CVE-2023-2855

Candump log parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file...

SUSE CVE-2023-2855

Candump log parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file...

CVE-2023-2855

Candump log parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file...

CVE-2023-2855

Candump log parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file...

CVE-2023-2855

Wireshark contains a vulnerability CVE-2023-2855 where the Candump log parser crashes Wireshark 4.0.0–4.0.5 and 3.6.0–3.6.13, causing denial of service via crafted capture files. Public advisories note multiple vendor fixes and recommend upgrading to Wireshark 4.0.6 or newer (e.g., Debian 4.0.6-1...

CVE-2023-2855

Candump log parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file...

PT-2023-21797 · Wireshark +4 · Wireshark +4

Name of the Vulnerable Software and Affected Versions: Wireshark versions 3.6.0 through 3.6.13 Wireshark versions 4.0.0 through 4.0.5 Description: The issue allows for denial of service via a crafted capture file, causing a crash in the candump log parser. Recommendations: For Wireshark versions...

CVE-2023-2855

Candump log parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file...

Wireshark 4.0.x < 4.0.6 Multiple Vulnerabilities

The version of Wireshark installed on the remote Windows host is prior to 4.0.6. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-4.0.6 advisory. - XRA dissector infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet...