Wireshark 2.0.x < 2.0.14 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.0.14. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.0.14 advisory. - In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the openSAFETY dissector could crash or exhaust...

Wireshark 2.0.x < 2.0.12 Multiple Vulnerabilities

The version of Wireshark installed on the remote Windows host is prior to 2.0.12. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.0.12 advisory. - In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the RPC over RDMA dissector could go into an infinite loop,...

Wireshark 2.0.x < 2.0.14 Multiple Vulnerabilities

The version of Wireshark installed on the remote Windows host is prior to 2.0.14. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.0.14 advisory. - In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the openSAFETY dissector could crash or exhaust system...

EUVD-2017-3037

Malware in sbrugna...

EUVD-2016-6310

Malware in sbrugna...

EUVD-2016-7435

Malware in sbrugna...

SUSE CVE-2016-5359

epan/dissectors/packet-wbxml.c in the WBXML dissector in Wireshark 1.12.x before 1.12.12 mishandles offsets, which allows remote attackers to cause a denial of service integer overflow and infinite loop via a crafted packet...

SUSE CVE-2017-11410

In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding validation of the relationships between indexes and lengths. NOTE: thi...

SUSE SLES11 Security Update : wireshark (SUSE-SU-2017:2032-1)

This wireshark update to version 2.2.8 fixes the following issues: Security issues fixed : - CVE-2017-11411: The openSAFETY dissectorcould crash or exhaust system memory because of missing length validation. bsc1049621 - CVE-2017-11410: The WBXML dissector could go into an infinite loop. bsc10492...

CVE-2017-11410

In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding validation of the relationships between indexes and lengths. NOTE: thi...

DEBIAN-CVE-2017-11410

In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding validation of the relationships between indexes and lengths. NOTE: thi...

CVE-2017-11410

CVE-2017-11410 affects Wireshark WBXML dissector. Versions affected: Wireshark 2.0.x up to 2.0.13 and 2.2.x up to 2.2.7. Root cause: incomplete fix for CVE-2017-7702 leading to potential infinite loop when processing certain WBXML data (triggered by crafted packets or PCAP). Impact: denial of ser...

CVE-2016-5359

epan/dissectors/packet-wbxml.c in the WBXML dissector in Wireshark 1.12.x before 1.12.12 mishandles offsets, which allows remote attackers to cause a denial of service integer overflow and infinite loop via a crafted packet...

CVE-2016-5359

CVE-2016-5359 affects the WBXML dissector in Wireshark (epan/dissectors/packet-wbxml.c). It arises from how offsets are handled in the WBXML parser for Wireshark 1.12.x prior to 1.12.12, which can allow a crafted packet to trigger an integer overflow and an infinite loop, leading to a denial of s...

ALPINE-CVE-2016-6513

epan/dissectors/packet-wbxml.c in the WBXML dissector in Wireshark 2.x before 2.0.5 does not restrict the recursion depth, which allows remote attackers to cause a denial of service application crash via a crafted packet...

DEBIAN-CVE-2016-6512

epan/dissectors/packet-wap.c in Wireshark 2.x before 2.0.5 omits an overflow check in the tvbgetguintvar function, which allows remote attackers to cause a denial of service infinite loop via a crafted packet, related to the MMSE, WAP, WBXML, and WSP dissectors...

UBUNTU-CVE-2016-6513

epan/dissectors/packet-wbxml.c in the WBXML dissector in Wireshark 2.x before 2.0.5 does not restrict the recursion depth, which allows remote attackers to cause a denial of service application crash via a crafted packet...

Wireshark 1.12.x < 1.12.12 Multiple DoS

The version of Wireshark installed on the remote Windows host is 1.12.x prior to 1.12.12. It is, therefore, affected by multiple denial of service vulnerabilities : - An infinite loop exists in the SPOOLs dissector. A remote attacker, via a specially crafted packet or trace file, can exploit this...

Updated wireshark packages fix security vulnerability

Updated wireshark packages fix security vulnerabilities: The SPOOLS dissector could go into an infinite loop CVE-2016-5350. The IEEE 802.11 dissector could crash CVE-2016-5351. The IEEE 802.11 dissector could crash CVE-2016-5352. The UMTS FP dissector could crash CVE-2016-5353. Some USB dissector...

openSUSE 10 Security Update : ethereal (ethereal-2246)

Various problems have been fixed in the network analyzer Ethereal, most leading to crashes of the ethereal program. CVE-2006-5740: A unspecified vulnerability in the LDAP dissector could be used to crash Ethereal. CVE-2006-4574: A single \0 byte heap overflow was fixed in the MIME multipart...