Debian DSA-3516-1 : wireshark - security update

Multiple vulnerabilities were discovered in the dissectors/parsers for DNP, RSL, LLRP, GSM A-bis OML, ASN 1 BER which could result in denial of service. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security...

[SECURITY] [DSA 3516-1] wireshark security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3516-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 13, 2016 https://www.debian.org/security/faq -...

DSA-3516-1 wireshark - security update

Bulletin has no description...

wireshark-gtk: denial of service

CVE-2016-2522: The dissectberconstrainedbitstring function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 2.0.x before 2.0.2 does not verify that a certain length is nonzero, which allows remote attackers to cause a denial of service out-of-bounds read and application...

Wireshark 1.12.x < 1.12.10 Multiple Vulnerabilities (Mac OS X)

The version of Wireshark installed on the remote Mac OS X host is 1.12.x prior to 1.12.10. It is, therefore, affected by multiple vulnerabilities in the following components, which can result in a memory disclosure or a denial of service : - ASN.1 BER dissector - DNP dissector - GSM A-bis OML...

Wireshark 2.0.x < 2.0.2 Multiple Vulnerabilities (Mac OS X)

The version of Wireshark installed on the remote Mac OS X host is 2.0.x prior to 2.0.2. It is, therefore, affected by multiple vulnerabilities in the following components, which can result in a memory disclosure, a denial of service, or the execution of arbitrary code : - 3GPP TS 32.423 Trace fil...

Wireshark 2.0.x < 2.0.2 Multiple Vulnerabilities

The version of Wireshark installed on the remote Windows host is 2.0.x prior to 2.0.2. It is, therefore, affected by multiple vulnerabilities in the following components, which can result in a memory disclosure, a denial of service, or the execution of arbitrary code : - 3GPP TS 32.423 Trace file...

Wireshark Multiple Vulnerabilities (Mar 2016) - Windows

Wireshark is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark"; ifdescripti...

FreeBSD : wireshark -- multiple vulnerabilities (45117749-df55-11e5-b2bd-002590263bf5)

Wireshark development team reports : The following vulnerabilities have been fixed : - wnpa-sec-2016-02 ASN.1 BER dissector crash. Bug 11828 CVE-2016-2522 - wnpa-sec-2016-03 DNP dissector infinite loop. Bug 11938 CVE-2016-2523 - wnpa-sec-2016-04 X.509AF dissector crash. Bug 12002 CVE-2016-2524 -...

CVE-2016-2532

The dissectllrpparameters function in epan/dissectors/packet-llrp.c in the LLRP dissector in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 does not limit the recursion depth, which allows remote attackers to cause a denial of service memory consumption or application crash via a crafted...

CVE-2016-2532

The dissectllrpparameters function in epan/dissectors/packet-llrp.c in the LLRP dissector in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 does not limit the recursion depth, which allows remote attackers to cause a denial of service memory consumption or application crash via a crafted...

Design/Logic Flaw

The dissectllrpparameters function in epan/dissectors/packet-llrp.c in the LLRP dissector in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 does not limit the recursion depth, which allows remote attackers to cause a denial of service memory consumption or application crash via a crafted...

CVE-2016-2532

The dissectllrpparameters function in epan/dissectors/packet-llrp.c in the LLRP dissector in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 does not limit the recursion depth, which allows remote attackers to cause a denial of service memory consumption or application crash via a crafted...

CVE-2016-2532

The CVE-2016-2532 entry concerns the LLRP dissector in Wireshark. The function dissect_llrp_parameters in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 does not limit recursion depth, allowing remote attackers to cause a denial of service via a crafted packet (memory consumption or crash...

CVE-2016-2532

The dissectllrpparameters function in epan/dissectors/packet-llrp.c in the LLRP dissector in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 does not limit the recursion depth, which allows remote attackers to cause a denial of service memory consumption or application crash via a crafted...

wireshark -- multiple vulnerabilities

Wireshark development team reports: The following vulnerabilities have been fixed: wnpa-sec-2016-02 ASN.1 BER dissector crash. Bug 11828 CVE-2016-2522 wnpa-sec-2016-03 DNP dissector infinite loop. Bug 11938 CVE-2016-2523 wnpa-sec-2016-04 X.509AF dissector crash. Bug 12002 CVE-2016-2524...