26 matches found
Azure Linux 3.0 Security Update: wireshark (CVE-2024-4854)
The version of wireshark installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-4854 advisory. - MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to...
CVE-2024-4854 affecting package wireshark for versions less than 4.4.7-1
CVE-2024-4854 affecting package wireshark for versions less than 4.4.7-1. An upgraded version of the package is available that resolves this issue...
TencentOS Server 4: wireshark (TSSA-2024:0442)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0442 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
Linux Distros Unpatched Vulnerability : CVE-2024-4854
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or...
openSUSE Security Advisory (SUSE-SU-2024:1865-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux 2023 : wireshark-cli, wireshark-devel (ALAS2023-2024-673)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-673 advisory. Memory handling issue in editcap could cause denial of service via crafted capture file CVE-2024-4853 MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14,...
openSUSE Security Advisory (SUSE-SU-2024:2265-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15: libwireshark15 / libwiretap12 / libwsutil13 / wireshark / etc (SUSE-SU-2024:2265-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2265-1 advisory. Update to version 3.6.22: - CVE-2024-4854: MONGO and ZigBee TLV dissector infinite loops...
SUSE-SU-2024:2265-1 Security update for wireshark
This update for wireshark fixes the following issues: Update to version 3.6.22: - CVE-2024-4854: MONGO and ZigBee TLV dissector infinite loops bsc1224274 - CVE-2024-4853: The editcap command line utility could crash when chopping bytes from the beginning of a packet bsc1224259 - CVE-2024-4855: Th...
Wireshark Multiple Vulnerabilities (Jun 2024) - Windows
Wireshark is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark"; ifdescripti...
Wireshark Multiple Vulnerabilities (Jun 2024) - Linux
Wireshark is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark"; ifdescripti...
Wireshark Multiple Vulnerabilities (Jun 2024) - Mac OS X
Wireshark is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark"; ifdescripti...
OESA-2024-1728 wireshark security update
Wireshark is an open source tool for profiling network traffic and analyzing packets. Such a tool is often referred to as a network analyzer, network protocol analyzer or sniffer. Security Fixes: MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0...
Fedora: Security Advisory (FEDORA-2024-ed93e6d44f)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2024-0206 Updated wireshark packages fix security vulnerabilities
Memory handling issue in editcap could cause denial of service via crafted capture file. CVE-2024-4853 MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture file. CVE-2024-485...
SUSE-SU-2024:1865-1 Security update for wireshark
This update for wireshark fixes the following issues: Update to version 3.6.22: - CVE-2024-4854: MONGO and ZigBee TLV dissector infinite loops bsc1224274 - CVE-2024-4853: The editcap command line utility could crash when chopping bytes from the beginning of a packet bsc1224259 - CVE-2024-4855: Th...
CVE-2024-4854
A flaw was found in the MONGO and ZigBee TLV dissectors of Wireshark. This issue occurs when decoding malformed packets from a pcap file or from the network, causing an infinite loop, resulting in a denial of service. Mitigation Mitigation for this issue is either not available or the currently...
Wireshark 4.0.x < 4.0.15 Multiple Vulnerabilities (macOS)
The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 4.0.15. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-4.0.15 advisory. - MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0...
Wireshark 4.2.x < 4.2.5 Multiple Vulnerabilities
The version of Wireshark installed on the remote Windows host is prior to 4.2.5. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-4.2.5 advisory. - MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22...
Wireshark 3.6.x < 3.6.23 Multiple Vulnerabilities (macOS)
The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 3.6.23. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-3.6.23 advisory. - MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0...