openSUSE Security Update : wireshark (openSUSE-SU-2012:1067-1)

Wireshark was updated to 1.8.2 : - The DCP ETSI dissector could trigger a zero division. wnpa-sec-2012-13 CVE-2012-4285 - The MongoDB dissector could go into a large loop. wnpa-sec-2012-14 CVE-2012-4287 - The XTP dissector could go into an infinite loop. wnpa-sec-2012-15 CVE-2012-4288 - The ERF...

Wireshark Multiple Vulnerabilities(01) - August 2012 (Windows)

This host is installed with Wireshark and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbwiresharkmultvuln01aug12win.nasl 5912 2017-04-10 09:01:51Z teissa $ Wireshark Multiple Vulnerabilities01 - August 2012 Windows Authors: Madhuri D Copyright: Copyright c 2012 Greenbone...

Wireshark 1.8.x < 1.8.2 Multiple Vulnerabilities

The installed version of Wireshark is 1.8.x before 1.8.2. This version is affected by the following vulnerabilities : - The 'DCP ETSI' dissector and 'pcap-ng' parser can attempt a divide by zero operation leading to an application crash. CVE-2012-4285, CVE-2012-4286 - The 'MongoDB', 'XTP', 'AFP',...

CVE-2012-4298

Integer signedness error in the vwrreadrecdataethernet function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.2 allows user-assisted remote attackers to execute arbitrary code via a crafted packet-trace file that triggers a buffer overflow...

CVE-2012-4298

Wireshark 1.8.x contains CVE-2012-4298 due to an integer signedness error in wiretap/vwr.c (Ixia IxVeriWave file parser). A crafted packet-trace file triggers a buffer overflow, allowing remote code execution. Affected: Wireshark 1.8.x prior to 1.8.2. Mitigation: upgrade to Wireshark 1.8.2 or lat...