92 matches found
Code injection
In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding validation of the relationships between indexes and lengths. NOTE: thi...
CVE-2017-11410
In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding validation of the relationships between indexes and lengths. NOTE: thi...
DEBIAN-CVE-2017-11410
In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding validation of the relationships between indexes and lengths. NOTE: thi...
CVE-2017-11410
In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding validation of the relationships between indexes and lengths. NOTE: thi...
CVE-2017-11410
In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding validation of the relationships between indexes and lengths. NOTE: thi...
CVE-2017-11410
CVE-2017-11410 affects Wireshark WBXML dissector. Versions affected: Wireshark 2.0.x up to 2.0.13 and 2.2.x up to 2.2.7. Root cause: incomplete fix for CVE-2017-7702 leading to potential infinite loop when processing certain WBXML data (triggered by crafted packets or PCAP). Impact: denial of ser...
CVE-2017-11410
In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding validation of the relationships between indexes and lengths. NOTE: thi...
SUSE SLED12 / SLES12 Security Update : wireshark (SUSE-SU-2017:1442-1)
Wireshark was updated to version 2.2.6, which brings several new features, enhancements and bug fixes. Thses security issues were fixed : - CVE-2017-7700: In Wireshark the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. This was addressed in...
Wireshark 2.2.x < 2.2.6 Multiple Vulnerabilities (macOS)
The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.2.6. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.2.6 advisory. - In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the RPC over RDMA dissector could go into an infinite...
Wireshark 2.2.x < 2.2.6 Multiple Vulnerabilities
The version of Wireshark installed on the remote Windows host is prior to 2.2.6. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.2.6 advisory. - In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the RPC over RDMA dissector could go into an infinite loop,...
CVE-2017-7702
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding length validation...
CVE-2017-7702
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding length validation...
CVE-2017-7702
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding length validation...
CVE-2017-7702
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding length validation...
Input validation
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding length validation...
CVE-2017-7702
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding length validation...
CVE-2017-7702
CVE-2017-7702 affects Wireshark WBXML dissector in versions 2.2.0–2.2.5 and 2.0.0–2.0.11, where the WBXML dissector could enter an infinite loop triggered by crafted packets or PCAPs. The issue was fixed by adding length validation in epan/dissectors/packet-wbxml.c. Multiple advisories note the f...
CVE-2017-7702
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding length validation...
CVE-2017-7702
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding length validation...
FreeBSD : wireshark -- multiple vulnerabilities (610101ea-5b6a-11e6-b334-002590263bf5)
Wireshark development team reports : The following vulnerabilities have been fixed : - wnpa-sec-2016-41 PacketBB crash. Bug 12577 - wnpa-sec-2016-42 WSP infinite loop. Bug 12594 - wnpa-sec-2016-44 RLC long loop. Bug 12660 - wnpa-sec-2016-45 LDSS dissector crash. Bug 12662 - wnpa-sec-2016-46 RLC...