Download
| Alert*
|
oval:org.secpod.oval:def:89045017
Wireshark was updated to version 2.0.12, which brings several new features, enhancements and bug fixes. These security issues were fixed: - CVE-2017-7700: In Wireshark the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netsc ... oval:org.secpod.oval:def:38873 The host is installed with Wireshark 2.0.x before 2.0.10 or 2.2.x before 2.2.4 and is prone to a denial of service vulnerability. A flaw is present in the ASTERIX dissector, which fails to properly handle a malformed capture file. Successful exploitation could allow remote attackers to force the app ... oval:org.secpod.oval:def:2100403 In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the ASTERIX dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-asterix.c by changing a data type to avoid an integer overflow. oval:org.secpod.oval:def:38846 The host is installed with Wireshark 2.0.x before 2.0.10 or 2.2.x before 2.2.4 and is prone to a denial of service vulnerability. A flaw is present in the ASTERIX dissector, which fails to properly handle a malformed capture file. Successful exploitation could allow remote attackers to force the app ... oval:org.secpod.oval:def:89044565 Wireshark was updated to version 2.2.6, which brings several new features, enhancements and bug fixes. Thses security issues were fixed: - CVE-2017-7700: In Wireshark the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netsca ... oval:org.secpod.oval:def:112013 Metapackage with installs wireshark-cli and wireshark-qt. oval:org.secpod.oval:def:602816 It was discovered that wireshark, a network protocol analyzer, contained several vulnerabilities in the dissectors for ASTERIX , DHCPv6, NetScaler, LDSS, IAX2, WSP, K12 and STANAG 4607, that could lead to various crashes, denial-of-service or execution of arbitrary code. oval:org.secpod.oval:def:1800563 CVE-2017-5596: ASTERIX infinite loop Affected versions: 2.2.0 to 2.2.3, 2.0.0 to 2.0.9 Fixed versions: 2.2.4, 2.0.10 Reference CVE-2017-5597: DHCPv6 large loop Affected versions: 2.2.0 to 2.2.3, 2.0.0 to 2.0.9 Fixed versions: 2.2.4, 2.0.10 Reference oval:org.secpod.oval:def:1800638 CVE-2017-5596: ASTERIX infinite loop. Affected versions: 2.2.0 to 2.2.3, 2.0.0 to 2.0.9 Fixed versions: 2.2.4, 2.0.10 Reference: CVE-2017-5597: DHCPv6 large loop. Affected versions: 2.2.0 to 2.2.3, 2.0.0 to 2.0.9 Fixed versions: 2.2.4, 2.0.10 Reference: |
