Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-26940)

The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-26940 advisory. - In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Create debugfs...

kernel: drm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: fix a memleak in vmwgmridmangetnode The Linux kernel CVE team has assigned CVE-2023-52662 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051740-CVE-2023-52662-1536@gregkh/T...

SUSE CVE-2024-26940

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Create debugfs ttmresourcemanager entry only if needed The driver creates /sys/kernel/debug/dri/0/mobttm even when the corresponding ttmresourcemanager is not allocated. This leads to a crash when trying to read from...

SUSE CVE-2013-4075

epan/dissectors/packet-gmr1bcch.c in the GMR-1 BCCH dissector in Wireshark 1.8.x before 1.8.8 does not properly initialize memory, which allows remote attackers to cause a denial of service application crash via a crafted packet...

Mageia: Security Advisory (MGASA-2013-0181)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mail.ru: Eval-based XSS in Game JS API (mailru.core.js) via cross-origin postMessage()

mailru.core.js as used by GMR/store.my.games application was vulnerable to XSS via PostMessage handler...

Mail.ru: DOM based XSS via postMessage at store.my.games

mailru.core.js as used by GMR/store.my.games application was vulnerable to XSS via PostMessage handler...

NewStart CGSL MAIN 4.05 : wireshark Multiple Vulnerabilities (NS-SA-2019-0103)

The remote NewStart CGSL host, running version MAIN 4.05, has wireshark packages installed that are affected by multiple vulnerabilities: - A flaw was found in X11 dissector of wireshark of which an attacker could make wireshark consume excessive CPU resources which could make system unresponsive...

Satellite Phone Encryption Calls Can be Cracked in Fractions of a Second

Security researchers have discovered a new method to decrypt satellite phone communications encrypted with the GMR-2 cipher in "real time" -- that too in mere fractions of a second in some cases. The new attack method has been discovered by two Chinese security researchers and is based on previou...

wireshark: DoS (crash) in the GMR-1 BCCH dissector (wnpa-sec-2013-33)

A flaw was found in GMR Geo-Mobile Radio 1 BCCH protocol dissector of wireshark which an attacker can trigger a denial of service attack and crash wireshark by sending a specially crafted packet onto the wire or by convincing wireshark user to read malformed packet trace file...

openSUSE Security Update : wireshark (openSUSE-SU-2013:1084-1)

This update of wireshark includes several security and bug fixes. - update to 1.8.8 bnc823932 + vulnerabilities fixed : - The CAPWAP dissector could crash. wnpa-sec-2013-32 - The GMR-1 BCCH dissector could crash. wnpa-sec-2013-33 - The PPP dissector could crash. wnpa-sec-2013-34 - The NBAP...

Updated wireshark packages fix multiple security vulnerabilities

The CAPWAP dissector could crash CVE-2013-4074. The GMR-1 BCCH dissector could crash CVE-2013-4075. The PPP dissector could crash CVE-2013-4076. The NBAP dissector could crash CVE-2013-4077. The RDP dissector could crash CVE-2013-4078. The GSM CBCH dissector could crash CVE-2013-4079. The Assa...

Debian DSA-2709-1 : wireshark - several vulnerabilities

Multiple vulnerabilities were discovered in the dissectors for CAPWAP, GMR-1 BCCH, PPP, NBAP, RDP, HTTP, DCP ETSI and in the Ixia IxVeriWave file parser, which could result in denial of service or the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptiv...

Debian Security Advisory DSA 2709-1 (wireshark - several vulnerabilities)

Multiple vulnerabilities were discovered in the dissectors for CAPWAP, GMR-1 BCCH, PPP, NBAP, RDP, HTTP, DCP ETSI and in the Ixia IxVeriWave file parser, which could result in denial of service or the execution of arbitrary code. OpenVAS Vulnerability Test $Id: deb2709.nasl 6611 2017-07-07...

DSA-2709-1 wireshark - several

Bulletin has no description...

Debian: Security Advisory (DSA-2709-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Wireshark 1.8.x < 1.8.8 Multiple Vulnerabilities

The installed version of Wireshark 1.8 is earlier than 1.8.8. It is, therefore, affected by the following vulnerabilities : - Errors exist in the CAPWAP, DCP ETSI, GSM CBCH, GMR-1 BCCH, PPP, NBAP, RDP dissectors that could allow them to crash. Bugs 7664, 7880, 8697, 8717, 8725, 8726, 8727, 8729,...

CVE-2013-4075

epan/dissectors/packet-gmr1bcch.c in the GMR-1 BCCH dissector in Wireshark 1.8.x before 1.8.8 does not properly initialize memory, which allows remote attackers to cause a denial of service application crash via a crafted packet...

Design/Logic Flaw

epan/dissectors/packet-gmr1bcch.c in the GMR-1 BCCH dissector in Wireshark 1.8.x before 1.8.8 does not properly initialize memory, which allows remote attackers to cause a denial of service application crash via a crafted packet...

UBUNTU-CVE-2013-4075

epan/dissectors/packet-gmr1bcch.c in the GMR-1 BCCH dissector in Wireshark 1.8.x before 1.8.8 does not properly initialize memory, which allows remote attackers to cause a denial of service application crash via a crafted packet...