5 matches found
Updated wireshark packages fix security vulnerabilities
Updated wireshark packages fix security vulnerabilities: ASN.1 BER dissector crash CVE-2016-2522. DNP dissector infinite loop CVE-2016-2523. X.509AF dissector crash CVE-2016-2524. HTTP/2 dissector crash CVE-2016-2525. HiQnet dissector crash CVE-2016-2526. 3GPP TS 32.423 Trace file parser crash...
CVE-2016-2527
wiretap/nettrace3gpp32423.c in the 3GPP TS 32.423 Trace file parser in Wireshark 2.0.x before 2.0.2 does not ensure that a '\0' character is present at the end of certain strings, which allows remote attackers to cause a denial of service stack-based buffer overflow and application crash via a...
CVE-2016-2527
wiretap/nettrace3gpp32423.c in the 3GPP TS 32.423 Trace file parser in Wireshark 2.0.x before 2.0.2 does not ensure that a '\0' character is present at the end of certain strings, which allows remote attackers to cause a denial of service stack-based buffer overflow and application crash via a...
CVE-2016-2527
wiretap/nettrace3gpp32423.c in the 3GPP TS 32.423 Trace file parser in Wireshark 2.0.x before 2.0.2 does not ensure that a '\0' character is present at the end of certain strings, which allows remote attackers to cause a denial of service stack-based buffer overflow and application crash via a...
CVE-2016-2527
Wireshark 2.0.x before 2.0.2 is affected by CVE-2016-2527 in the 3GPP TS 32.423 Trace file parser (wiretap/nettrace_3gpp_32_423.c). The vulnerability arises because the parser does not ensure a trailing null ('\0') at the end of certain strings, enabling remote attackers to trigger a stack-based ...