Download
| Alert*
|
oval:org.secpod.oval:def:89045017
Wireshark was updated to version 2.0.12, which brings several new features, enhancements and bug fixes. These security issues were fixed: - CVE-2017-7700: In Wireshark the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netsc ... oval:org.secpod.oval:def:38101 The host is installed with Wireshark 2.0.x before 2.0.7 or 2.2.x before 2.2.2 and is prone to a denial of service vulnerability. A flaw is present in the OpenFlow dissector, which fails to properly handle network traffic or a capture file. Successful exploitation allow attackers to crash the service ... oval:org.secpod.oval:def:38108 The host is installed with Wireshark 2.0.x before 2.0.8 or 2.2.x before 2.2.2 and is prone to a denial of service vulnerability. A flaw is present in the OpenFlow dissector, which fails to properly handle network traffic or a capture file. Successful exploitation allow attackers to crash the service ... oval:org.secpod.oval:def:2100721 In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the OpenFlow dissector could crash with memory exhaustion, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-openflow_v5.c by ensuring that certain length values were sufficiently large. oval:org.secpod.oval:def:89044565 Wireshark was updated to version 2.2.6, which brings several new features, enhancements and bug fixes. Thses security issues were fixed: - CVE-2017-7700: In Wireshark the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netsca ... oval:org.secpod.oval:def:1800119 CVE-2016-9374: AllJoyn crash. Affected versions: 2.2.0 to 2.2.1, 2.0.0 to 2.0.7 Fixed versions: 2.2.2, 2.0.8 Reference: CVE-2016-9376: OpenFlow crash. Affected versions: 2.2.0 to 2.2.1, 2.0.0 to 2.0.7 Fixed versions: 2.2.2, 2.0.8 Reference: CVE-2016-9373: DCERPC crash. Affected versions: 2.2.0 to 2. ... oval:org.secpod.oval:def:1800386 CVE-2016-7957: Bluetooth L2CAP dissector crash Affected versions: 2.2.0 Fixed versions: 2.2.1 Reference CVE-2016-7958: NCP dissector crash Affected versions: 2.2.0 Fixed versions: 2.2.1 Reference CVE-2016-9372: Profinet I/O long loop Affected versions: 2.2.0 to 2.2.1 Fixed versions: 2.2.2 Reference ... oval:org.secpod.oval:def:602678 It was discovered that wireshark, a network protocol analyzer, contained several vulnerabilities in the dissectors for DCERPC, AllJoyn, DTN, and OpenFlow, that could lead to various crashes, denial-of-service, or execution of arbitrary code. |
