Download
| Alert*
oval:org.secpod.oval:def:43028
The host is installed with Wireshark 2.4.0 to 2.4.2 or 2.2.0 to 2.2.10 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the IWARP_MPA dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:2101675 In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the NetBIOS dissector could crash. This was addressed in epan/dissectors/packet-netbios.c by ensuring that write operations are bounded by the beginning of a buffer. oval:org.secpod.oval:def:89044769 This update for wireshark fixes the following issues: - CVE-2017-17083: NetBIOS dissector could crash. This was addressed in epan/dissectors/packet-netbios.c by ensuring that write operations are bounded by the beginning of a buffer. - CVE-2017-17084: IWARP_MPA dissector could crash. This was addre ... oval:org.secpod.oval:def:89002164 This update for wireshark to version 2.2.11 fixes several issues. These security issues were fixed: - CVE-2017-13767: The MSDP dissector could have gone into an infinite loop. This was addressed by adding length validation - CVE-2017-13766: The Profinet I/O dissector could have crash with an out-of ... oval:org.secpod.oval:def:113856 Metapackage with installs wireshark-cli and wireshark-qt. oval:org.secpod.oval:def:1800441 CVE-2017-17083: NetBIOS dissector crash Affected versions: 2.4.0 to 2.4.2, 2.2.0 to 2.2.10 Fixed versions: 2.4.3, 2.2.11 oval:org.secpod.oval:def:1800642 CVE-2017-17083: NetBIOS dissector crash¶ Affected versions: 2.4.0 to 2.4.2, 2.2.0 to 2.2.10 Fixed versions: 2.4.3, 2.2.11 oval:org.secpod.oval:def:43221 The host is installed with Wireshark 2.4.0 to 2.4.2 or 2.2.0 to 2.2.10 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the IWARP_MPA dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:603207 It was discovered that wireshark, a network protocol analyzer, contained several vulnerabilities in the dissectors for CIP Safety, IWARP_MPA, NetBIOS, Profinet I/O and AMQP, which result in denial of dervice or the execution of arbitrary code. oval:org.secpod.oval:def:53206 It was discovered that wireshark, a network protocol analyzer, contained several vulnerabilities in the dissectors for CIP Safety, IWARP_MPA, NetBIOS, Profinet I/O and AMQP, which result in denial of dervice or the execution of arbitrary code. oval:org.secpod.oval:def:114600 Metapackage with installs wireshark-cli and wireshark-qt. oval:org.secpod.oval:def:114876 Metapackage with installs wireshark-cli and wireshark-qt. |