22 matches found
K15868: Multiple Wireshark vulnerabilities
Security Advisory Description CVE-2013-4074 The dissectcapwapdata function in epan/dissectors/packet-capwap.c in the CAPWAP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 incorrectly uses a -1 data value to represent an error condition, which allows remote attackers to cause a...
SUSE CVE-2013-4083
The dissectpft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.6.x before 1.6.16, 1.8.x before 1.8.8, and 1.10.0 does not validate a certain fragment length value, which allows remote attackers to cause a denial of service application crash via a crafted...
Mageia: Security Advisory (MGASA-2013-0180)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2013:1276-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Denial Of Service (DoS)
Wireshark, previously known as Ethereal, is a network protocol analyzer. It is used to capture and browse the traffic running on a computer network. Two flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly,...
Integer Overflow
Wireshark, previously known as Ethereal, is a network protocol analyzer. It is used to capture and browse the traffic running on a computer network. Two flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly,...
Oracle: Security Advisory (ELSA-2014-0341)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux: Security Advisory (ALAS-2013-251)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
F5 Networks BIG-IP : Multiple Wireshark vulnerabilities (K15868)
CVE-2013-4074 The dissectcapwapdata function in epan/dissectors/packet-capwap.c in the CAPWAP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 incorrectly uses a -1 data value to represent an error condition, which allows remote attackers to cause a denial of service application...
Scientific Linux Security Update : wireshark on SL5.x i386/x86_64 (20140331)
Multiple flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. CVE-2013-3559, CVE-2013-4083, CVE-2014-2281, CVE-2014-2299 Several denial of service flaws...
Oracle Linux 5 : wireshark (ELSA-2014-0341)
The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-0341 advisory. 1.0.15-6.0.1.el5 - Added oracle-ocfs2-network.patch - increase max packet size to 65536 Herbert van den Bergh orabug 13542633 1.0.15-6 - security patch...
wireshark security update
CentOS Errata and Security Advisory CESA-2014:0341 Updated wireshark packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS...
Moderate: Red Hat Security Advisory: wireshark security update
Updated wireshark packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, a...
Amazon Linux AMI : wireshark (ALAS-2013-251)
Two flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. CVE-2013-3559 , CVE-2013-4083 Several denial of service flaws were found in Wireshark. Wireshar...
Fedora Update for wireshark FEDORA-2013-17661
Check for the Version of wireshark OpenVAS Vulnerability Test Fedora Update for wireshark FEDORA-2013-17661 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...
SuSE 11.2 / 11.3 Security Update : wireshark (SAT Patch Numbers 8044 / 8045)
This wireshark version update to 1.8.8 includes several security and general bug fixes. Version update to 1.8.8 bnc824900 : - vulnerabilities fixed : - The CAPWAP dissector could crash. wnpa-sec-2013-32. CVE-2013-4074 - The GMR-1 BCCH dissector could crash. wnpa-sec-2013-33. CVE-2013-4075 - The P...
MGASA-2013-0181 Updated wireshark packages fix multiple security vulnerabilities
The CAPWAP dissector could crash CVE-2013-4074. The GMR-1 BCCH dissector could crash CVE-2013-4075. The PPP dissector could crash CVE-2013-4076. The NBAP dissector could crash CVE-2013-4077. The RDP dissector could crash CVE-2013-4078. The GSM CBCH dissector could crash CVE-2013-4079. The Assa...
[ MDVSA-2013:172 ] wireshark
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:172 http://www.mandriva.com/en/support/security/ Package : wireshark Date : June 12, 2013 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: Multiple vulnerabilities has been found and...
CVE-2013-4083
The dissectpft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.6.x before 1.6.16, 1.8.x before 1.8.8, and 1.10.0 does not validate a certain fragment length value, which allows remote attackers to cause a denial of service application crash via a crafted...
CVE-2013-4083
The CVE-2013-4083 issue affects Wireshark’s DCP ETSI dissector (function dissect_pft in epan/dissectors/packet-dcp-etsi.c). It can crash the application (denial of service) when processing crafted packets due to failure to validate a fragment length value. Impacted releases: Wireshark 1.6.x befor...