MGASA-2020-0384 Updated wireshark packages fix security vulnerabilities

The TCP dissector could crash CVE-2020-25862. The MIME Multipart dissector could crash CVE-2020-25863. The BLIP dissector could crash CVE-2020-25866...

CVE-2020-25863

In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. This was addressed in epan/dissectors/packet-multipart.c by correcting the deallocation of invalid MIME parts...

CVE-2020-25863

In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. This was addressed in epan/dissectors/packet-multipart.c by correcting the deallocation of invalid MIME parts...

CVE-2020-25863

In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. This was addressed in epan/dissectors/packet-multipart.c by correcting the deallocation of invalid MIME parts...

CVE-2020-25863

Wireshark vulnerability CVE-2020-25863 affects multiple releases (3.2.0–3.2.6, 3.0.0–3.0.13, 2.6.0–2.6.20). The MIME Multipart dissector could crash due to incorrect deallocation of invalid MIME parts in epan/dissectors/packet-multipart.c. The issue was fixed by correcting that deallocation, with...

Denial Of Service (DoS)

wireshark is vulnerable to denial of service. An attacker is able to crash the MIME Multipart dissector by injecting a malformed packet onto the wire or by convincing a user to read a malicious packet trace file...

Wireshark 2.6.x < 2.6.20 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.6.20. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.6.20 advisory. - In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could...

SUSE SLES11 Security Update : wireshark (SUSE-SU-2018:0980-1)

This update for wireshark fixes the following issues : - Update to wireshark 2.2.14, fix such issues : - bsc1088200 VUL-0: wireshark: multiple vulnerabilities fixed in 2.2.14, 2.4.6 - CVE-2018-9256: LWAPP dissector crash - CVE-2018-9260: IEEE 802.15.4 dissector crash - CVE-2018-9261: NBAP dissect...

UBUNTU-CVE-2018-9271

In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-multipart.c has a memory leak...

CentOS 3 / 4 : wireshark (CESA-2006:0726)

New Wireshark packages that fix various security vulnerabilities are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Wireshark is a program for monitoring network traffic. Several flaws were found in Wireshark's HTTP, WBXML, LDAP...

Debian Security Advisory DSA 1201-1 (ethereal)

The remote host is missing an update to ethereal announced via advisory DSA 1201-1. Several remote vulnerabilities have been discovered in the Ethereal network scanner. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-4574 It was discovered that the MIM...

openSUSE 10 Security Update : ethereal (ethereal-2246)

Various problems have been fixed in the network analyzer Ethereal, most leading to crashes of the ethereal program. CVE-2006-5740: A unspecified vulnerability in the LDAP dissector could be used to crash Ethereal. CVE-2006-4574: A single \0 byte heap overflow was fixed in the MIME multipart...

CVE-2006-4574

Off-by-one error in the MIME Multipart dissector in Wireshark formerly Ethereal 0.10.1 through 0.99.3 allows remote attackers to cause a denial of service crash via certain vectors that trigger an assertion error related to unexpected length values...

CVE-2006-4574

Off-by-one error in the MIME Multipart dissector in Wireshark formerly Ethereal 0.10.1 through 0.99.3 allows remote attackers to cause a denial of service crash via certain vectors that trigger an assertion error related to unexpected length values...

PT-2006-5361 · Wireshark +1 · Wireshark +1

Name of the Vulnerable Software and Affected Versions: Wireshark versions 0.10.1 through 0.99.3 Description: The issue is related to an off-by-one error in the MIME Multipart dissector, which allows remote attackers to cause a denial of service crash via certain vectors that trigger an assertion...