Download
| Alert*
|
oval:org.secpod.oval:def:42401
The host is installed with Wireshark 2.2.x before 2.2.10 or 2.4.x before 2.4.2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet trace file. Successful exploitation could allow remote attackers to crash the serv ... oval:org.secpod.oval:def:42407 The host is installed with Wireshark 2.2.x before 2.2.10 or 2.4.x before 2.4.2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet trace file. Successful exploitation could allow remote attackers to crash the serv ... oval:org.secpod.oval:def:89044473 This update for wireshark fixes the following issues: Wireshark was updated to 2.2.10, fixing security issues and bugs: * CVE-2017-15191: DMP dissector crash * CVE-2017-15192: BT ATT dissector crash * CVE-2017-15193: MBIM dissector crash oval:org.secpod.oval:def:2101478 In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash. This was addressed in epan/dissectors/packet-dmp.c by validating a string length. oval:org.secpod.oval:def:89002164 This update for wireshark to version 2.2.11 fixes several issues. These security issues were fixed: - CVE-2017-13767: The MSDP dissector could have gone into an infinite loop. This was addressed by adding length validation - CVE-2017-13766: The Profinet I/O dissector could have crash with an out-of ... oval:org.secpod.oval:def:1800786 CVE-2017-15191: DMP dissector crash; Affected versions: 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, 2.0.0 to 2.0.15 Fixed versions: 2.4.2, 2.2.10, 2.0.16 oval:org.secpod.oval:def:1800744 CVE-2017-15191: DMP dissector crash Affected versions: 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, 2.0.0 to 2.0.15 Fixed versions: 2.4.2, 2.2.10, 2.0.16 oval:org.secpod.oval:def:1800897 CVE-2017-13765: IrCOMM dissector buffer overrun Affected versions: 2.4.0, 2.2.0 to 2.2.8, 2.0.0 to 2.0.14 Fixed versions: 2.4.1, 2.2.9, 2.0.15 oval:org.secpod.oval:def:1800483 CVE-2017-15191: DMP dissector crash¶ Affected versions: 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, 2.0.0 to 2.0.15 Fixed versions: 2.4.2, 2.2.10, 2.0.16 oval:org.secpod.oval:def:1800521 CVE-2017-15191: DMP dissector crash. Affected versions: 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, 2.0.0 to 2.0.15 Fixed versions: 2.4.2, 2.2.10, 2.0.16 oval:org.secpod.oval:def:113740 Metapackage with installs wireshark-cli and wireshark-qt. oval:org.secpod.oval:def:1800592 CVE-2017-13765: IrCOMM dissector buffer overrun. Affected versions: 2.4.0, 2.2.0 to 2.2.8, 2.0.0 to 2.0.14 Fixed versions: 2.4.1, 2.2.9, 2.0.15 oval:org.secpod.oval:def:1800571 CVE-2017-13765: IrCOMM dissector buffer overrun¶ Affected versions: 2.4.0, 2.2.0 to 2.2.8, 2.0.0 to 2.0.14 Fixed versions: 2.4.1, 2.2.9, 2.0.15 oval:org.secpod.oval:def:1800615 CVE-2017-13765: IrCOMM dissector buffer overrun; Affected versions: 2.4.0, 2.2.0 to 2.2.8, 2.0.0 to 2.0.14 Fixed versions: 2.4.1, 2.2.9, 2.0.15 oval:org.secpod.oval:def:114600 Metapackage with installs wireshark-cli and wireshark-qt. oval:org.secpod.oval:def:114876 Metapackage with installs wireshark-cli and wireshark-qt. |
