14 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-9350
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the openSAFETY dissector could crash or exhaust system memory. This was addressed in...
Security fix for the ALT Linux 9 package wireshark version 2.2.8-alt1
July 21, 2017 Anton Farygin 2.2.8-alt1 - new version: wnpa-sec-2017-13 WBMXL dissector infinite loop CVE-2017-7702, CVE-2017-11410 wnpa-sec-2017-28 openSAFETY dissector memory exhaustion CVE-2017-9350, CVE-2017-11411 wnpa-sec-2017-34 AMQP dissector crash CVE-2017-11408 wnpa-sec-2017-35 MQ dissect...
CVE-2017-11411
In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the openSAFETY dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-opensafety.c by adding length validation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-9350...
Input validation
In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the openSAFETY dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-opensafety.c by adding length validation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-9350...
SUSE SLES11 Security Update : wireshark (SUSE-SU-2017:1664-1)
The network analysis tool wireshark was updated to version 2.0.13 to fix the following issues : - CVE-2017-9352: Bazaar dissector infinite loop wnpa-sec-2017-22 bsc1042304 - CVE-2017-9348: DOF dissector read overflow wnpa-sec-2017-23 bsc1042303 - CVE-2017-9351: DHCP dissector read overflow...
SUSE SLED12 / SLES12 Security Update : wireshark (SUSE-SU-2017:1663-1)
The network debugging tool wireshark was updated to version 2.2.7 to fix the following issues : - CVE-2017-9352: Bazaar dissector infinite loop wnpa-sec-2017-22 bsc1042304 - CVE-2017-9348: DOF dissector read overflow wnpa-sec-2017-23 bsc1042303 - CVE-2017-9351: DHCP dissector read overflow...
Wireshark 2.2.x < 2.2.7 Multiple Vulnerabilities (macOS)
The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.2.7. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.2.7 advisory. - In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the RGMP dissector could crash. This was addressed in...
Security fix for the ALT Linux 7 package wireshark version 2.2.7-alt1.M70P.1
2.2.7-alt1.M70P.1 built June 4, 2017 Anton Farygin in task 183813 June 4, 2017 Anton Farygin - new version with these security fixes: wnpa-sec-2017-22 Bazaar dissector infinite loop CVE-2017-9352 wnpa-sec-2017-23 DOF dissector read overflow CVE-2017-9348 wnpa-sec-2017-24 DHCP dissector read...
Security fix for the ALT Linux 9 package wireshark version 2.2.7-alt1
June 4, 2017 Anton Farygin 2.2.7-alt1 - new version with these security fixes: wnpa-sec-2017-22 Bazaar dissector infinite loop CVE-2017-9352 wnpa-sec-2017-23 DOF dissector read overflow CVE-2017-9348 wnpa-sec-2017-24 DHCP dissector read overflow CVE-2017-9351 wnpa-sec-2017-25 SoulSeek dissector...
CVE-2017-9350
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the openSAFETY dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-opensafety.c by checking for a negative length...
DEBIAN-CVE-2017-9350
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the openSAFETY dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-opensafety.c by checking for a negative length...
UBUNTU-CVE-2017-9350
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the openSAFETY dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-opensafety.c by checking for a negative length...
CVE-2017-9350
CVE-2017-9350 affects Wireshark openSAFETY dissector (versions 2.2.0–2.2.6 and 2.0.0–2.0.12). The issue could crash or exhaust memory due to missing validation for a negative length; fixed in epan/dissectors/packet-opensafety.c by adding length checks. Upstream remediation: upgrade to a build con...
Wireshark Multiple Denial-of-Service Vulnerabilities-01 (Jun 2017) - Mac OS X
Wireshark is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark"; ifdescripti...