KLA67586 Multiple vulnerabilities in Wireshark

Multiple vulnerabilities were found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities: 1. Denial of service vulnerability in MONGO and ZigBee TLV dissectors can be exploited to cause denial of service. 2. Denial...

Wireshark 4.2.x < 4.2.5 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 4.2.5. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-4.2.5 advisory. - MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 t...

Wireshark 4.0.x < 4.0.15 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 4.0.15. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-4.0.15 advisory. - MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0...

Wireshark 3.6.x < 3.6.23 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 3.6.23. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-3.6.23 advisory. - MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0...

Wireshark 4.0.x < 4.0.15 Multiple Vulnerabilities

The version of Wireshark installed on the remote Windows host is prior to 4.0.15. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-4.0.15 advisory. - MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.2...

DEBIAN-CVE-2024-4854

MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture file...

CVE-2024-4854

MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture file...

AZL-42564 CVE-2024-4854 affecting package wireshark for versions less than 4.4.7-1

MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture file...

AZL-42518 CVE-2024-4854 affecting package wireshark 4.0.8-1

MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture file...

UBUNTU-CVE-2024-4854

MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture file...

CVE-2024-4854

CVE-2024-4854 – Wireshark dissector infinite loop Affected: Wireshark versions 3.6.0–3.6.22, 4.0.0–4.0.14, and 4.2.0–4.2.4, where the MONGO and ZigBee TLV dissectors can enter infinite loops. This can enable a denial-of-service via crafted capture files or packet injection. Multiple connected adv...

CVE-2024-4854

MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture file...

CVE-2024-4854

MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture file...

CVE-2024-4854 Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark

MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture file...

CVE-2023-6874 Zigbee Unauthenticated DoS via NWK Sequence number manipulation

Prior to v7.4.0, Ember ZNet is vulnerable to a denial of service attack through manipulation of the NWK sequence number...

CVE-2023-6874 Zigbee Unauthenticated DoS via NWK Sequence number manipulation

Prior to v7.4.0, Ember ZNet is vulnerable to a denial of service attack through manipulation of the NWK sequence number...

Uncontrolled Recursion (Denial Of Service)

Zigbee TLV in Wireshark 4.2.0 is vulnerable to Uncontrolled Recursion. The vulnerability is due to packet injection or crafted capture file resulting in denial of service...

Unspecified Vulnerability in Wireshark (CNVD-2024-05635)

Wireshark formerly Ethereal is a suite of network packet analysis software from the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis. Wireshark suffers from a security vulnerability that stems from a Zigbee TLV parser crash that...

SUSE CVE-2024-0210

Zigbee TLV dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file...

CVE-2024-0210

Zigbee TLV dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file...