Download
| Alert*
oval:org.secpod.oval:def:46073
The host is installed with Wireshark 2.0.x or 2.2.x with USPBcap component 1.1.0.0 and is prone to a local privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle the USPBcap component issue. Successful exploitation allows attackers to gain elevated p ... oval:org.secpod.oval:def:45709 Wireshark (64 bit) 2.6.x series is installed oval:org.secpod.oval:def:45710 Wireshark (32 bit) 2.6.x series is installed oval:org.secpod.oval:def:21192 Wireshark (32 bit) 1.12.x series is installed oval:org.secpod.oval:def:21193 Wireshark (64 bit) 1.12.x series is installed oval:org.secpod.oval:def:32495 Wireshark (64 bit) 2.0.x series is installed oval:org.secpod.oval:def:32494 Wireshark (32 bit) 2.0.x series is installed oval:org.secpod.oval:def:54560 Wireshark (64 bit) 3.0.x series is installed oval:org.secpod.oval:def:54559 Wireshark (32 bit) 3.0.x series is installed oval:org.secpod.oval:def:60894 Wireshark (32 bit) 3.2.x series is installed oval:org.secpod.oval:def:60895 Wireshark (64 bit) 3.2.x series is installed oval:org.secpod.oval:def:36978 Wireshark (64 bit) 2.2.x series is installed oval:org.secpod.oval:def:36977 Wireshark (32 bit) 2.2.x series is installed oval:org.secpod.oval:def:89045017 Wireshark was updated to version 2.0.12, which brings several new features, enhancements and bug fixes. These security issues were fixed: - CVE-2017-7700: In Wireshark the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netsc ... oval:org.secpod.oval:def:1800120 wireshark is installed oval:org.secpod.oval:def:42402 The host is installed with Wireshark 2.0.x before 2.0.16, 2.2.x before 2.2.10 or 2.4.x before 2.4.2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet trace file. Successful exploitation could allow remote attack ... oval:org.secpod.oval:def:42401 The host is installed with Wireshark 2.2.x before 2.2.10 or 2.4.x before 2.4.2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet trace file. Successful exploitation could allow remote attackers to crash the serv ... oval:org.secpod.oval:def:42400 The host is installed with Wireshark 2.2.x before 2.2.10 or 2.4.x before 2.4.2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet trace file. Successful exploitation could allow remote attackers to crash the serv ... oval:org.secpod.oval:def:42406 The host is installed with Wireshark 2.2.x before 2.2.10 or 2.4.x before 2.4.2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet trace file. Successful exploitation could allow remote attackers to crash the serv ... oval:org.secpod.oval:def:42405 The host is installed with Wireshark 2.0.x before 2.0.16, 2.2.x before 2.2.10 or 2.4.x before 2.4.2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet trace file. Successful exploitation could allow remote attack ... oval:org.secpod.oval:def:42407 The host is installed with Wireshark 2.2.x before 2.2.10 or 2.4.x before 2.4.2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet trace file. Successful exploitation could allow remote attackers to crash the serv ... oval:org.secpod.oval:def:60898 The host is installed with Wireshark 3.0.x before 3.0.8 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle issues in epan/dissectors/packet-btatt.c file. Successful exploitation allows attackers to crash the bluetooth attribute dis ... oval:org.secpod.oval:def:60896 The host is missing a security update according to Wireshark Advisory. The update is required to fix a denial-of-service vulnerability. A flaw is present in the application, which fails to properly handle issues in epan/dissectors/packet-btatt.c file. Successful exploitation allows attackers to cras ... oval:org.secpod.oval:def:43534 The host is installed with Wireshark 2.4.0 to 2.4.3 or 2.2.0 to 2.2.11 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle exceptional conditions. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:43533 The host is installed with Wireshark 2.4.0 to 2.4.3 or 2.2.0 to 2.2.11 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the WCP dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:43532 The host is installed with Wireshark 2.4.0 to 2.4.3 or 2.2.0 to 2.2.11 and is prone to multiple denial of service vulnerabilities. The flaws are present in the application, which fails to properly handle the JSON, XML, NTP, XMPP, and GDB dissector issues. Successful exploitation allows attackers to ... oval:org.secpod.oval:def:42404 The host is installed with Wireshark 2.4.x before 2.4.2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet trace file. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:42403 The host is installed with Wireshark 2.4.x before 2.4.2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet trace file. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:42409 The host is installed with Wireshark 2.4.x before 2.4.2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet trace file. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:42408 The host is installed with Wireshark 2.4.x before 2.4.2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet trace file. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:24528 The host is installed with Wireshark 1.12.x before 1.12.5 and is prone to denial of service vulnerability. A flaw is present in the application, which does not reject a zero length. Successful exploitation allows remote attackers to cause a denial of service (infinite loop). oval:org.secpod.oval:def:24521 The host is installed with Wireshark 1.12.x before 1.12.5 and is prone to denial of service vulnerability. A flaw is present in the application, which does not reject a zero length. Successful exploitation allows remote attackers to cause a denial of service (infinite loop). oval:org.secpod.oval:def:24524 The host is installed with Wireshark 1.12.x before 1.12.5 and is prone to denial of service vulnerability. A flaw is present in the application, which does not properly determine the defragmentation state in a case of an insufficient snapshot length. Successful exploitation allows remote attackers t ... oval:org.secpod.oval:def:24525 The host is installed with Wireshark 1.10.x before 1.10.14 or 1.12.x before 1.12.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which interprets a zero value as a length rather than an error condition. Successful exploitation allows remote attackers to cau ... oval:org.secpod.oval:def:24526 The host is installed with Wireshark 1.10.x before 1.10.14 or 1.12.x before 1.12.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which improperly refers to previously processed bytes. Successful exploitation allows remote attackers to cause a denial of serv ... oval:org.secpod.oval:def:24527 The host is installed with Wireshark 1.10.x before 1.10.14 or 1.12.x before 1.12.5 and is prone to multiple memory leak vulnerabilities. The flaws are present in the application, which fails to handle a crafted packet. Successful exploitation allows remote attackers to cause a denial of service (mem ... oval:org.secpod.oval:def:24529 The host is installed with Wireshark 1.12.x before 1.12.5 and is prone to denial of service vulnerability. A flaw is present in the application, which does not properly track the current offset. Successful exploitation allows remote attackers to cause a denial of service (infinite loop). oval:org.secpod.oval:def:24532 The host is installed with Wireshark 1.10.x before 1.10.14 or 1.12.x before 1.12.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which interprets a zero value as a length rather than an error condition. Successful exploitation allows remote attackers to cau ... oval:org.secpod.oval:def:24519 The host is installed with Wireshark 1.10.x before 1.10.14 or 1.12.x before 1.12.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which improperly refers to previously processed bytes. Successful exploitation allows remote attackers to cause a denial of serv ... oval:org.secpod.oval:def:24520 The host is installed with Wireshark 1.10.x before 1.10.14 or 1.12.x before 1.12.5 and is prone to multiple memory leak vulnerabilities. The flaws are present in the application, which fails to handle a crafted packet. Successful exploitation allows remote attackers to cause a denial of service (mem ... oval:org.secpod.oval:def:24522 The host is installed with Wireshark 1.12.x before 1.12.5 and is prone to denial of service vulnerability. A flaw is present in the application, which does not properly track the current offset. Successful exploitation allows remote attackers to cause a denial of service (infinite loop). oval:org.secpod.oval:def:25422 The host is installed with Wireshark 1.12.x before 1.12.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly validate digit characters. Successful exploitation allows remote attackers to cause a denial of service. oval:org.secpod.oval:def:25423 The host is installed with Wireshark 1.12.x before 1.12.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly determine whether enough memory is available for storing IP address strings. Successful exploitation allows remote attackers to cau ... oval:org.secpod.oval:def:89045301 This update contains Wireshark 1.12.9 and fixes the following issues: * CVE-2015-7830: pcapng file parser could crash while copying an interface filter * CVE-2015-8711: epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate con ... oval:org.secpod.oval:def:89045157 This update to Wireshark 1 12.11 fixes a number issues in protocol dissectors that could have allowed a remote attacker to crash Wireshark or cause excessive CPU usage through specially crafted packages inserted into the network or a capture file. - The PKTC dissector could crash - The PKTC dissect ... oval:org.secpod.oval:def:24530 The host is installed with Wireshark 1.12.x before 1.12.5 and is prone to denial of service vulnerability. A flaw is present in the application, which uses a recursive algorithm. Successful exploitation allows remote attackers to cause a denial of service (CPU consumption). oval:org.secpod.oval:def:24523 The host is installed with Wireshark 1.12.x before 1.12.5 and is prone to denial of service vulnerability. A flaw is present in the application, which uses a recursive algorithm. Successful exploitation allows remote attackers to cause a denial of service (CPU consumption). oval:org.secpod.oval:def:34218 The host is installed with Wireshark 1.12.x before 1.12.10 or 2.0.x before 2.0.2 and is prone to a denial of service vulnerability. A flaw is present in the GSM A-bis OML dissector, which fails to handle a crafted packet that triggers a 0xff tag value. Successful exploitation could allow remote atta ... oval:org.secpod.oval:def:34211 The host is installed with Wireshark 1.12.x before 1.12.10 or 2.0.x before 2.0.2 and is prone to a denial of service vulnerability. A flaw is present in the GSM A-bis OML dissector, which fails to handle a crafted packet that triggers a 0xff tag value. Successful exploitation could allow remote atta ... oval:org.secpod.oval:def:34219 The host is installed with Wireshark 2.0.x before 2.0.2 and is prone to a denial of service vulnerability. A flaw is present in the Ixia IxVeriWave file parser, which incorrectly increases a certain octet count. Successful exploitation could allow remote attackers to cause a denial of service (heap- ... oval:org.secpod.oval:def:34212 The host is installed with Wireshark 2.0.x before 2.0.2 and is prone to a denial of service vulnerability. A flaw is present in the Ixia IxVeriWave file parser, which incorrectly increases a certain octet count. Successful exploitation could allow remote attackers to cause a denial of service (heap- ... oval:org.secpod.oval:def:34220 The host is installed with Wireshark 2.0.x before 2.0.2 and is prone to a denial of service vulnerability. A flaw is present in the IEEE 802.11 dissector, which fails to properly handle the grouping subfield. Successful exploitation could allow remote attackers to cause a denial of service (buffer o ... oval:org.secpod.oval:def:34213 The host is installed with Wireshark 2.0.x before 2.0.2 and is prone to a denial of service vulnerability. A flaw is present in the IEEE 802.11 dissector, which fails to properly handle the grouping subfield. Successful exploitation could allow remote attackers to cause a denial of service (buffer o ... oval:org.secpod.oval:def:34221 The host is installed with Wireshark 1.12.x before 1.12.10 or 2.0.x before 2.0.2 and is prone to a denial of service vulnerability. A flaw is present in the ASN.1 BER dissector, which fails to handle a crafted packet that triggers an empty set. Successful exploitation could allow remote attackers to ... oval:org.secpod.oval:def:34214 The host is installed with Wireshark 1.12.x before 1.12.10 or 2.0.x before 2.0.2 and is prone to a denial of service vulnerability. A flaw is present in the ASN.1 BER dissector, which fails to handle a crafted packet that triggers an empty set. Successful exploitation could allow remote attackers to ... oval:org.secpod.oval:def:34222 The host is installed with Wireshark 2.0.x before 2.0.2 and is prone to a denial of service vulnerability. A flaw is present in the SPICE dissector, which mishandles capability data. Successful exploitation could allow remote attackers to cause a denial of service (large loop). oval:org.secpod.oval:def:34215 The host is installed with Wireshark 2.0.x before 2.0.2 and is prone to a denial of service vulnerability. A flaw is present in the SPICE dissector, which mishandles capability data. Successful exploitation could allow remote attackers to cause a denial of service (large loop). oval:org.secpod.oval:def:34223 The host is installed with Wireshark 2.0.x before 2.0.2 and is prone to a denial of service vulnerability. A flaw is present in the NFS dissector, which fails to properly handle a crafted packet. Successful exploitation could allow remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:34216 The host is installed with Wireshark 2.0.x before 2.0.2 and is prone to a denial of service vulnerability. A flaw is present in the NFS dissector, which fails to properly handle a crafted packet. Successful exploitation could allow remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:34224 The host is installed with Wireshark 1.12.x before 1.12.10 or 2.0.x before 2.0.2 and is prone to a denial of service vulnerability. A flaw is present in the ASN.1 BER dissector, which fails to properly handle a packet that specifies deeply nested data. Successful exploitation could allow remote atta ... oval:org.secpod.oval:def:34217 The host is installed with Wireshark 1.12.x before 1.12.10 or 2.0.x before 2.0.2 and is prone to a denial of service vulnerability. A flaw is present in the ASN.1 BER dissector, which fails to properly handle a packet that specifies deeply nested data. Successful exploitation could allow remote atta ... oval:org.secpod.oval:def:602550 Multiple vulnerabilities were discovered in the dissectors/parsers for PKTC, IAX2, GSM CBCH and NCP, SPOOLS, IEEE 802.11, UMTS FP, USB, Toshiba, CoSine, NetScreen, WBXML which could result in denial of service or potentially the execution of arbitrary code. oval:org.secpod.oval:def:1800595 CVE-2016-5350: SPOOLS infinite loop Affected versions: 2.0.0 to 2.0.3, 1.12.0 to 1.12.11 Fixed versions: 2.0.4, 1.12.12 oval:org.secpod.oval:def:89045384 This update to wireshark 1.12.13 fixes the following issues: - CVE-2016-6504: wireshark: NDS dissector crash - CVE-2016-6505: wireshark: PacketBB dissector could divide by zero - CVE-2016-6506: wireshark: WSP infinite loop - CVE-2016-6507: wireshark: MMSE infinite loop - CVE-2016-6508: wireshark ... oval:org.secpod.oval:def:36098 The host is installed with Wireshark 1.12.x before 1.12.12 or 2.0.x before 2.0.4 and is prone to a denial of service vulnerability. A flaw is present in the Toshiba file parser, which fails to handle a malformed packet. Successful exploitation allows remote attackers to cause Wireshark to crash. oval:org.secpod.oval:def:36097 The host is installed with Wireshark 1.12.x before 1.12.12 or 2.0.x before 2.0.4 and is prone to a denial of service vulnerability. A flaw is present in the USB dissectors, which fails to handle injection of a malformed packet onto the wire. Successful exploitation allows remote attackers to cause W ... oval:org.secpod.oval:def:36096 The host is installed with Wireshark 1.12.x before 1.12.12 or 2.0.x before 2.0.4 and is prone to a denial of service vulnerability. A flaw is present in the UMTS FP dissector, which fails to handle injection of a malformed packet onto the wire. Successful exploitation allows remote attackers to caus ... oval:org.secpod.oval:def:36095 The host is installed with Wireshark 2.0.x before 2.0.4 and is prone to a denial of service vulnerability. A flaw is present in the IEEE 802.11 dissector, which fails to handle injection of a malformed packet onto the wire. Successful exploitation allows remote attackers to cause Wireshark to crash. oval:org.secpod.oval:def:36094 The host is installed with Wireshark 1.12.x before 1.12.12 or 2.0.x before 2.0.4 and is prone to a denial of service vulnerability. A flaw is present in the IEEE 802.11 dissector, which fails to handle injection of a malformed packet onto the wire. Successful exploitation allows remote attackers to ... oval:org.secpod.oval:def:36093 The host is installed with Wireshark 1.12.x before 1.12.12 or 2.0.x before 2.0.4 and is prone to a denial of service vulnerability. A flaw is present in the SPOOLS dissector, which fails to handle injection of a malformed packet onto the wire. Successful exploitation allows remote attackers to cause ... oval:org.secpod.oval:def:36092 The host is installed with Wireshark 1.12.x before 1.12.12 and is prone to a denial of service vulnerability. A flaw is present in the WBXML dissector, which fails to handle a malformed packet. Successful exploitation allows remote attackers to cause Wireshark to consume excessive CPU resources. oval:org.secpod.oval:def:36091 The host is installed with Wireshark 2.0.x before 2.0.4 and is prone to a denial of service vulnerability. A flaw is present in the Ethernet dissector, which fails to handle a malformed packet. Successful exploitation allows remote attackers to cause Wireshark to crash. oval:org.secpod.oval:def:36099 The host is installed with Wireshark 1.12.x before 1.12.12 or 2.0.x before 2.0.4 and is prone to a denial of service vulnerability. A flaw is present in the CoSine file parser, which fails to handle a malformed packet. Successful exploitation allows remote attackers to cause Wireshark to crash. oval:org.secpod.oval:def:36090 The host is installed with Wireshark 1.12.x before 1.12.12 or 2.0.x before 2.0.4 and is prone to a denial of service vulnerability. A flaw is present in the NetScreen file parser, which fails to handle a malformed packet. Successful exploitation allows remote attackers to cause Wireshark to crash. oval:org.secpod.oval:def:36087 The host is installed with Wireshark 1.12.x before 1.12.12 or 2.0.x before 2.0.4 and is prone to a denial of service vulnerability. A flaw is present in the USB dissectors, which fails to handle injection of a malformed packet onto the wire. Successful exploitation allows remote attackers to cause W ... oval:org.secpod.oval:def:36086 The host is installed with Wireshark 1.12.x before 1.12.12 or 2.0.x before 2.0.4 and is prone to a denial of service vulnerability. A flaw is present in the UMTS FP dissector, which fails to handle injection of a malformed packet onto the wire. Successful exploitation allows remote attackers to caus ... oval:org.secpod.oval:def:36085 The host is installed with Wireshark 2.0.x before 2.0.4 and is prone to a denial of service vulnerability. A flaw is present in the IEEE 802.11 dissector, which fails to handle injection of a malformed packet onto the wire. Successful exploitation allows remote attackers to cause Wireshark to crash. oval:org.secpod.oval:def:36084 The host is installed with Wireshark 1.12.x before 1.12.12 or 2.0.x before 2.0.4 and is prone to a denial of service vulnerability. A flaw is present in the IEEE 802.11 dissector, which fails to handle injection of a malformed packet onto the wire. Successful exploitation allows remote attackers to ... oval:org.secpod.oval:def:36083 The host is installed with Wireshark 1.12.x before 1.12.12 or 2.0.x before 2.0.4 and is prone to a denial of service vulnerability. A flaw is present in the SPOOLS dissector, which fails to handle injection of a malformed packet onto the wire. Successful exploitation allows remote attackers to cause ... oval:org.secpod.oval:def:36089 The host is installed with Wireshark 1.12.x before 1.12.12 or 2.0.x before 2.0.4 and is prone to a denial of service vulnerability. A flaw is present in the CoSine file parser, which fails to handle a malformed packet. Successful exploitation allows remote attackers to cause Wireshark to crash. oval:org.secpod.oval:def:36088 The host is installed with Wireshark 1.12.x before 1.12.12 or 2.0.x before 2.0.4 and is prone to a denial of service vulnerability. A flaw is present in the Toshiba file parser, which fails to handle a malformed packet. Successful exploitation allows remote attackers to cause Wireshark to crash. oval:org.secpod.oval:def:36101 The host is installed with Wireshark 2.0.x before 2.0.4 and is prone to a denial of service vulnerability. A flaw is present in the Ethernet dissector, which fails to handle a malformed packet. Successful exploitation allows remote attackers to cause Wireshark to crash. oval:org.secpod.oval:def:36100 The host is installed with Wireshark 1.12.x before 1.12.12 or 2.0.x before 2.0.4 and is prone to a denial of service vulnerability. A flaw is present in the NetScreen file parser, which fails to handle a malformed packet. Successful exploitation allows remote attackers to cause Wireshark to crash. oval:org.secpod.oval:def:1800473 CVE-2016-5350: SPOOLS infinite loop. Affected versions: 2.0.0 to 2.0.3, 1.12.0 to 1.12.11 Fixed versions: 2.0.4, 1.12.12 oval:org.secpod.oval:def:6769 The host is installed with Wireshark 1.8.x before 1.8.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the pcapng_read_packet_block function in wiretap/pcapng.c in the pcap-ng file parser. Successful exploitation allows remote attackers t ... oval:org.secpod.oval:def:6781 The host is installed with Wireshark 1.8.x before 1.8.2 and is prone to an integer signedness error vulnerability. A flaw is present in the application, which fails to handle the vwr_read_rec_data_ethernet function in wiretap/vwr.c in the Ixia IxVeriWave file parser. Successful exploitation allows u ... oval:org.secpod.oval:def:17101 The host is installed with Wireshark 1.10.x before 1.10.1 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly validate MAC addresses. Successful exploitation allows attackers to cause a denial of service via a crafted packet. oval:org.secpod.oval:def:54563 The host is installed with Wireshark 3.0.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle issues in epan/dissectors/packet-ieee80211.c file. Successful exploitation allows attackers to crash the IEEE 802.11 dissector. oval:org.secpod.oval:def:54564 The host is installed with Wireshark 3.0.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the issues in epan/dissectors/packet-gsm_gsup.c file. Successful exploitation allows attackers to crash the GSUP dissector. oval:org.secpod.oval:def:54561 The host is installed with Wireshark 2.6.0 to 2.6.7, 2.4.0 to 2.4.13 or 3.0.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the invalid sequence number of zero in wiretap/netscaler.c. Successful exploitation allows attackers t ... oval:org.secpod.oval:def:54568 The host is installed with Wireshark 3.0.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the issues in epan/dissectors/packet-tsdns.c file. Successful exploitation allows attackers to crash the TSDNS dissector. oval:org.secpod.oval:def:54565 The host is installed with Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7 or 3.0.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the issues in epan/dissectors/packet-srvloc.c file. Successful exploitation allows attackers to crash ... oval:org.secpod.oval:def:54566 The host is installed with Wireshark 3.0.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the issues in epan/dissectors/file-rbm.r file. Successful exploitation allows attackers to crash the RBM dissector. oval:org.secpod.oval:def:55041 The host is installed with Wireshark 2.4.0 to 2.4.14, 2.6.0 to 2.6.8 or 3.0.0 before 3.0.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle an issue in epan/packet.c file. Successful exploitation allows attackers to crash the dis ... oval:org.secpod.oval:def:43029 The host is installed with Wireshark 2.4.0 to 2.4.2 or 2.2.0 to 2.2.10 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the NetBIOS dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:43028 The host is installed with Wireshark 2.4.0 to 2.4.2 or 2.2.0 to 2.2.10 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the IWARP_MPA dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:43027 The host is installed with Wireshark 2.4.0 to 2.4.2 or 2.2.0 to 2.2.10 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the CIP Safety dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:17099 The host is installed with Wireshark 1.8.x before 1.8.9 or 1.10.x before 1.10.1 and is prone to denial of service vulnerability. A flaw is present in the dissect_dvbci_tpdu_hdr function in epan/dissectors/packet-dvbci.c in the DVB-CI dissector in wireshark, which does not validate a certain length v ... oval:org.secpod.oval:def:17105 The host is installed with Wireshark 1.10.x before 1.10.1 and is prone to denial of service vulnerability. A flaw is present in the application, what does not properly validate certain index values. Successful exploitation allows attackers to cause a denial of service. oval:org.secpod.oval:def:17104 The host is installed with Wireshark 1.10.x before 1.10.1 and is prone to integer signedness error vulnerability. A flaw is present in the epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in wireshark, which fails to handle a crafted packet. Successful exploitation allows ... oval:org.secpod.oval:def:17103 The host is installed with Wireshark 1.10.x before 1.10.1 and is prone to denial of service vulnerability. A flaw is present in the epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in wireshark, which fails to properly determine whether there is remaining packet data to pr ... oval:org.secpod.oval:def:17102 The host is installed with Wireshark 1.10.x before 1.10.1 and is prone to integer signedness error vulnerability. A flaw is present in the dissect_headers function in epan/dissectors/packet-btobex.c in the Bluetooth OBEX dissector in Wireshark, which fails to handle a crafted packet. Successful expl ... oval:org.secpod.oval:def:106093 Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. oval:org.secpod.oval:def:106071 Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. oval:org.secpod.oval:def:17062 The host is installed with Wireshark 1.10.0 before 1.10.6 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet trace file. Successful exploitation could allow attackers to make Wireshark crash by injecting a malfor ... oval:org.secpod.oval:def:17054 The host is installed with Wireshark 1.10.0 before 1.10.6 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet trace file. Successful exploitation could allow attackers to make Wireshark crash by injecting a malfor ... oval:org.secpod.oval:def:17106 The host is installed with Wireshark 1.10.x before 1.10.1 and is prone to memory consumption vulnerability. A flaw is present in the dissect_dcom_ActivationProperties function in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector, which fails to handle a crafted packet. Succ ... oval:org.secpod.oval:def:17107 The host is installed with Wireshark 1.10.x before 1.10.1 and is prone to double free vulnerability. A flaw is present in the dissect_dcom_ActivationProperties function in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector, which fails to handle a crafted packet. Successful ... oval:org.secpod.oval:def:17108 The host is installed with Wireshark 1.10.x before 1.10.1 and is prone to denial of service vulnerability. A flaw is present in the dissect_radiotap function in epan/dissectors/packet-ieee80211-radiotap.c in the Radiotap dissector, which fails to handle a crafted packet. Successful exploitation allo ... oval:org.secpod.oval:def:17109 The host is installed with Wireshark 1.10.x before 1.10.1 and is prone to denial of service vulnerability. A flaw is present in the P1 dissector, which does not properly initialize a global variable. Successful exploitation allows attackers to cause a denial of service (crash). oval:org.secpod.oval:def:17112 The host is installed with Wireshark 1.4.x before 1.4.13 or 1.6.x before 1.6.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly perform data alignment for a certain structure member. Successful exploitation allows attackers to cause a den ... oval:org.secpod.oval:def:20057 The host is installed with Wireshark 1.10.x before 1.10.4 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted packet-trace file that includes a large packet. Successful exploitation allows attackers to execute arbitrary code or cause ... oval:org.secpod.oval:def:19984 The host is installed with Wireshark 1.10.x before 1.10.4 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted packet-trace file that includes a large packet. Successful exploitation allows attackers to execute arbitrary code or cause ... oval:org.secpod.oval:def:24759 The host is installed with wireshark in RHEL 5, 6 or 7 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted packet-trace file. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:203085 wireshark is installed oval:org.secpod.oval:def:89003139 This update for wireshark to version 2.4.13 fixes the following issues: Security issues fixed: - CVE-2019-9214: Avoided a dereference of a null coversation which could make RPCAP dissector crash . - CVE-2019-9209: Fixed a buffer overflow in time values which could make ASN.1 BER and related dissecto ... oval:org.secpod.oval:def:600966 Multiple vulnerabilities were discovered in the dissectors for the CLNP, DTLS, DCP-ETSI and NTLMSSP protocols, which could result in denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:40683 The host is installed with Wireshark 2.0.x before 2.0.13 or 2.2.x before 2.2.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly validate an interval value. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:40684 The host is installed with Wireshark 2.0.x before 2.0.13 or 2.2.x before 2.2.7 and is prone to a null pointer dereference vulnerability. A flaw is present in the application, which fails to properly handle a NULL pointer. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:31561 The host is installed with Wireshark 1.12.x before 1.12.8 and is prone to denial of service vulnerability. A flaw is present in the application, which uses too many levels of pointer indirection. Successful exploitation allows remote attackers to cause a denial of service (incorrect free and applica ... oval:org.secpod.oval:def:600989 Multiple vulnerabilities were discovered in the dissectors for the MS-MMS, RTPS, RTPS2, Mount, ACN, CIMD and DTLS protocols, which could result in denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:89003399 This update for wireshark to version 2.4.12 fixes the following issues: Security issues fixed: - CVE-2019-5717: Fixed a denial of service in the P_MUL dissector - CVE-2019-5718: Fixed a denial of service in the RTSE dissector and other dissectors - CVE-2019-5719: Fixed a denial of service in the I ... oval:org.mitre.oval:def:6099 Unspecified vulnerability in the LDAP dissector in Wireshark 0.99.2 through 1.0.6, when running on Windows, allows remote attackers to cause a denial of service (crash) via unknown attack vectors. oval:org.secpod.oval:def:14116 The host is installed with Wireshark 1.8.x before 1.8.8 and is prone to heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to validate the relationship between a record length and a trailer length. Successful exploitation allows attackers to cause a denial of ... oval:org.secpod.oval:def:89044769 This update for wireshark fixes the following issues: - CVE-2017-17083: NetBIOS dissector could crash. This was addressed in epan/dissectors/packet-netbios.c by ensuring that write operations are bounded by the beginning of a buffer. - CVE-2017-17084: IWARP_MPA dissector could crash. This was addre ... oval:org.secpod.oval:def:62423 The host is missing a security update according to Wireshark Advisory. The update is required to fix a denial-of-service vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet. Successful exploitation allows attackers to make Wireshark crash. oval:org.secpod.oval:def:62422 The host is installed with Wireshark 2.6.0 before 2.6.16, 3.0.0 before 3.0.10 or 3.2.0 before 3.2.3 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet. Successful exploitation allows attackers to make Wireshark c ... oval:org.secpod.oval:def:14123 The host is installed with Wireshark 1.8.x before 1.8.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly initialize memory. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:14124 The host is installed with Wireshark 1.6.x before 1.6.16 or 1.8.x before 1.8.8 and is prone to denial of service vulnerability. A flaw is present in the application, which incorrectly uses a -1 data value to represent an error condition. Successful exploitation allows attackers to cause an applicati ... oval:org.secpod.oval:def:14121 The host is installed with Wireshark 1.8.x before 1.8.8 and is prone to array index error vulnerability. A flaw is present in the application, which fails to handle vectors related to nbap.cnf and packet-nbap.c. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:14122 The host is installed with Wireshark 1.8.x before 1.8.8 and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted packet. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:14120 The host is installed with Wireshark 1.8.x before 1.8.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to validate return values during checks for data availability. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:89044766 This update for wireshark to version 2.2.9 fixes several issues. These security issues were fixed: - CVE-2017-13767: The MSDP dissector could have gone into an infinite loop. This was addressed by adding length validation . - CVE-2017-13766: The Profinet I/O dissector could have crash with an out-of ... oval:org.secpod.oval:def:14118 The host is installed with Wireshark 1.8.x before 1.8.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle a zero-length item. Successful exploitation allows attackers to cause a denial of service (infinite loop, and CPU and memory c ... oval:org.secpod.oval:def:14119 The host is installed with Wireshark 1.8.x before 1.8.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted packet. Successful exploitation allows attackers to cause a denial of service (infinite loop and application hang). oval:org.secpod.oval:def:14332 Wireshark 1.6.x is installed oval:org.secpod.oval:def:39872 The host is installed with Wireshark 2.2.x before 2.2.6 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a packet injection or a malformed capture file. Successful exploitation could allow remote attackers to cause a DOF dissecto ... oval:org.secpod.oval:def:14333 Wireshark 1.8.x (32 bit) is installed oval:org.secpod.oval:def:14330 Wireshark 1.2.x is installed oval:org.secpod.oval:def:14331 Wireshark 1.4.x is installed oval:org.secpod.oval:def:39870 The host is installed with Wireshark 2.0.x before 2.0.12 or 2.2.x before 2.2.6 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a packet injection or a malformed capture file. Successful exploitation could allow remote attackers ... oval:org.secpod.oval:def:39871 The host is installed with Wireshark 2.0.x before 2.0.12 or 2.2.x before 2.2.6 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a packet injection or a malformed capture file. Successful exploitation could allow remote attackers ... oval:org.secpod.oval:def:14329 Wireshark less than 1.1 version is installed oval:org.secpod.oval:def:39869 The host is installed with Wireshark 2.0.x before 2.0.12 or 2.2.x before 2.2.6 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a packet injection or a malformed capture file. Successful exploitation could allow remote attackers ... oval:org.secpod.oval:def:39861 The host is installed with Wireshark 2.0.x before 2.0.12 or 2.2.x before 2.2.6 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a packet injection or a malformed capture file. Successful exploitation could allow remote attackers ... oval:org.secpod.oval:def:40674 The host is installed with Wireshark 2.2.x before 2.2.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted IPv6 address. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:39862 The host is installed with Wireshark 2.0.x before 2.0.12 or 2.2.x before 2.2.6 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a packet injection or a malformed capture file. Successful exploitation could allow remote attackers ... oval:org.secpod.oval:def:40675 The host is installed with Wireshark 2.0.x before 2.0.13 or 2.2.x before 2.2.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet trace file. Successful exploitation could allow remote attackers to crash the serv ... oval:org.secpod.oval:def:39863 The host is installed with Wireshark 2.0.x before 2.0.12 or 2.2.x before 2.2.6 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a packet injection or a malformed capture file. Successful exploitation could allow remote attackers ... oval:org.secpod.oval:def:39864 The host is installed with Wireshark 2.0.x before 2.0.12 or 2.2.x before 2.2.6 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a packet injection or a malformed capture file. Successful exploitation could allow remote attackers ... oval:org.secpod.oval:def:40673 The host is installed with Wireshark 2.0.x before 2.0.13 or 2.2.x before 2.2.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted IPv4 address. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:39865 The host is installed with Wireshark 2.0.x before 2.0.12 or 2.2.x before 2.2.6 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a packet injection or a malformed capture file. Successful exploitation could allow remote attackers ... oval:org.secpod.oval:def:40678 The host is installed with Wireshark 2.0.x before 2.0.13 or 2.2.x before 2.2.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet trace file. Successful exploitation could allow remote attackers to crash the serv ... oval:org.secpod.oval:def:39866 The host is installed with Wireshark 2.2.x before 2.2.6 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a packet injection or a malformed capture file. Successful exploitation could allow remote attackers to cause a DOF dissecto ... oval:org.secpod.oval:def:40679 The host is installed with Wireshark 2.2.x before 2.2.7 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted size value. Successful exploitation could allow remote attackers to read past the end of a buffer. oval:org.secpod.oval:def:40676 The host is installed with Wireshark 2.0.x before 2.0.13 or 2.2.x before 2.2.7 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle the Vendor Class Identifier. Successful exploitation could allow remote attackers to read past the end ... oval:org.secpod.oval:def:39867 The host is installed with Wireshark 2.0.x before 2.0.12 or 2.2.x before 2.2.6 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a packet injection or a malformed capture file. Successful exploitation could allow remote attackers ... oval:org.secpod.oval:def:40677 The host is installed with Wireshark 2.0.x before 2.0.13 or 2.2.x before 2.2.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly check for a negative length. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:39868 The host is installed with Wireshark 2.0.x before 2.0.12 or 2.2.x before 2.2.6 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a packet injection or a malformed capture file. Successful exploitation could allow remote attackers ... oval:org.secpod.oval:def:40681 The host is installed with Wireshark 2.0.x before 2.0.13 or 2.2.x before 2.2.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet trace file. Successful exploitation could allow remote attackers to crash the serv ... oval:org.secpod.oval:def:40682 The host is installed with Wireshark 2.0.x before 2.0.13 or 2.2.x before 2.2.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly detect self-referencing pointers. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:40680 The host is installed with Wireshark 2.2.x before 2.2.7 and is prone to a null pointer dereference vulnerability. A flaw is present in the application, which fails to properly handle a crafted OID. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:40847 The host is installed Wireshark 1.8.x before 1.8.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted packet-trace file that triggers a buffer overflow. Successful exploitation allows user-assisted remote attackers to exe ... oval:org.secpod.oval:def:40846 The host is installed Wireshark 1.8.x through 1.8.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted pcap-ng file. Successful exploitation allows user-assisted remote attackers to cause a denial of service (divide-by-ze ... oval:org.secpod.oval:def:40849 The host is installed Wireshark 1.10.x before 1.10.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted packet. Successful exploitation allows remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:40850 The host is installed Wireshark 1.10.x before 1.10.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted packet. Successful exploitation allows remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:38112 The host is installed with Wireshark 2.2.x before 2.2.2 and is prone to an unspecified vulnerability. A flaw is present in the I/O dissector, which fails to properly handle network traffic or a capture file. Successful exploitation allows attackers to cause unspecified impact. oval:org.secpod.oval:def:40851 The host is installed Wireshark 1.10.x before 1.10.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted packet. Successful exploitation allows remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:38113 The host is installed with Wireshark 2.2.x before 2.2.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle NCP dissector. Successful exploitation allows attackers to crash the service by injecting a malformed packet onto the wire o ... oval:org.secpod.oval:def:38114 The host is installed with Wireshark 2.2.x before 2.2.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle bluetooth L2CAP dissector. Successful exploitation allows attackers to crash the service by injecting a malformed packet ont ... oval:org.secpod.oval:def:40854 The host is installed Wireshark 1.10.x before 1.10.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted packet. Successful exploitation allows remote attackers to cause a denial of service (assertion failure and applicati ... oval:org.secpod.oval:def:40855 The host is installed Wireshark 1.10.x before 1.10.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly determine whether there is remaining packet data to process. Successful exploitation allows remote attackers to cause a denial of serv ... oval:org.secpod.oval:def:40852 The host is installed Wireshark 1.10.x before 1.10.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted packet. Successful exploitation allows remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:40853 The host is installed Wireshark 1.10.x before 1.10.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly validate certain index values. Successful exploitation allows remote attackers to cause a denial of service (assertion failure and app ... oval:org.secpod.oval:def:40858 The host is installed Wireshark 1.8.x before 1.8.9 or 1.10.x before 1.10.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly determine whether there is remaining packet data to process. Successful exploitation allows remote attackers to ... oval:org.secpod.oval:def:40859 The host is installed Wireshark 1.8.x before 1.8.9 or 1.10.x before 1.10.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly determine whether there is remaining packet data to process. Successful exploitation allows remote attackers to ... oval:org.secpod.oval:def:40857 The host is installed Wireshark 1.10.x before 1.10.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly determine whether there is remaining packet data to process. Successful exploitation allows remote attackers to cause a denial of serv ... oval:org.secpod.oval:def:38110 The host is installed with Wireshark 2.0.x before 2.0.8 or 2.2.x before 2.2.2 and is prone to a denial of service vulnerability. A flaw is present in the AllJoyn dissector, which fails to properly handle network traffic or a capture file. Successful exploitation allow attackers to crash the service ... oval:org.secpod.oval:def:38111 The host is installed with Wireshark 2.0.x before 2.0.8 or 2.2.x before 2.2.2 and is prone to an use-after-free vulnerability. A flaw is present in the DCERPC dissector, which fails to properly handle network traffic or a capture file. Successful exploitation allow attackers to crash the service wit ... oval:org.secpod.oval:def:38109 The host is installed with Wireshark 2.0.x before 2.0.8 or 2.2.x before 2.2.2 and is prone to an unspecified vulnerability. A flaw is present in the OpenFlow dissector, which fails to properly handle network traffic or a capture file. Successful exploitation allow attackers to crash the service by f ... oval:org.mitre.oval:def:5625 Unspecified vulnerability in the AFS dissector in Wireshark 0.9.2 through 1.2.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. oval:org.secpod.oval:def:38101 The host is installed with Wireshark 2.0.x before 2.0.7 or 2.2.x before 2.2.2 and is prone to a denial of service vulnerability. A flaw is present in the OpenFlow dissector, which fails to properly handle network traffic or a capture file. Successful exploitation allow attackers to crash the service ... oval:org.secpod.oval:def:38102 The host is installed with Wireshark 2.0.x before 2.0.8 or 2.2.x before 2.2.2 and is prone to an unspecified vulnerability. A flaw is present in the OpenFlow dissector, which fails to properly handle network traffic or a capture file. Successful exploitation allow attackers to crash the service by f ... oval:org.secpod.oval:def:38103 The host is installed with Wireshark 2.0.x before 2.0.8 or 2.2.x before 2.2.2 and is prone to a denial of service vulnerability. A flaw is present in the AllJoyn dissector, which fails to properly handle network traffic or a capture file. Successful exploitation allow attackers to crash the service ... oval:org.secpod.oval:def:38104 The host is installed with Wireshark 2.0.x before 2.0.8 or 2.2.x before 2.2.2 and is prone to an use-after-free vulnerability. A flaw is present in the DCERPC dissector, which fails to properly handle network traffic or a capture file. Successful exploitation allow attackers to crash the service wit ... oval:org.secpod.oval:def:40865 The host is installed Wireshark 1.10.x before 1.10.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted packet. Successful exploitation allows remote attackers to cause a denial of service (NULL pointer dereference and ap ... oval:org.secpod.oval:def:38105 The host is installed with Wireshark 2.2.x before 2.2.2 and is prone to an unspecified vulnerability. A flaw is present in the I/O dissector, which fails to properly handle network traffic or a capture file. Successful exploitation allows attackers to cause unspecified impact. oval:org.secpod.oval:def:38106 The host is installed with Wireshark 2.2.x before 2.2.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle NCP dissector. Successful exploitation allows attackers to crash the service by injecting a malformed packet onto the wire o ... oval:org.secpod.oval:def:38107 The host is installed with Wireshark 2.2.x before 2.2.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle bluetooth L2CAP dissector. Successful exploitation allows attackers to crash the service by injecting a malformed packet ont ... oval:org.secpod.oval:def:38108 The host is installed with Wireshark 2.0.x before 2.0.8 or 2.2.x before 2.2.2 and is prone to a denial of service vulnerability. A flaw is present in the OpenFlow dissector, which fails to properly handle network traffic or a capture file. Successful exploitation allow attackers to crash the service ... oval:org.secpod.oval:def:7303 The host is installed with Wireshark 1.8.x before 1.8.3 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the dissect_hsrp function in epan/dissectors/packet-hsrp.c in the HSRP dissector. Successful exploitation allows remote attack ... oval:org.secpod.oval:def:7301 The host is installed with Wireshark 1.8.x before 1.8.3 and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle the dissect_tlv function in epan/dissectors/packet-ldp.c in the LDP dissector. Successful exploitation allows remote attackers t ... oval:org.secpod.oval:def:7302 The host is installed with Wireshark 1.8.x before 1.8.3 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle OUI data structures. Successful exploitation allows remote attackers to cause a denial of service (assertion failure and appli ... oval:org.mitre.oval:def:11498 Untrusted search path vulnerability in Wireshark 0.8.4 through 1.0.15 and 1.2.0 through 1.2.10 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse airpcap.dll, and possibly other DLLs, that is located in the same folder as ... oval:org.secpod.oval:def:38845 The host is installed with Wireshark 2.0.x before 2.0.10 or 2.2.x before 2.2.4 and is prone to a denial of service vulnerability. A flaw is present in the DHCPv6 dissector, which fails to properly handle a malformed capture file. Successful exploitation could allow remote attackers to force the appl ... oval:org.secpod.oval:def:2505 The host is installed with Wireshark 1.6.x before 1.6.2 and is prone to a denial of service vulnerability. A flaw is present in the unxorFrame function in epan/dissectors/packet-opensafety.c in the OpenSafety dissector in Wireshark, which fails to validate a certain frame size. Successful exploitati ... oval:org.secpod.oval:def:2507 The host is installed with Wireshark 1.6.x before 1.6.2 and is prone to a denial of service vulnerability. A flaw is present in the csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector, which fails to initialize a certain structure member. Successful exploitation could ... oval:org.secpod.oval:def:2506 The host is installed with Wireshark 1.6.x before 1.6.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a buffer exception. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:33149 The host is installed with Wireshark 1.12.x before 1.12.10 or 2.0.x before 2.0.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to limit the recursion depth. Successful exploitation could allow remote attackers to cause a denial of service (memor ... oval:org.secpod.oval:def:33148 The host is installed with Wireshark 1.12.x before 1.12.10 or 2.0.x before 2.0.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted packet that triggers a 0xff tag value. Successful exploitation could allow remote attackers to cau ... oval:org.secpod.oval:def:33145 The host is installed with Wireshark 2.0.x before 2.0.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to validate length values. Successful exploitation could allow remote attackers to cause a denial of service (stack-based buffer overflow and a ... oval:org.secpod.oval:def:33144 The host is installed with Wireshark 2.0.x before 2.0.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to ensure that a '\0' character is present at the end of certain strings. Successful exploitation could allow remote attackers to cause a denia ... oval:org.secpod.oval:def:33147 The host is installed with Wireshark 1.12.x before 1.12.10 or 2.0.x before 2.0.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle the case of an unrecognized TLV type. Successful exploitation could allow remote attackers to cause a denial ... oval:org.secpod.oval:def:33146 The host is installed with Wireshark 2.0.x before 2.0.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to consider that a line may lack the "OBJECT PROTOCOL" substring. Successful exploitation could allow remote attackers to cause a denial of ser ... oval:org.secpod.oval:def:33141 The host is installed with Wireshark 2.0.x before 2.0.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle crafted packet. Successful exploitation could allow remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:33140 The host is installed with Wireshark 1.12.x before 1.12.10 or 2.0.x before 2.0.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle crafted packet. Successful exploitation could allow remote attackers to cause a denial of service (infinite ... oval:org.secpod.oval:def:33143 The host is installed with Wireshark 2.0.x before 2.0.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to validate the data type. Successful exploitation could allow remote attackers to cause a denial of service (out-of-bounds read and applicatio ... oval:org.secpod.oval:def:33142 The host is installed with Wireshark 2.0.x before 2.0.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to limit the amount of header data. Successful exploitation could allow remote attackers to cause a denial of service (memory consumption or ap ... oval:org.secpod.oval:def:2508 The host is installed with Wireshark 1.4.x before 1.4.9 or 1.6.x before 1.6.2 and is prone to an Untrusted search path vulnerability. A flaw is present in the application, which fails to prevent local users from gaining privileges. Successful exploitation could allow attackers to run arbitrary Lua s ... oval:org.secpod.oval:def:33138 The host is installed with Wireshark 1.12.x before 1.12.10 or 2.0.x before 2.0.2 and is prone to an untrusted search path vulnerability. A flaw is present in the Wireshark Application class, which fails to handle a Trojan horse riched20.dll.dll file in the current working directory, related to use o ... oval:org.secpod.oval:def:33137 The host is installed with Wireshark 1.12.x before 1.12.10 or 2.0.x before 2.0.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to limit the recursion depth. Successful exploitation could allow remote attackers to cause a denial of service (memor ... oval:org.secpod.oval:def:33139 The host is installed with Wireshark 2.0.x before 2.0.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle BER dissector which verifies certain length is nonzero. Successful exploitation could allow remote attackers to cause a denial of ser ... oval:org.mitre.oval:def:5423 Unspecified vulnerability in packet.c in the GSM A RR dissector in Wireshark 1.2.0 and 1.2.1 allows remote attackers to cause a denial of service (application crash) via unknown vectors related to "an uninitialized dissector handle," which triggers an assertion failure. oval:org.secpod.oval:def:14852 The host is installed with Wireshark 1.8.x before 1.8.9 or 1.10.x before 1.10.1 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to terminate packet-data processing after finding zero remaining bytes. Successful exploitation allows attackers to cause ... oval:org.secpod.oval:def:33134 The host is installed with Wireshark 2.0.x before 2.0.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to consider that a line may lack the "OBJECT PROTOCOL" substring. Successful exploitation could allow remote attackers to cause a denial of ser ... oval:org.secpod.oval:def:40704 The host is installed with Wireshark 2.0.x before 2.0.13 or 2.2.x before 2.2.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet trace file. Successful exploitation could allow remote attackers to crash the serv ... oval:org.secpod.oval:def:33133 The host is installed with Wireshark 2.0.x before 2.0.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to validate length values. Successful exploitation could allow remote attackers to cause a denial of service (stack-based buffer overflow and a ... oval:org.secpod.oval:def:40705 The host is installed with Wireshark 2.0.x before 2.0.13 or 2.2.x before 2.2.7 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle the Vendor Class Identifier. Successful exploitation could allow remote attackers to read past the end ... oval:org.secpod.oval:def:33136 The host is installed with Wireshark 1.12.x before 1.12.10 or 2.0.x before 2.0.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted packet that triggers a 0xff tag value. Successful exploitation could allow remote attackers to cau ... oval:org.secpod.oval:def:40702 The host is installed with Wireshark 2.0.x before 2.0.13 or 2.2.x before 2.2.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted IPv4 address. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:33135 The host is installed with Wireshark 1.12.x before 1.12.10 or 2.0.x before 2.0.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle the case of an unrecognized TLV type. Successful exploitation could allow remote attackers to cause a denial ... oval:org.secpod.oval:def:40703 The host is installed with Wireshark 2.2.x before 2.2.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted IPv6 address. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:33130 The host is installed with Wireshark 2.0.x before 2.0.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to limit the amount of header data. Successful exploitation could allow remote attackers to cause a denial of service (memory consumption or ap ... oval:org.secpod.oval:def:40708 The host is installed with Wireshark 2.2.x before 2.2.7 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted size value. Successful exploitation could allow remote attackers to read past the end of a buffer. oval:org.secpod.oval:def:40709 The host is installed with Wireshark 2.2.x before 2.2.7 and is prone to a null pointer dereference vulnerability. A flaw is present in the application, which fails to properly handle a crafted OID. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:33132 The host is installed with Wireshark 2.0.x before 2.0.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to ensure that a '\0' character is present at the end of certain strings. Successful exploitation could allow remote attackers to cause a denia ... oval:org.secpod.oval:def:40706 The host is installed with Wireshark 2.0.x before 2.0.13 or 2.2.x before 2.2.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly check for a negative length. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:33131 The host is installed with Wireshark 2.0.x before 2.0.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to validate the data type. Successful exploitation could allow remote attackers to cause a denial of service (out-of-bounds read and applicatio ... oval:org.secpod.oval:def:40707 The host is installed with Wireshark 2.0.x before 2.0.13 or 2.2.x before 2.2.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet trace file. Successful exploitation could allow remote attackers to crash the serv ... oval:org.secpod.oval:def:33127 The host is installed with Wireshark 2.0.x before 2.0.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle BER dissector which verifies certain length is nonzero. Successful exploitation could allow remote attackers to cause a denial of ser ... oval:org.secpod.oval:def:33126 The host is installed with Wireshark 1.12.x before 1.12.10 or 2.0.x before 2.0.2 and is prone to an untrusted search path vulnerability. A flaw is present in the WiresharkApplication class, which fails to handle a Trojan horse riched20.dll.dll file in the current working directory, related to use of ... oval:org.secpod.oval:def:33129 The host is installed with Wireshark 2.0.x before 2.0.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which mishandles the algorithm ID. Successful exploitation could allow remote attackers to cause a denial of service (application crash) via a crafted pack ... oval:org.secpod.oval:def:33128 The host is installed with Wireshark 1.12.x before 1.12.10 or 2.0.x before 2.0.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted packet. Successful exploitation could allow remote attackers to cause a denial of service (infinit ... oval:org.secpod.oval:def:14846 Wireshark 1.10.x (32 bit) is installed oval:org.secpod.oval:def:601142 Multiple vulnerabilities were discovered in the dissectors for IEEE 802.15.4, NBAP, SIP and TCP, which could result in denial of service. The oldstable distribution is only affected by CVE-2013-6340. This problem has been fixed in version 1.2.11-6+squeeze13. oval:org.secpod.oval:def:40711 The host is installed with Wireshark 2.0.x before 2.0.13 or 2.2.x before 2.2.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly detect self-referencing pointers. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:40712 The host is installed with Wireshark 2.0.x before 2.0.13 or 2.2.x before 2.2.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly validate an interval value. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:40710 The host is installed with Wireshark 2.0.x before 2.0.13 or 2.2.x before 2.2.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet trace file. Successful exploitation could allow remote attackers to crash the serv ... oval:org.secpod.oval:def:40713 The host is installed with Wireshark 2.0.x before 2.0.13 or 2.2.x before 2.2.7 and is prone to a null pointer dereference vulnerability. A flaw is present in the application, which fails to properly handle a NULL pointer. Successful exploitation could allow remote attackers to crash the service. oval:org.mitre.oval:def:6321 Unspecified vulnerability in the Infiniband dissector in Wireshark 1.0.6 through 1.2.0, when running on unspecified platforms, allows remote attackers to cause a denial of service (crash) via unknown vectors. oval:org.secpod.oval:def:38872 The host is installed with Wireshark 2.0.x before 2.0.10 or 2.2.x before 2.2.4 and is prone to a denial of service vulnerability. A flaw is present in the DHCPv6 dissector, which fails to properly handle a malformed capture file. Successful exploitation could allow remote attackers to force the appl ... oval:org.secpod.oval:def:38873 The host is installed with Wireshark 2.0.x before 2.0.10 or 2.2.x before 2.2.4 and is prone to a denial of service vulnerability. A flaw is present in the ASTERIX dissector, which fails to properly handle a malformed capture file. Successful exploitation could allow remote attackers to force the app ... oval:org.secpod.oval:def:9100 The host is installed with Wireshark 1.6.x before 1.6.13 or 1.8.x before 1.8.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle certain short lengths. Successful exploitation could allow attackers to crash the service. oval:org.mitre.oval:def:11792 The SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.7 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. oval:org.secpod.oval:def:39940 The host is installed with Wireshark 2.0.x before 2.0.12 or 2.2.x before 2.2.6 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a packet injection or a malformed capture file. Successful exploitation could allow remote attackers ... oval:org.secpod.oval:def:38846 The host is installed with Wireshark 2.0.x before 2.0.10 or 2.2.x before 2.2.4 and is prone to a denial of service vulnerability. A flaw is present in the ASTERIX dissector, which fails to properly handle a malformed capture file. Successful exploitation could allow remote attackers to force the app ... oval:org.secpod.oval:def:39937 The host is installed with Wireshark 2.0.x before 2.0.12 or 2.2.x before 2.2.6 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a packet injection or a malformed capture file. Successful exploitation could allow remote attackers ... oval:org.secpod.oval:def:39938 The host is installed with Wireshark 2.0.x before 2.0.12 or 2.2.x before 2.2.6 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a packet injection or a malformed capture file. Successful exploitation could allow remote attackers ... oval:org.secpod.oval:def:39939 The host is installed with Wireshark 2.0.x before 2.0.12 or 2.2.x before 2.2.6 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a packet injection or a malformed capture file. Successful exploitation could allow remote attackers ... oval:org.secpod.oval:def:601172 Laurent Butti and Garming Sam discored multiple vulnerabilities in the dissectors for NTLMSSPv2 and BSSGP, which could lead to denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:89002443 This update for wireshark to version 2.2.12 fixes the following issues: - CVE-2018-5334: IxVeriWave file could crash - CVE-2018-5335: WCP dissector could crash - CVE-2018-5336: Multiple dissector crashes - CVE-2017-17935: Incorrect handling of quot;\nquot; in file_read_line function could have le ... oval:org.secpod.oval:def:944 The host is installed with Wireshark and is prone to Denial of service vulnerability. A flaw is present in the NFS dissector, which fails to handle incorrect integer data type during decoding of SETCLIENTID calls. Successful exploitation could allow remote attackers to cause denial of service. oval:org.secpod.oval:def:943 The host is installed with Wireshark and is prone to buffer overflow vulnerability. A flaw is present in the DECT dissector, which fails to handle malicious packets. Successful exploitation could allow remote attackers to cause denial of service. oval:org.mitre.oval:def:6589 Wireshark is installed on the system. oval:org.secpod.oval:def:66014 The host is installed with Wireshark 3.0.0 to 3.0.13 or 3.2.0 to 3.2.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle an issue in the implementation of offset advancement. Successful exploitation allows attackers to crash the F ... oval:org.secpod.oval:def:41139 The host is installed with Wireshark 2.2.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle exceptions. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:41140 The host is installed with Wireshark 2.2.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle certain types of packets. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:41385 The host is installed with Wireshark 2.0.x through 2.0.13 or 2.2.x through 2.2.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet trace file. Successful exploitation could allow remote attackers to crash the se ... oval:org.secpod.oval:def:41386 The host is installed with Wireshark 2.0.x through 2.0.13 or 2.2.x through 2.2.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet trace file. Successful exploitation could allow remote attackers to crash the se ... oval:org.secpod.oval:def:41141 The host is installed with Wireshark 2.2.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle exceptions. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:41384 The host is installed with Wireshark 2.0.x through 2.0.13 or 2.2.x through 2.2.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet trace file. Successful exploitation could allow remote attackers to crash the se ... oval:org.secpod.oval:def:41142 The host is installed with Wireshark 2.2.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle certain types of packets. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:41389 The host is installed with Wireshark 2.0.x through 2.0.13 or 2.2.x through 2.2.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the relationships between indexes and lengths. Successful exploitation could allow remote attackers ... oval:org.secpod.oval:def:41387 The host is installed with Wireshark 2.0.x through 2.0.13 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet trace file. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:41145 The host is installed with Wireshark 2.2.7 and is prone to a stack exhaustion vulnerability. A flaw is present in the application, which fails to properly handle a high recursion depth. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:41388 The host is installed with Wireshark 2.0.x through 2.0.13 or 2.2.x through 2.2.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle length validation. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:41146 The host is installed with Wireshark 2.2.7 and is prone to a stack exhaustion vulnerability. A flaw is present in the application, which fails to properly handle a high recursion depth. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:89002481 This update for wireshark fixes the following issues: - Update to wireshark 2.2.14, fix such issues: * bsc#1088200 VUL-0: wireshark: multiple vulnerabilities fixed in 2.2.14, 2.4.6 * CVE-2018-9256: LWAPP dissector crash * CVE-2018-9260: IEEE 802.15.4 dissector crash * CVE-2018-9261: NBAP dissector c ... oval:org.mitre.oval:def:6162 Unspecified vulnerability in the OpcUa (OPC UA) dissector in Wireshark 0.99.6 through 1.0.8 and 1.2.0 through 1.2.1 allows remote attackers to cause a denial of service (memory and CPU consumption) via malformed OPCUA Service CallRequest packets. oval:org.secpod.oval:def:89003338 This update for wireshark to version 2.4.16 fixes the following issues: Security issue fixed: - CVE-2019-13619: ASN.1 BER and related dissectors crash . oval:org.secpod.oval:def:41398 The host is installed with Wireshark 2.0.x through 2.0.13 or 2.2.x through 2.2.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet trace file. Successful exploitation could allow remote attackers to crash the se ... oval:org.secpod.oval:def:600931 Bjorn Mork and Laurent Butti discovered crashes in the PPP and RTPS2 dissectors, which could potentially result in the execution of arbitrary code. oval:org.secpod.oval:def:41399 The host is installed with Wireshark 2.0.x through 2.0.13 or 2.2.x through 2.2.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet trace file. Successful exploitation could allow remote attackers to crash the se ... oval:org.mitre.oval:def:6391 packet-paltalk.c in the Paltalk dissector in Wireshark 1.2.0 through 1.2.2, on SPARC and certain other platforms, allows remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace. oval:org.secpod.oval:def:89002468 This update for wireshark fixes the following issues: Security issues fixed: - bsc#1094301: Wireshark security update to 2.6.1, 2.4.7, 2.2.15 - CVE-2018-14339: MMSE dissector infinite loop - CVE-2018-14341: DICOM dissector crash - CVE-2018-14343: ASN.1 BER dissector crash - CVE-2018-14344: ISMP d ... oval:org.mitre.oval:def:6379 Buffer overflow in the IPMI dissector in Wireshark 1.2.0 allows remote attackers to cause a denial of service (crash) via unspecified vectors related to an array index error. NOTE: some of these details are obtained from third party information. oval:org.secpod.oval:def:2186 The host is installed with Wireshark 1.6.1 and is prone to a denial of service vulnerability. A flaw is present in an application, which fails to validate the IKE packet. Successful exploitation could allow attackers to crash the application. oval:org.secpod.oval:def:89002164 This update for wireshark to version 2.2.11 fixes several issues. These security issues were fixed: - CVE-2017-13767: The MSDP dissector could have gone into an infinite loop. This was addressed by adding length validation - CVE-2017-13766: The Profinet I/O dissector could have crash with an out-of ... oval:org.secpod.oval:def:89003242 This update for wireshark to version 2.4.15 fixes the following issues: Security issue fixed: - Fixed a denial of service in the dissection engine . oval:org.secpod.oval:def:16004 The host is installed with Wireshark 1.8.x before 1.8.11 or 1.10.x before 1.10.3 and is prone to spoofing vulnerability. The flaw is present in the ieee802154_map_rec function in epan/dissectors/packet-ieee802154.c in the IEEE 802.15.4 dissecto, which fails to properly handle a crafted packet. Succe ... oval:org.secpod.oval:def:16005 The host is installed with Wireshark 1.8.x before 1.8.11 or 1.10.x before 1.10.3 and is prone to denial of service vulnerability. The flaw is present in the epan/dissectors/packet-tcp.c in the TCP dissector, which does not properly determine the amount of remaining data. Successful exploitation allo ... oval:org.secpod.oval:def:16002 The host is installed with Wireshark 1.8.x before 1.8.11 or 1.10.x before 1.10.3 and is prone to denial of service vulnerability. The flaw is present in the dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector, which fails to properly initialize a data structure. Successf ... oval:org.secpod.oval:def:16003 The host is installed with Wireshark 1.8.x before 1.8.11 or 1.10.x before 1.10.3 and is prone to unspecified vulnerability. The flaw is present in the in the NBAP dissector, which fails to handle a crafted packet. Successful exploitation allows remote attackers to cause a denial of service (applicat ... oval:org.secpod.oval:def:39105 The host is installed with Wireshark 2.2.x before 2.2.5 or 2.0.x before 2.0.11 and is prone to memory corruption vulnerability. A flaw is present in the capture file support (libwiretap) component, which fails to properly handle a crafted or malformed STANAG 4607 capture file. Successful exploitatio ... oval:org.secpod.oval:def:16008 The host is installed with Wireshark 1.8.x before 1.8.11 or 1.10.x before 1.10.3 and is prone to unspecified vulnerability. The flaw is present in the in the NBAP dissector, which fails to handle a crafted packet. Successful exploitation allows remote attackers to cause a denial of service (applicat ... oval:org.secpod.oval:def:39106 The host is installed with Wireshark 2.2.x before 2.2.5 or 2.0.x before 2.0.11 and is prone to memory corruption vulnerability. A flaw is present in the capture file support (libwiretap) component, which fails to properly handle a crafted or malformed STANAG 4607 capture file. Successful exploitatio ... oval:org.secpod.oval:def:16009 The host is installed with Wireshark 1.8.x before 1.8.11 or 1.10.x before 1.10.3 and is prone to spoofing vulnerability. The flaw is present in the ieee802154_map_rec function in epan/dissectors/packet-ieee802154.c in the IEEE 802.15.4 dissecto, which fails to properly handle a crafted packet. Succe ... oval:org.secpod.oval:def:16006 The host is installed with Wireshark 1.8.x before 1.8.11 or 1.10.x before 1.10.3 and is prone to denial of service vulnerability. The flaw is present in the dissect_openwire_type function in epan/dissectors/packet-openwire.c in the OpenWire dissector, which fails to properly handle a crafted packet. ... oval:org.secpod.oval:def:16007 The host is installed with Wireshark 1.8.x before 1.8.11 or 1.10.x before 1.10.3 and is prone to denial of service vulnerability. The flaw is present in the dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector, which fails to properly initialize a data structure. Successf ... oval:org.secpod.oval:def:16000 The host is installed with Wireshark 1.8.x before 1.8.11 or 1.10.x before 1.10.3 and is prone to denial of service vulnerability. The flaw is present in the epan/dissectors/packet-tcp.c in the TCP dissector, which does not properly determine the amount of remaining data. Successful exploitation allo ... oval:org.secpod.oval:def:16001 The host is installed with Wireshark 1.8.x before 1.8.11 or 1.10.x before 1.10.3 and is prone to denial of service vulnerability. The flaw is present in the dissect_openwire_type function in epan/dissectors/packet-openwire.c in the OpenWire dissector, which fails to properly handle a crafted packet. ... oval:org.secpod.oval:def:601748 Multiple vulnerabilities were discovered in the dissectors for Catapult DCT2000, IrDA, GSM Management, RLC ASN.1 BER, which could result in denial of service. oval:org.secpod.oval:def:89002189 This update for wireshark fixes the following issues: - Update to wireshark 2.2.14, fix such issues: * bsc#1088200 VUL-0: wireshark: multiple vulnerabilities fixed in 2.2.14, 2.4.6 * CVE-2018-9256: LWAPP dissector crash * CVE-2018-9260: IEEE 802.15.4 dissector crash * CVE-2018-9261: NBAP dissector c ... oval:org.secpod.oval:def:89044897 The network debugging tool wireshark was updated to version 2.2.7 to fix the following issues: - CVE-2017-9352: Bazaar dissector infinite loop - CVE-2017-9348: DOF dissector read overflow - CVE-2017-9351: DHCP dissector read overflow - CVE-2017-9346: SoulSeek dissector infinite loop - CVE-20 ... oval:org.secpod.oval:def:110036 Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. oval:org.mitre.oval:def:12049 The SigComp Universal Decompressor Virtual Machine (UDVM) in Wireshark 0.10.8 through 1.0.14 and 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to sigcomp-udvm.c and an off-by-one error, which triggers a buffer ... oval:org.mitre.oval:def:12047 Stack-based buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.14 and 1.2.0 through 1.2.9 has unknown impact and remote attack vectors. NOTE: this issue exists because of a CVE-2010-2284 regression. oval:org.secpod.oval:def:601300 wireshark is installed oval:org.secpod.oval:def:394 The host is installed with Wireshark and is prone to denial of service vulnerability. A flaw is present in the application which contains an off-by-one error. Successful exploitation allow remote attackers to cause application to crash. oval:org.secpod.oval:def:202012 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A format string flaw was found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running ... oval:org.mitre.oval:def:12031 The IPMI dissector in Wireshark 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. oval:org.secpod.oval:def:89044674 This wireshark update to version 2.2.8 fixes the following issues: Security issues fixed: - CVE-2017-11411: The openSAFETY dissectorcould crash or exhaust system memory because of missing length validation. - CVE-2017-11410: The WBXML dissector could go into an infinite loop. - CVE-2017-11408: The ... oval:org.secpod.oval:def:600692 The Microsoft Vulnerability Research group discovered that insecure load path handling could lead to execution of arbitrary Lua script code. oval:org.secpod.oval:def:41400 The host is installed with Wireshark 2.0.x through 2.0.13 or 2.2.x through 2.2.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet trace file. Successful exploitation could allow remote attackers to crash the se ... oval:org.secpod.oval:def:41401 The host is installed with Wireshark 2.0.x through 2.0.13 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet trace file. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:41402 The host is installed with Wireshark 2.0.x through 2.0.13 or 2.2.x through 2.2.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle length validation. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:41403 The host is installed with Wireshark 2.0.x through 2.0.13 or 2.2.x through 2.2.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the relationships between indexes and lengths. Successful exploitation could allow remote attackers ... oval:org.secpod.oval:def:110009 Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. oval:org.secpod.oval:def:26254 The host is installed with Wireshark 1.12.x before 1.12.7 and is prone to denial of service vulnerability. A flaw is present in the application, which does not prevent the conflicting use of a table for both IPv4 and IPv6 addresses. Successful exploitation allows remote attackers to cause a denial o ... oval:org.mitre.oval:def:5748 Unspecified vulnerability in Wireshark 0.99.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file. oval:org.secpod.oval:def:26251 The host is installed with Wireshark 1.12.x before 1.12.7 and is prone to denial of service vulnerability. A flaw is present in the application, which mishandles large tag values. Successful exploitation allows remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:26250 The host is installed with Wireshark 1.12.x before 1.12.7 and is prone to denial of service vulnerability. A flaw is present in the application, which uses incorrect integer data types. Successful exploitation allows remote attackers to cause a denial of service (infinite loop). oval:org.secpod.oval:def:26253 The host is installed with Wireshark 1.12.x before 1.12.7 and is prone to denial of service vulnerability. A flaw is present in the application, which does not check whether the expected amount of data is available. Successful exploitation allows remote attackers to cause a denial of service (applic ... oval:org.secpod.oval:def:26252 The host is installed with Wireshark 1.12.x before 1.12.7 and is prone to denial of service vulnerability. A flaw is present in the application, which does not validate a certain offset value. Successful exploitation allows remote attackers to cause a denial of service (infinite loop). oval:org.secpod.oval:def:15586 The host is installed with Wireshark 1.8.x before 1.8.10 or 1.10.x before 1.10.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to restrict the dch_id value. Successful exploitation allows attackers to cause application crash. oval:org.secpod.oval:def:41830 The host is installed with Wireshark 2.0.x before 2.0.15 or 2.2.x before 2.2.9 or 2.4.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet. Successful exploitation could allow remote attackers to crash the servic ... oval:org.secpod.oval:def:601105 Multiple vulnerabilities were discovered in the dissectors for LDAP, RTPS and NBAP and in the Netmon file parser, which could result in denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:16434 The host is installed with Wireshark 1.10.x before 1.10.4 and is prone to denial of service vulnerability. A flaw is present in the application, which incorrectly relies on a global variable. Successful exploitation allows attackers to cause application crash via a crafted packet. oval:org.secpod.oval:def:16431 The host is installed with Wireshark 1.10.x before 1.10.4 and is prone to denial of service vulnerability. A flaw is present in the application, which incorrectly relies on a global variable. Successful exploitation allows attackers to cause application crash via a crafted packet. oval:org.secpod.oval:def:15584 The host is installed with Wireshark 1.10.x before 1.10.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly maintain a certain free list. Successful exploitation allows attackers to cause application crash. oval:org.secpod.oval:def:16432 The host is installed with Wireshark 1.8.x before 1.8.12 or 1.10.x before 1.10.4 and is prone to multiple buffer overflow vulnerabilities. The flaws are present in the application, which fails to handle a long domain name in a packet. Successful exploitation allows attackers to cause application cra ... oval:org.secpod.oval:def:41834 The host is installed with Wireshark 2.4.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:41833 The host is installed with Wireshark 2.2.x before 2.2.9 or 2.4.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:41832 Wireshark (64 bit) 2.4.x series is installed oval:org.secpod.oval:def:15588 The host is installed with Wireshark 1.8.x before 1.8.10 or 1.10.x before 1.10.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle crafted packet. Successful exploitation allows attackers to cause application crash. oval:org.secpod.oval:def:16435 The host is installed with Wireshark 1.8.x before 1.8.12 or 1.10.x before 1.10.4 and is prone to multiple buffer overflow vulnerabilities. The flaws are present in the application, which fails to handle a long domain name in a packet. Successful exploitation allows attackers to cause application cra ... oval:org.secpod.oval:def:41831 Wireshark (32 bit) 2.4.x series is installed oval:org.secpod.oval:def:15589 The host is installed with Wireshark 1.8.x before 1.8.10 or 1.10.x before 1.10.2 and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle crafted packet. Successful exploitation allows attackers to cause application crash. oval:org.secpod.oval:def:41838 The host is installed with Wireshark 2.2.x before 2.2.9 or 2.4.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:41836 The host is installed with Wireshark 2.0.x before 2.0.15 or 2.2.x before 2.2.9 or 2.4.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet. Successful exploitation could allow remote attackers to crash the servic ... oval:org.secpod.oval:def:41835 The host is installed with Wireshark 2.0.x before 2.0.15 or 2.2.x before 2.2.9 or 2.4.0 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:41839 The host is installed with Wireshark 2.4.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:202056 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A format string flaw was found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running ... oval:org.secpod.oval:def:26246 The host is installed with Wireshark 1.12.x before 1.12.7 and is prone to denial of service vulnerability. A flaw is present in the application, which does not properly terminate a data structure after a failure to locate a number within a string. Successful exploitation allows remote attackers to c ... oval:org.secpod.oval:def:26248 The host is installed with Wireshark 1.12.x before 1.12.7 and is prone to denial of service vulnerability. A flaw is present in the application, which mishandles table searches for empty strings. Successful exploitation allows remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:26247 The host is installed with Wireshark 1.12.x before 1.12.7 and is prone to denial of service vulnerability. A flaw is present in the application, which does not properly consider a certain case of multiple realloc operations that restore a memory chunk to its original size. Successful exploitation al ... oval:org.secpod.oval:def:26249 The host is installed with Wireshark 1.12.x before 1.12.7 and is prone to denial of service vulnerability. A flaw is present in the application, which improperly relies on length fields contained in packet data. Successful exploitation allows remote attackers to cause a denial of service (applicatio ... oval:org.mitre.oval:def:5979 Integer overflow in wiretap/erf.c in Wireshark before 1.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted erf file, related to an "unsigned integer wrap vulnerability." oval:org.mitre.oval:def:5976 Format string vulnerability in the PROFINET/DCP (PN-DCP) dissector in Wireshark 1.0.6 and earlier allows remote attackers to execute arbitrary code via a PN-DCP packet with format string specifiers in the station name. NOTE: some of these details are obtained from third party information. oval:org.secpod.oval:def:15597 The host is installed with Wireshark 1.8.x before 1.8.10 or 1.10.x before 1.10.2 and is prone to unspecified vulnerability. A flaw is present in the application, which fails to properly handle crafted packet. Successful exploitation allows attackers to cause application crash. oval:org.secpod.oval:def:41840 The host is installed with Wireshark 2.0.x before 2.0.15 or 2.2.x before 2.2.9 or 2.4.0 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:15595 The host is installed with Wireshark 1.8.x before 1.8.10 or 1.10.x before 1.10.2 and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle crafted packet. Successful exploitation allows attackers to cause application crash. oval:org.secpod.oval:def:15593 The host is installed with Wireshark 1.8.x before 1.8.10 or 1.10.x before 1.10.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to restrict the dch_id value. Successful exploitation allows attackers to cause application crash. oval:org.secpod.oval:def:15594 The host is installed with Wireshark 1.8.x before 1.8.10 or 1.10.x before 1.10.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle crafted packet. Successful exploitation allows attackers to cause application crash. oval:org.secpod.oval:def:15591 The host is installed with Wireshark 1.8.x before 1.8.10 or 1.10.x before 1.10.2 and is prone to unspecified vulnerability. A flaw is present in the application, which fails to properly handle crafted packet. Successful exploitation allows attackers to cause application crash. oval:org.secpod.oval:def:15592 The host is installed with Wireshark 1.10.x before 1.10.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly maintain a certain free list. Successful exploitation allows attackers to cause application crash. oval:org.mitre.oval:def:5795 Unspecified vulnerability in the sFlow dissector in Wireshark 1.2.0 allows remote attackers to cause a denial of service (CPU and memory consumption) via unspecified vectors. oval:org.mitre.oval:def:11488 The SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors. oval:org.secpod.oval:def:8160 The host is installed with Wireshark 1.8.x before 1.8.4 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the epan/dissectors/packet-3g-a11.c in the 3GPP2 A11 dissector. Successful exploitation allows remote attackers to cause a denial of se ... oval:org.secpod.oval:def:8161 The host is installed with Wireshark 1.8.x before 1.8.4 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the dissect_sflow_245_address_type function in epan/dissectors/packet-sflow.c in the sFlow dissector. Successful exploitation allows re ... oval:org.secpod.oval:def:8162 The host is installed with Wireshark 1.6.x before 1.6.12 or 1.8.x before 1.8.4 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the epan/dissectors/packet-usb.c in the USB dissector. Successful exploitation allows remote attackers to cause ... oval:org.secpod.oval:def:8163 The host is installed with Wireshark 1.8.x before 1.8.4 and is prone to information disclosure vulnerability. A flaw is present in the application, which fails to handle the read operation on the pcap-ng files. Successful exploitation allows remote attackers to obtain sensitive hostname information. oval:org.secpod.oval:def:70479 The host is installed with Wireshark 3.4.0 through 3.4.3 or 3.2.0 through 3.2.11 and is prone to a denial-of-service vulnerability. A flaw is present in the application, which fails to properly handle unsafe URLs. Successful exploitation allows attackers to crash Wireshark by injecting a malformed p ... oval:org.secpod.oval:def:70478 The host is missing a security update according to Wireshark Advisory. The update is required to fix a denial-of-service vulnerability. A flaw is present in the application, which fails to properly handle unsafe URLs. Successful exploitation allows attackers to crash Wireshark by injecting a malform ... oval:org.secpod.oval:def:8157 The host is installed with Wireshark 1.6.x before 1.6.12 or 1.8.x before 1.8.4 and is prone to integer overflow vulnerability. A flaw is present in the application, which fails to handle the dissect_icmpv6 function in epan/dissectors/packet-icmpv6.c in the ICMPv6 dissector. Successful exploitation a ... oval:org.secpod.oval:def:8158 The host is installed with Wireshark 1.8.x before 1.8.4 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the dissect_eigrp_metric_comm function in epan/dissectors/packet-eigrp.c in the EIGRP dissector. Successful exploitation allows remote ... oval:org.secpod.oval:def:8156 The host is installed with Wireshark 1.6.x before 1.6.12 or 1.8.x before 1.8.4 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the dissect_isakmp function in epan/dissectors/packet-isakmp.c in the ISAKMP dissector. Successful exploitation ... oval:org.secpod.oval:def:15890 Wireshark 1.10.x (64 bit) is installed oval:org.secpod.oval:def:15889 Wireshark 1.8.x (64 bit) is installed oval:org.secpod.oval:def:89002517 This update for wireshark fixes the following issues: Security issue fixed : - CVE-2018-7335: The IEEE 802.11 dissector could crash - CVE-2018-7321: thrift long dissector loop - CVE-2018-7322: DICOM: inifinite loop - CVE-2018-7323: WCCP: very long loop - CVE-2018-7324: SCCP: infinite loop - CVE ... oval:org.mitre.oval:def:5335 The Check Point High-Availability Protocol (CPHAP) dissector in Wireshark 0.9.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FWHA_MY_STATE packet. oval:org.mitre.oval:def:6413 Unspecified vulnerability in the TLS dissector in Wireshark 1.2.0 and 1.2.1, when running on Windows, allows remote attackers to cause a denial of service (application crash) via unknown vectors related to TLS 1.2 conversations. oval:org.mitre.oval:def:11651 packet-gsm_a_rr.c in the GSM A RR dissector in Wireshark 1.2.2 through 1.2.9 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger a NULL pointer dereference. oval:org.mitre.oval:def:6416 Multiple unspecified vulnerabilities in Wireshark 1.2.0 allow remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace and is processed by the (1) Bluetooth L2CAP, (2) RADIUS, or (3) MIOP dissector. NOTE: it was later reported that the RADIUS ... oval:org.mitre.oval:def:11888 Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors. oval:org.secpod.oval:def:9091 The host is installed with Wireshark 1.6.x before 1.6.13 or 1.8.x before 1.8.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle fragment gaps. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:9092 The host is installed with Wireshark 1.6.x before 1.6.13 or 1.8.x before 1.8.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle an incorrect data type for a position variable. Successful exploitation could allow attackers to cras ... oval:org.secpod.oval:def:9093 The host is installed with Wireshark 1.6.x before 1.6.13 or 1.8.x before 1.8.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly implement certain nested loops for processing bitmap data. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:9094 The host is installed with Wireshark 1.6.x before 1.6.13 or 1.8.x before 1.8.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle apparent Ethernet address values at the beginning of MPLS data. Successful exploitation could allow a ... oval:org.mitre.oval:def:7331 The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0 through 1.2.7 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed packet trace file. oval:org.secpod.oval:def:9090 The host is installed with Wireshark 1.6.x before 1.6.13 or 1.8.x before 1.8.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly manage an offset variable. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:9099 The host is installed with Wireshark 1.6.x before 1.6.13 or 1.8.x before 1.8.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a large number of padding bits. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:9095 The host is installed with Wireshark 1.6.x before 1.6.13 or 1.8.x before 1.8.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle offset data associated with a quoted string. Successful exploitation could allow attackers to crash t ... oval:org.secpod.oval:def:9096 The host is installed with Wireshark 1.6.x before 1.6.13 or 1.8.x before 1.8.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly process crypto-suite parameters. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:9097 The host is installed with Wireshark 1.6.x before 1.6.13 or 1.8.x before 1.8.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a certain alarm length. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:9098 The host is installed with Wireshark 1.6.x before 1.6.13 or 1.8.x before 1.8.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle an incorrect data type for a counter variable. Successful exploitation could allow attackers to crash ... oval:org.secpod.oval:def:89002559 This update for wireshark fixes the following issues: Update wireshark to version 2.2.17 : Security issues fixed: - CVE-2018-16058: Bluetooth AVDTP dissector crash - CVE-2018-16056: Bluetooth Attribute Protocol dissector crash - CVE-2018-16057: Radiotap dissector crash Further bug fixes and updat ... oval:org.mitre.oval:def:6223 The WLCCP dissector in Wireshark 0.99.7 through 1.0.4 allows remote attackers to cause a denial of service (infinite loop) via unspecified vectors. oval:org.secpod.oval:def:9082 The host is installed with Wireshark 1.6.x before 1.6.13 or 1.8.x before 1.8.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a malformed packet. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:9083 The host is installed with Wireshark 1.6.x before 1.6.13 or 1.8.x before 1.8.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a malformed packet. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:9088 The host is installed with Wireshark 1.6.x before 1.6.13 or 1.8.x before 1.8.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which tries to access an inappropriate pointer. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:9089 The host is installed with Wireshark 1.6.x before 1.6.13 or 1.8.x before 1.8.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which tries to access an inappropriate pointer. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:9084 The host is installed with Wireshark 1.6.x before 1.6.13 or 1.8.x before 1.8.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a malformed packet. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:9085 The host is installed with Wireshark 1.8.x before 1.8.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle unknown profiles. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:9086 The host is installed with Wireshark 1.6.x before 1.6.13 or 1.8.x before 1.8.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly determine the length of a reassembled packet for the DTLS dissector. Successful exploitation could allow att ... oval:org.secpod.oval:def:9087 The host is installed with Wireshark 1.6.x before 1.6.13 or 1.8.x before 1.8.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly validate certain length values for the MS-MMC dissector. Successful exploitation could allow attackers to cr ... oval:org.mitre.oval:def:11608 The SMB dissector in Wireshark 0.99.6 through 1.0.13, and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors. oval:org.mitre.oval:def:11836 Buffer overflow in the SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors. oval:org.secpod.oval:def:14128 The host is installed with Wireshark 1.8.x before 1.8.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle a zero-length item. Successful exploitation allows attackers to cause a denial of service (infinite loop, and CPU and memory c ... oval:org.secpod.oval:def:14126 The host is installed with Wireshark 1.8.x before 1.8.8 and is prone to heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to validate the relationship between a record length and a trailer length. Successful exploitation allows attackers to cause a denial of ... oval:org.secpod.oval:def:14134 The host is installed with Wireshark 1.6.x before 1.6.16 or 1.8.x before 1.8.8 and is prone to denial of service vulnerability. A flaw is present in the application, which incorrectly uses a -1 data value to represent an error condition. Successful exploitation allows attackers to cause an applicati ... oval:org.secpod.oval:def:14132 The host is installed with Wireshark 1.8.x before 1.8.8 and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted packet. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:14133 The host is installed with Wireshark 1.8.x before 1.8.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly initialize memory. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:14130 The host is installed with Wireshark 1.8.x before 1.8.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to validate return values during checks for data availability. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:14131 The host is installed with Wireshark 1.8.x before 1.8.8 and is prone to array index error vulnerability. A flaw is present in the application, which fails to handle vectors related to nbap.cnf and packet-nbap.c. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:14129 The host is installed with Wireshark 1.8.x before 1.8.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted packet. Successful exploitation allows attackers to cause a denial of service (infinite loop and application hang). oval:org.secpod.oval:def:2501 The host is installed with Wireshark 1.6.x before 1.6.2 and is prone to a denial of service vulnerability. A flaw is present in the unxorFrame function in epan/dissectors/packet-opensafety.c in the OpenSafety dissector in Wireshark, which fails to validate a certain frame size. Successful exploitati ... oval:org.secpod.oval:def:2503 The host is installed with Wireshark 1.6.x before 1.6.2 and is prone to a denial of service vulnerability. A flaw is present in the csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector, which fails to initialize a certain structure member. Successful exploitation could ... oval:org.secpod.oval:def:2502 The host is installed with Wireshark 1.6.x before 1.6.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a buffer exception. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:2504 The host is installed with Wireshark 1.4.x before 1.4.9 or 1.6.x before 1.6.2 and is prone to an Untrusted search path vulnerability. A flaw is present in the application, which fails to prevent local users from gaining privileges. Successful exploitation could allow attackers to run arbitrary Lua s ... oval:org.secpod.oval:def:2184 The host is installed with Wireshark 1.6.1 and is prone to a denial of service vulnerability. A flaw is present in an application, which fails to validate the IKE packet. Successful exploitation could allow attackers to crash the application. oval:org.secpod.oval:def:2183 Wireshark is installed on Mac OS oval:org.secpod.oval:def:17141 The host is installed with Wireshark 0.99.2 through 0.99.8 and is prone to denial of service vulnerability. A flaw is present in the LDAP dissector, which fails to handle malformed packet. Successful exploitation allows remote attackers to cause a denial of service. oval:org.secpod.oval:def:17140 The host is installed with Wireshark 0.99.6 through 0.99.8 and is prone to denial of service vulnerability. A flaw is present in the "decode as" feature in packet-bssap.c in the SCCP dissector, which fails to handle malformed packet. Successful exploitation allows remote attackers to cause a denial ... oval:org.secpod.oval:def:17144 The host is installed with Wireshark 0.99.5 through 0.99.7 and is prone to denial of service vulnerability. A flaw is present in the SCTP dissector, which fails to handle malformed packet. Successful exploitation allows remote attackers to cause a denial of service. oval:org.secpod.oval:def:17143 The host is installed with Wireshark 0.99.6 through 0.99.7 and is prone to denial of service vulnerability. A flaw is present in the SNMP dissector, which fails to handle malformed packet. Successful exploitation allows remote attackers to cause a denial of service. oval:org.secpod.oval:def:17142 The host is installed with Wireshark 0.99.5 through 0.99.8 and is prone to multiple unspecified vulnerabilities. The flaws are present in the X.509sat or Roofnet dissectors, which fails to handle malformed packet. Successful exploitation allows remote attackers to cause a denial of service. oval:org.secpod.oval:def:3000 The host is installed with Wireshark 1.4.0 through 1.4.9 or 1.6.x before 1.6.3 and is prone to denial of service vulnerability. A flaw is present in the application which is caused due to an error in the Infiniband dissector that can allow a NULL pointer to be dereferenced when processing certain ma ... oval:org.secpod.oval:def:3001 The host is installed with Wireshark 1.6.x before 1.6.3 and is prone to denial of service vulnerability. A flaw is present in the CSN.1 dissector which is caused due to an error when processing certain malformed packets. Successful exploitation allows remote attackers to cause an application crash. oval:org.secpod.oval:def:3002 The host is installed with Wireshark 1.6.x before 1.6.3 and is prone to denial of service vulnerability. A flaw is present in the CSN.1 dissector which is caused due to an error when processing certain malformed packets. Successful exploitation allows remote attackers to cause an application crash. oval:org.secpod.oval:def:3003 The host is installed with Wireshark 1.4.0 through 1.4.9 or 1.6.x before 1.6.3 and is prone to denial of service vulnerability. A flaw is present in the application which is caused due to an error in the Infiniband dissector that can allow a NULL pointer to be dereferenced when processing certain ma ... oval:org.secpod.oval:def:32531 Wireshark 2.0.x is installed oval:org.secpod.oval:def:17138 The host is installed with Wireshark 0.99.3 through 1.0.0 and is prone to denial of service vulnerability. A flaw is present in the PANA and KISMET dissectors, which fails to handle malformed packet via unknown vectors. Successful exploitation allows remote attackers to cause a denial of service. oval:org.secpod.oval:def:17139 The host is installed with Wireshark 0.99.2 through 1.0.0 and is prone to denial of service vulnerability. A flaw is present in the GSM SMS dissector, which fails to handle malformed packet via unknown vectors. Successful exploitation allows remote attackers to cause a denial of service. oval:org.secpod.oval:def:40766 The host is installed with Wireshark 0.99.6 through 0.99.7 and is prone to a denial of service vulnerability. A flaw is present in the SNMP dissector, which fails to properly handle a malformed packet. Successful exploitation allows attackers to cause a denial of service (crash). oval:org.secpod.oval:def:40767 The host is installed with Wireshark 0.99.5 through 0.99.8 and is prone to a denial of service vulnerability. A flaw is present in the X.509sat and Roofnet dissector, which fails to properly handle a malformed packet. Successful exploitation allows attackers to cause a denial of service (application ... oval:org.secpod.oval:def:40765 The host is installed with Wireshark 0.99.5 through 0.99.7 and is prone to a denial of service vulnerability. A flaw is present in the SCTP dissector, which fails to properly handle a malformed packet. Successful exploitation allows attackers to cause a denial of service (crash). oval:org.secpod.oval:def:40768 The host is installed with Wireshark 0.99.2 through 0.99.8 and is prone to a denial of service vulnerability. A flaw is present in the LDAP dissector, which fails to properly handle a malformed packet. Successful exploitation allows attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:40769 The host is installed with Wireshark 0.99.6 through 0.99.8 and is prone to a denial of service vulnerability. A flaw is present in the SCCP dissector, which fails to properly handle a malformed packet. Successful exploitation allows attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:40770 The host is installed with Wireshark 0.99.2 through 1.0.0 and is prone to a denial of service vulnerability. A flaw is present in the GSM SMS dissector, which fails to properly handle unknown vectors. Successful exploitation allows attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:40771 The host is installed with Wireshark 0.99.3 through 1.0.0 and is prone to a denial of service vulnerability. A flaw is present in the PANA and KISMET dissectors, which fails to properly handle unknown vectors. Successful exploitation allows attackers to cause a denial of service (application stop). oval:org.secpod.oval:def:15587 Wireshark 1.8.x is installed oval:org.secpod.oval:def:15585 Wireshark 1.10.x is installed oval:org.secpod.oval:def:36987 Wireshark 2.2.x is installed oval:org.secpod.oval:def:45724 Wireshark 2.6.x is installed oval:org.secpod.oval:def:76884 Wireshark 3.6.x is installed oval:org.secpod.oval:def:9977 The host is installed with Wireshark 1.8.x before 1.8.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a packet with a header that is too short. Successful exploitation allows remote attackers to cause a denial of service (infinite loop). oval:org.secpod.oval:def:9976 The host is installed with Wireshark 1.8.x before 1.8.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly manage function pointers. Successful exploitation allows remote attackers to cause a denial of service (application crash) via a malf ... oval:org.secpod.oval:def:9978 The host is installed with Wireshark 1.8.x before 1.8.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a malformed packet. Successful exploitation allows remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:9973 The host is installed with Wireshark 1.8.x before 1.8.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a malformed packet. Successful exploitation allows remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:9972 The host is installed with Wireshark 1.8.x before 1.8.6 or 1.6.x before 1.6.14 and is prone to Integer signedness error vulnerability. A flaw is present in the application, which fails to handle a negative length value. Successful exploitation allows attackers to cause a denial of service (applicati ... oval:org.secpod.oval:def:40844 The host is installed Wireshark 1.2.x before 1.2.18, 1.4.x through 1.4.7 or 1.6.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle malformed packets. Successful exploitation allows remote attackers to cause a denial of service (i ... oval:org.secpod.oval:def:9975 The host is installed with Wireshark 1.8.x before 1.8.6 or 1.6.x before 1.6.14 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly manage string lengths. Successful exploitation allows remote attackers to cause a denial of service (applicati ... oval:org.secpod.oval:def:9974 The host is installed with Wireshark 1.8.x before 1.8.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle invalid Sub-tlv data. Successful exploitation allows attackers to cause denial of service (infinite loop). oval:org.secpod.oval:def:40842 The host is installed Wireshark 1.2.x before 1.2.17 or 1.4.x before 1.4.7 and is prone to a double free vulnerability. A flaw is present in the application, which fails to properly handle a packet with malformed data. Successful exploitation allows remote attackers to cause a denial of service (appl ... oval:org.secpod.oval:def:40848 The host is installed Wireshark 1.6.0 before 1.6.15 or 1.8.x before 1.8.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted packet-trace file that triggers a buffer overflow. Successful exploitation allows remote attacke ... oval:org.secpod.oval:def:40845 The host is installed Wireshark 1.6.x through 1.6.10 or 1.8.x through 1.8.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a small value for a certain length field in a capture file. Successful exploitation allows remote attack ... oval:org.secpod.oval:def:9971 The host is installed with Wireshark 1.8.x before 1.8.6 or 1.6.x before 1.6.14 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a malformed packet. Successful exploitation allows attackers to cause a denial of service (infinite loop). oval:org.secpod.oval:def:9970 The host is installed with Wireshark 1.8.x before 1.8.6 or 1.6.x before 1.6.14 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle an invalid count value in ACN_DMP_ADT_D_RE DMP data. Successful exploitation allows attackers to cause a denial ... oval:org.secpod.oval:def:9966 The host is installed with Wireshark 1.8.x before 1.8.6 and is prone to denial of service vulnerability. A flaw is present in the application, which uses incorrect integer data types. successful exploitation allows remote attackers to cause a denial of service (infinite loop) via crafted integer val ... oval:org.secpod.oval:def:9965 The host is installed with Wireshark 1.6.x before 1.6.14 or 1.8.x before 1.8.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to validate the fragment offset before invoking the reassembly state machine. Successful exploitation allows remote attack ... oval:org.secpod.oval:def:9968 The host is installed with Wireshark 1.6.x before 1.6.14 or 1.8.x before 1.8.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a malformed packet. Successful exploitation allows remote attackers to cause the application to crash. oval:org.secpod.oval:def:9967 The host is installed with Wireshark 1.8.x before 1.8.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle crafted integer values in a packet. Successful exploitation allows remote attackers to cause a denial of service (infinite loop). oval:org.secpod.oval:def:9969 The host is installed with 1.6.x before 1.6.14 or 1.8.x before 1.8.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a malformed packet. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:500336 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A heap-based buffer overflow flaw was found in the Wireshark Local Download Sharing Service dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could cras ... oval:org.secpod.oval:def:500536 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A format string flaw was found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running ... oval:org.secpod.oval:def:500306 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Multiple buffer overflow flaws were found in the Wireshark SigComp Universal Decompressor Virtual Machine dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, ... oval:org.secpod.oval:def:1259 The host is installed with Wireshark and is prone to NULL pointer dereference vulnerability. A flaw is present in the application which is caused by an error in the desegment_tcp() function when handling TCP segments. Successful exploitation allows remote attacker to cause the application to crash. oval:org.secpod.oval:def:1263 The host is installed with Wireshark and is prone to denial of service vulnerability. A flaw is present in the application, which is due to double free vulnerability in tvb_uncompress function in epan/tvbuff.c. Successful exploitation could allow attackers to crash the application via packet with ma ... oval:org.secpod.oval:def:17116 The host is installed with Wireshark 1.2.0 through 1.2.13 or 1.4.0 through 1.4.2 and is prone to buffer overflow vulnerability. A flaw is present in the MAC-LTE dissector (epan/dissectors/packet-mac-lte.c), which fails to handle large number of RARs. Successful exploitation allows attackers to cause ... oval:org.secpod.oval:def:17115 The host is installed with Wireshark 1.4.0 through 1.4.2 and is prone to denial of service vulnerability. A flaw is present in the ASN.1 BER dissector, which fails to handle crafted packets, as demonstrated by fuzz-2010-12-30-28473.pcap. Successful exploitation allows attackers to cause a denial of ... oval:org.secpod.oval:def:17119 The host is installed with Wireshark 0.9.0 through 1.2.4 and is prone to NULL pointer dereference vulnerability. A flaw is present in the application SMB and SMB2 dissectors, which fails to handle a crafted packet that triggers a NULL pointer dereference, as demonstrated by fuzz-2009-12-07-11141.pca ... oval:org.secpod.oval:def:17118 The host is installed with Wireshark 1.4.x before 1.4.1 or 1.2.x before 1.2.12 and is prone to stack consumption vulnerability. A flaw is present in the dissect_ber_unknown function in epan/dissectors/packet-ber.c in the BER dissector, which fails to handle a long string in an unknown ASN.1/BER enco ... oval:org.secpod.oval:def:17117 The host is installed with Wireshark 1.4.2 and is prone to buffer overflow vulnerability. A flaw is present in the sect_enttec_dmx_da function in epan/dissectors/packet-enttec.c, which fails to handle a crafted ENTTEC DMX packet with Run Length Encoding (RLE) compression. Successful exploitation all ... oval:org.secpod.oval:def:17111 The host is installed with Wireshark 1.6.x through 1.6.10 or 1.8.x through 1.8.2 and is prone to denial of service vulnerability. A flaw is present in the dissect_drda function in epan/dissectors/packet-drda.c, which fails to properly handle a small value for a certain length field in a capture file ... oval:org.secpod.oval:def:17110 The host is installed with Wireshark 1.6.x before 1.6.15 or 1.8.x before 1.8.7 and is prone to denial of service vulnerability. A flaw is present in the fragment_add_seq_common function in epan/reassemble.c in the ASN.1 BER dissector, which fails to handle a malformed packet. Successful exploitation ... oval:org.secpod.oval:def:17146 The host is installed with Wireshark 1.4.0 through 1.4.1 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted ZCL packet, related to Discover Attributes. Successful exploitation allows remote attackers to cause a denial of service. oval:org.secpod.oval:def:17145 The host is installed with Wireshark 1.2.0 through 1.2.12 or 1.4.0 through 1.4.1 and is prone to heap based buffer overflow vulnerability. A flaw is present in the application, which fails to handle an LDSS packet with a long digest line in the dissect_ldss_transfer function (epan/dissectors/packet- ... oval:org.secpod.oval:def:17127 The host is installed with Wireshark 0.99.2 through 1.0.3 and is prone to denial of service vulnerability. A flaw is present in the dissect_btacl function in packet-bthci_acl.c in the Bluetooth ACL dissector, which fails to handle packet with an invalid length, related to an erroneous tvb_memcpy cal ... oval:org.secpod.oval:def:17126 The host is installed with Wireshark 0.99.2 through 1.0.3 and is prone to denial of service vulnerability. A flaw is present in the packet-frame, which fails to handle exceptions thrown by post dissectors, via a certain series of packets, as demonstrated by enabling the (1) PRP or (2) MATE post diss ... oval:org.secpod.oval:def:17125 The host is installed with Wireshark 0.10.3 through 1.0.3 and is prone to use-after-free vulnerability. A flaw is present in the dissect_q931_cause_ie function in packet-q931.c in the Q.931 dissector, which fails to properly handle certain packets that trigger an exception. Successful exploitation a ... oval:org.secpod.oval:def:17124 The host is installed with Wireshark 1.0.4 and earlier and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle long SMTP request, which triggers an infinite loop. Successful exploitation allows attackers to cause a denial of service. oval:org.secpod.oval:def:17129 The host is installed with Wireshark 0.99.7 through 1.0.3 and is prone to unspecified vulnerability. A flaw is present in the packet-usb.c in the Bluetooth RFCOMM dissector, which fails to handle unknown packets. Successful exploitation allows attackers to cause a denial of service (application cras ... oval:org.secpod.oval:def:17128 The host is installed with Wireshark 0.99.7 through 1.0.3 and is prone to denial of service vulnerability. A flaw is present in the wtap.c, which fails to properly handle malformed Tamos CommView capture file (aka .ncf file) with an "unknown/unexpected packet type" that triggers a failed assertion. ... oval:org.secpod.oval:def:17123 The host is installed with Wireshark 0.99.7 through 1.0.5 and is prone to buffer overflow vulnerability. A flaw is present in the wiretap/netscreen.c, which fails to handle a malformed NetScreen snoop file. Successful exploitation allows attackers to cause a denial of service (crash). oval:org.secpod.oval:def:17122 The host is installed with Wireshark 0.99.6 through 1.0.5 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted Tektronix K12 text capture file, as demonstrated by a file with exactly one frame. Successful exploitation allows attackers ... oval:org.secpod.oval:def:17121 The host is installed with Wireshark 0.8.20 through 1.0.7 and is prone to unspecified vulnerability. A flaw is present in the PCNFSD dissector, which fails to handle crafted PCNFSD packets. Successful exploitation allows attackers to cause a denial of service (crash). oval:org.secpod.oval:def:17120 The host is installed with Wireshark 1.2.0 through 1.2.4 and is prone to buffer overflow vulnerability. A flaw is present in the daintree_sna_read function in the Daintree SNA file parser, which fails to handle crafted packet. Successful exploitation allows attackers to cause a denial of service (cr ... oval:org.secpod.oval:def:17137 The host is installed with Wireshark 0.99.8 through 1.0.0 and is prone to denial of service vulnerability. A flaw is present in the RTMPT dissector, which fails to handle malformed packet via unknown vectors. Successful exploitation allows remote attackers to cause a denial of service. oval:org.secpod.oval:def:17136 The host is installed with Wireshark 1.0.0 and is prone to denial of service vulnerability. A flaw is present in the syslog dissector, which fails to handle malformed packet via unknown vectors, possibly related to an "incomplete SS7 MSU syslog encapsulated packet". Successful exploitation allows re ... oval:org.secpod.oval:def:17135 The host is installed with Wireshark 0.9.5 through 1.0.0 and is prone to unspecified vulnerability. A flaw is present in the RMI dissector, which fails to properly handle unspecified vectors. Successful exploitation allows remote attackers to obtain potentially sensitive information to disclose syst ... oval:org.secpod.oval:def:17130 The host is installed with Wireshark 0.99.7 through 1.0.3 and is prone to denial of service vulnerability. A flaw is present in the packet-usb.c in the USB dissector, which fails to handle a malformed USB Request Block (URB). Successful exploitation allows attackers to cause a denial of service (cra ... oval:org.secpod.oval:def:17134 The host is installed with Wireshark 0.8.19 through 1.0.1 and is prone to denial of service vulnerability. A flaw is present in the fragment_add_work function in epan/reassemble.c, which fails to handle a series of fragmented packets with non-sequential fragmentation offset values. Successful exploi ... oval:org.secpod.oval:def:17133 The host is installed with Wireshark 0.9.7 through 1.0.2 and is prone to multiple buffer overflows vulnerabilities. The flaws are present in the in the packet_ncp2222.inc, which fails to handle a crafted NCP packet that causes an invalid pointer to be used. Successful exploitation allows attackers t ... oval:org.secpod.oval:def:17131 The host is installed with Wireshark 0.10.14 through 1.0.2 and is prone to denial of service vulnerability. A flaw is present in the tvb_uncompress function, which fails to handle a crafted packet with crafted zlib-compressed data that triggers an invalid read in the tvb_uncompress function. Success ... oval:org.secpod.oval:def:40773 The host is installed with Wireshark 1.0.0 and is prone to a denial of service vulnerability. A flaw is present in the syslog dissector, which fails to properly handle unknown vectors. Successful exploitation allows attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:40774 The host is installed with Wireshark 0.9.5 through 1.0.0 and is prone to an unspecified vulnerability. A flaw is present in the RMI dissector, which fails to properly handle unspecified vectors. Successful exploitation allows remote attackers to read system memory. oval:org.secpod.oval:def:40772 The host is installed with Wireshark 0.99.8 through 1.0.0 and is prone to a denial of service vulnerability. A flaw is present in the RTMPT dissector, which fails to properly handle unknown vectors. Successful exploitation allows attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:40778 The host is installed with Wireshark 0.10.14 through 1.0.2 and is prone to a denial of service vulnerability. A flaw is present in the tvb_uncompress function, which fails to properly handle a packet with crafted zlib-compressed data that triggers an invalid read. Successful exploitation allows remo ... oval:org.secpod.oval:def:40775 The host is installed with Wireshark 0.8.19 through 1.0.1 and is prone to a denial of service vulnerability. A flaw is present in the fragment_add_work function, which fails to properly handle series of fragmented packets with non-sequential fragmentation offset values. Successful exploitation allow ... oval:org.secpod.oval:def:40776 The host is installed with Wireshark 0.9.7 through 1.0.2 and is prone to an arbitrary code execution vulnerability. A flaw is present in the packet_ncp2222.inc function, which fails to properly handle crafted NCP packet. Successful exploitation allows remote attackers to cause a denial of service (a ... oval:org.secpod.oval:def:40779 The host is installed with Wireshark 0.99.6 through 1.0.2 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle a crafted Tektronix .rf5 file. Successful exploitation allows remote attackers to cause a denial of service (crash). oval:org.secpod.oval:def:40780 The host is installed with Wireshark 0.99.7 through 1.0.3 and is prone to a denial of service vulnerability. A flaw is present in the USB dissector, which fails to properly handle a malformed USB Request Block (URB). Successful exploitation allows remote attackers to cause a denial of service (appli ... oval:org.secpod.oval:def:40781 The host is installed with Wireshark 0.99.7 through 1.0.3 and is prone to an unspecified vulnerability. A flaw is present in the RFCOMM dissector, which fails to properly handle unknown packets. Successful exploitation allows remote attackers to cause a denial of service (application crash or abort) ... oval:org.secpod.oval:def:40784 The host is installed with Wireshark 0.99.2 through 1.0.3 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle exceptions thrown by post dissectors. Successful exploitation allows remote attackers to cause a denial of service (applic ... oval:org.secpod.oval:def:40785 The host is installed with Wireshark 0.10.3 through 1.0.3 and is prone to an use-after-free vulnerability. A flaw is present in the Q.931 dissector, which fails to properly handle certain packets that trigger an exception. Successful exploitation allows remote attackers to cause a denial of service ... oval:org.secpod.oval:def:40782 The host is installed with Wireshark 0.99.7 through 1.0.3 and is prone to a denial of service vulnerability. A flaw is present in the applications, which fails to properly handle malformed Tamos CommView capture file. Successful exploitation allows remote attackers to cause a denial of service (appl ... oval:org.secpod.oval:def:40783 The host is installed with Wireshark 0.99.2 through 1.0.3 and is prone to a denial of service vulnerability. A flaw is present in the Bluetooth ACL dissector, which fails to properly handle a packet with an invalid length. Successful exploitation allows remote attackers to cause a denial of service ... oval:org.secpod.oval:def:40788 The host is installed with Wireshark 0.99.7 through 1.0.5 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a malformed NetScreen snoop file. Successful exploitation allows user-assisted remote attackers to cause a denial of service ... oval:org.secpod.oval:def:40789 The host is installed with Wireshark 0.99.6 through 1.0.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted Tektronix K12 text capture file. Successful exploitation allows user-assisted remote attackers to cause a denial ... oval:org.secpod.oval:def:40786 The host is installed with Wireshark through 1.0.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a long SMTP request, which triggers an infinite loop. Successful exploitation allows remote attackers to cause a denial of servic ... oval:org.secpod.oval:def:40787 The host is installed with Wireshark 0.99.7 through 1.0.4 and is prone to a denial of service vulnerability. A flaw is present in the WLCCP dissector, which fails to properly handle a unspecified vectors. Successful exploitation allows remote attackers to cause a denial of service (infinite loop). oval:org.secpod.oval:def:40791 The host is installed with Wireshark through 1.0.6 and is prone to a format string vulnerability. A flaw is present in the application, which fails to properly handle a PN-DCP packet with format string specifiers. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:40792 The host is installed with Wireshark through 1.0.7 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows remote attackers to have unknown impact and attack vectors. oval:org.secpod.oval:def:40790 The host is installed with Wireshark 0.99.8 through 1.0.5 and is prone to a format string vulnerability. A flaw is present in the application, which fails to properly handle format string specifiers. Successful exploitation allows remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:40795 The host is installed with Wireshark 0.99.6 through 1.0.6 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle a crafted Tektronix .rf5 file. Successful exploitation allows remote attackers to cause a denial of service (crash). oval:org.secpod.oval:def:40796 The host is installed with Wireshark 0.8.20 through 1.0.7 and is prone to an unspecified vulnerability. A flaw is present in the PCNFSD dissector, which fails to properly handle via crafted PCNFSD packets. Successful exploitation allows remote attackers to cause a denial of service (crash). oval:org.secpod.oval:def:40793 The host is installed with Wireshark 0.99.2 through 1.0.6 and is prone to an unspecified vulnerability. A flaw is present in the LDAP dissector, which fails to properly handle unknown attack vectors. Successful exploitation allows remote attackers to cause a denial of service (crash). oval:org.secpod.oval:def:40794 The host is installed with Wireshark 0.9.6 through 1.0.6 and is prone to a denial of service vulnerability. A flaw is present in the CPHAP dissector, which fails to properly handle a crafted FWHA_MY_STATE packet. Successful exploitation allows remote attackers to cause a denial of service (crash). oval:org.secpod.oval:def:40799 The host is installed with Wireshark 1.2.0 and is prone to an unspecified vulnerability. A flaw is present in the sFlow dissector, which fails to properly handle unspecified vectors. Successful exploitation allows remote attackers to cause a denial of service (CPU and memory consumption). oval:org.secpod.oval:def:40797 The host is installed with Wireshark 1.2.0 and is prone to a buffer overflow vulnerability. A flaw is present in the IPMI dissector, which fails to properly handle unspecified vectors. Successful exploitation allows remote attackers to cause a denial of service (crash). oval:org.secpod.oval:def:40798 The host is installed with Wireshark 1.2.0 or wireshark 0.10.13 through 1.0.9 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle file that records a malformed packet trace. Successful exploitation allows remote attackers to cause a deni ... oval:org.secpod.oval:def:41837 Wireshark 2.4.x is installed oval:org.secpod.oval:def:40800 The host is installed with Wireshark 0.9.2 through 1.2.0 and is prone to an unspecified vulnerability. A flaw is present in the AFS dissector, which fails to properly handle unspecified vectors. Successful exploitation allows remote attackers to cause a denial of service (crash). oval:org.secpod.oval:def:40803 The host is installed with Wireshark 1.2.0 through 1.2.1 and is prone to an unspecified vulnerability. A flaw is present in the GSM A RR dissector, which fails to properly handle unknown vectors related. Successful exploitation allows remote attackers to cause a denial of service (application crash) ... oval:org.secpod.oval:def:40804 The host is installed with Wireshark 1.2.0 through 1.2.2 and is prone to an unspecified vulnerability. A flaw is present in the Paltalk dissector, which fails to properly handle a file that records a malformed packet trace. Successful exploitation allows remote attackers to cause a denial of service ... oval:org.secpod.oval:def:40801 The host is installed with Wireshark 1.0.6 through 1.2.0 and is prone to an unspecified vulnerability. A flaw is present in the Infiniband dissector, which fails to properly handle unspecified vectors. Successful exploitation allows remote attackers to cause a denial of service (crash). oval:org.secpod.oval:def:40802 The host is installed with Wireshark 0.99.6 through 1.0.8 or 1.2.0 through 1.2.1 and is prone to an unspecified vulnerability. A flaw is present in the OpcUa dissector, which fails to properly handle malformed OPCUA Service CallRequest packets. Successful exploitation allows remote attackers to caus ... oval:org.secpod.oval:def:40808 The host is installed with Wireshark 1.2.0 through 1.2.4 and is prone to a buffer overflow vulnerability. A flaw is present in the Daintree SNA file parser, which fails to properly handle a crafted packted. Successful exploitation allows remote attackers to cause a denial of service (crash) and poss ... oval:org.secpod.oval:def:500672 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Multiple buffer overflow flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malformed dump file, it could crash or, possibly, execute arbitrary code as the us ... oval:org.secpod.oval:def:40809 The host is installed with Wireshark 0.9.0 through 1.2.4 and is prone to a denial of service vulnerability. A flaw is present in the SMB and SMB2 dissectors, which fails to properly handle a crafted packet that triggers a NULL pointer dereference. Successful exploitation allows remote attackers to c ... oval:org.secpod.oval:def:1503276 Updated wireshark packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, i ... oval:org.secpod.oval:def:60888 Wireshark 3.2.x is installed oval:org.secpod.oval:def:40810 The host is installed with Wireshark 1.2.0 through 1.2.4 and is prone to a denial of service vulnerability. A flaw is present in the IPMI dissectors, which fails to properly handle a crafted packet. Successful exploitation allows remote attackers to cause a denial of service (crash). oval:org.secpod.oval:def:40811 The host is installed with Wireshark 0.9.15 through 1.0.10 or 1.2.0 through 1.2.5 and is prone to a buffer overflow vulnerability. A flaw is present in the LWRES dissectors, which fails to properly handle a malformed packet. Successful exploitation allows remote attackers to cause a denial of servic ... oval:org.secpod.oval:def:40814 The host is installed with Wireshark 0.10.13 through 1.0.13 or 1.2.0 through 1.2.8 and is prone to a buffer overflow vulnerability. A flaw is present in the ASN.1 BER dissectors, which fails to properly handle a unknown vectors. Successful exploitation allows remote attackers to cause unknown impact ... oval:org.secpod.oval:def:40815 The host is installed with Wireshark 0.8.20 through 1.0.13 or 1.2.0 through 1.2.8 and is prone to a denial of service vulnerability. A flaw is present in the SMB PIPE dissectors, which fails to properly handle a unknown vectors. Successful exploitation allows remote attackers to cause denial of serv ... oval:org.secpod.oval:def:40812 The host is installed with Wireshark 0.9.6 through 1.0.12 or 1.2.0 through 1.2.7 and is prone to a denial of service vulnerability. A flaw is present in the DOCSIS dissectors, which fails to properly handle a malformed packet. Successful exploitation allows remote attackers to cause a denial of serv ... oval:org.secpod.oval:def:40813 The host is installed with Wireshark 0.99.6 through 1.0.13 or 1.2.0 through 1.2.8 and is prone to a denial of service vulnerability. A flaw is present in the SMB dissectors, which fails to properly handle a unknown vectors. Successful exploitation allows remote attackers to cause a denial of service ... oval:org.secpod.oval:def:40818 The host is installed with Wireshark 1.2.2 through 1.2.9 and is prone to a denial of service vulnerability. A flaw is present in the GSM A RR dissector, which fails to properly handle a unknown vectors. Successful exploitation allows remote attackers to cause a denial of service (crash). oval:org.secpod.oval:def:40819 The host is installed with Wireshark 1.2.0 through 1.2.9 and is prone to a denial of service vulnerability. A flaw is present in the IPMI dissector, which fails to properly handle a unknown vectors. Successful exploitation allows remote attackers to cause a denial of service (infinite loop). oval:org.secpod.oval:def:40816 The host is installed with Wireshark 0.10.7 through 1.0.13 or 1.2.0 through 1.2.8 and is prone to a denial of service vulnerability. A flaw is present in the SigComp Universal Decompressor Virtual Machine dissector, which fails to properly handle a unknown vectors. Successful exploitation allows rem ... oval:org.secpod.oval:def:40817 The host is installed with Wireshark 0.10.8 through 1.0.13 or 1.2.0 through 1.2.8 and is prone to a buffer overflow vulnerability. A flaw is present in the SigComp Universal Decompressor Virtual Machine dissector, which fails to properly handle a unknown vectors. Successful exploitation allows remot ... oval:org.secpod.oval:def:40821 The host is installed with Wireshark 0.10.8 through 1.0.14 or 1.2.0 through 1.2.9 and is prone to a denial of service vulnerability. A flaw is present in the SigComp Universal Decompressor Virtual Machine, which fails to properly handle vectors related to sigcomp-udvm.c and an off-by-one error. Succ ... oval:org.secpod.oval:def:40822 The host is installed with Wireshark 1.4.x before 1.4.1 or 1.2.x before 1.2.12 and is prone to a stack consumption vulnerability. A flaw is present in the BER dissector, which fails to properly handle a long string in an unknown ASN.1/BER encoded packet. Successful exploitation allows remote attacke ... oval:org.secpod.oval:def:40820 The host is installed with Wireshark 0.10.13 through 1.0.14 or 1.2.0 through 1.2.9 and is prone to a stack-based buffer overflow vulnerability. A flaw is present in the ASN.1 BER dissector, which fails to properly handle a unknown vectors. Successful exploitation allows remote attackers to cause unk ... oval:org.secpod.oval:def:40825 The host is installed with Wireshark 1.4.2 and is prone to a buffer overflow vulnerability. A flaw is present application, which fails to properly handle a crafted ENTTEC DMX packet. Successful exploitation allows remote attackers to cause a denial of service (application crash) or possibly execute ... oval:org.secpod.oval:def:40823 The host is installed with Wireshark 1.4.x before 1.4.1 or 1.2.x before 1.2.12 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the LDSS dissector, which fails to properly handle vectors related to sigcomp-udvm.c and an off-by-one error. Successful exploitation allows ... oval:org.secpod.oval:def:40824 The host is installed with Wireshark 1.4.x through 1.4.1 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the ZigBee ZCL dissector, which fails to properly handle a crafted ZCL packet. Successful exploitation allows remote attackers to cause a denial of service (infin ... oval:org.secpod.oval:def:1517 The host is installed with Wireshark and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle Lucent/Ascend file parser when processing malformed packets. Successful exploitation allows remote attacker to cause denial of service condition. oval:org.secpod.oval:def:40827 The host is installed Wireshark 1.2.0 through 1.2.13 or 1.4.0 through 1.4.2 and is prone to a buffer overflow vulnerability. A flaw is present MAC-LTE dissector, which fails to properly handle a large number of RARs. Successful exploitation allows remote attackers to cause a denial of service (crash ... oval:org.secpod.oval:def:40828 The host is installed Wireshark 1.4.0 through 1.4.2 and is prone to a denial of service vulnerability. A flaw is present ASN.1 BER dissector, which fails to properly handle crafted packets. Successful exploitation allows remote attackers to cause a denial of service (assertion failure). oval:org.secpod.oval:def:40837 The host is installed Wireshark 1.4.x before 1.4.5 and is prone to a stack based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle crafted .pcap file. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:40838 The host is installed Wireshark 1.4.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle arbitrary TCP traffic. Successful exploitation allows remote attackers to cause a denial of service (NULL pointer dereference and application ... oval:org.mitre.oval:def:7576 The IPMI dissector in Wireshark 1.2.0 through 1.2.4, when running on Windows, allows remote attackers to cause a denial of service (crash) via a crafted packet, related to "formatting a date/time using strftime." oval:org.secpod.oval:def:201747 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Multiple buffer overflow flaws were found in the Wireshark SigComp Universal Decompressor Virtual Machine dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, ... oval:org.secpod.oval:def:54380 Wireshark 3.0.x is installed oval:org.secpod.oval:def:201718 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Multiple buffer overflow flaws were found in the Wireshark SigComp Universal Decompressor Virtual Machine dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, ... oval:org.secpod.oval:def:500260 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. An array index error, leading to a stack-based buffer overflow, was found in the Wireshark ENTTEC dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could ... oval:org.secpod.oval:def:87095 Wireshark (64 bit) 4.0.x series is installed oval:org.secpod.oval:def:87096 Wireshark (32 bit) 4.0.x series is installed oval:org.secpod.oval:def:89047320 This update for wireshark fixes the following issues: Update wireshark to 3.4.6. Including a fix for: - DVB-S2-BB dissector infinite loop . oval:org.secpod.oval:def:204218 The wireshark packages contain a network protocol analyzer used to capture and browse the traffic running on a computer network. Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump f ... oval:org.secpod.oval:def:1260 The host is installed with Wireshark and is prone to denial of service vulnerability. A flaw is present in the application which is due to an error in DICOM dissector when processing certain malformed packets. Successful exploitation allows remote attacker to cause denial of service condition. oval:org.secpod.oval:def:40839 The host is installed Wireshark 1.2.x before 1.2.17 or 1.4.x before 1.4.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle invalid PDU length. Successful exploitation allows remote attackers to cause a denial of service (applicat ... oval:org.secpod.oval:def:945 The host is installed with Wireshark and is prone to denial of service vulnerability. A flaw is present in the X.509if dissector, which fails to properly initialize certain global variables. Successful exploitation could allow remote attackers to cause a denial of service via crafted .pcap files. oval:org.secpod.oval:def:40836 The host is installed Wireshark 1.2.x before 1.2.16 or 1.4.x before 1.4.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle crafted .pcap file. Successful exploitation allows remote attackers to cause a denial of service (applicat ... oval:org.secpod.oval:def:558 The host is installed with Wireshark and is prone to heap based buffer overflow vulnerability. A flaw is present in wiretap/pcapng.c, which fails to safely read malformed packets. Successful exploitation could allow remote attackers to execute arbitrary code, obtain sensitive information or causes d ... oval:org.secpod.oval:def:40826 The host is installed wireshark with before 1.2 and is prone to a heap-based buffer overflow vulnerability. A flaw is present application, which fails to properly handle a crafted capture file. Successful exploitation allows remote attackers to cause a denial of service (application crash) or possib ... oval:org.secpod.oval:def:17132 The host is installed with Wireshark 0.9.7 through 1.0.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted NCP packet that triggers an infinite loop. Successful exploitation allows attackers to cause a denial of service (crash). oval:org.secpod.oval:def:40777 The host is installed with Wireshark 0.9.7 through 1.0.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle crafted NCP packet that triggers an infinite loop. Successful exploitation allows remote attackers to cause a denial of ser ... oval:org.secpod.oval:def:89003260 This update for wireshark to version 2.4.14 fixes the following issues: Security issues fixed: - CVE-2019-10895: NetScaler file parser crash. - CVE-2019-10899: SRVLOC dissector crash. - CVE-2019-10894: GSS-API dissector crash. - CVE-2019-10896: DOF dissector crash. - CVE-2019-10901: LDSS dissector c ... oval:org.secpod.oval:def:54562 The host is installed with Wireshark 2.6.0 to 2.6.7, 2.4.0 to 2.4.13 or 3.0.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle issues in epan/dissectors/packet-dof.c file. Successful exploitation allows attackers to crash the DOF ... oval:org.secpod.oval:def:55055 wireshark: network traffic analyzer Wireshark could be made to crash if it received specially crafted network traffic or input files. oval:org.secpod.oval:def:54567 The host is installed with Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7 or 3.0.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the issues in epan/dissectors/packet-ldss.c file. Successful exploitation allows attackers to crash t ... oval:org.secpod.oval:def:54569 The host is installed with Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7 or 3.0.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the issues in DCERPC SPOOLSS dissector file. Successful exploitation allows attackers to crash the DCE ... oval:org.secpod.oval:def:54558 The host is installed with Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7 or 3.0.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle an issue in epan/dissectors/packet-gssapi.c file. Successful exploitation allows attackers to crash th ... oval:org.secpod.oval:def:112496 Metapackage with installs wireshark-cli and wireshark-qt. oval:org.secpod.oval:def:507701 The wireshark packages contain a network protocol analyzer used to capture and browse the traffic running on a computer network. Security Fix: * wireshark: f5ethtrailer Infinite loop in legacy style dissector For more details about the security issue, including the impact, a CVSS score, acknowledgm ... oval:org.secpod.oval:def:3300394 SUSE Security Update: Security update for wireshark oval:org.secpod.oval:def:204268 Wireshark, previously known as Ethereal, is a network protocol analyzer, which is used to capture and browse the traffic running on a computer network. Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or op ... oval:org.secpod.oval:def:204662 The wireshark packages contain a network protocol analyzer used to capture and browse the traffic running on a computer network. Security Fix: * Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a ... oval:org.secpod.oval:def:3300909 SUSE Security Update: Security update for wireshark oval:org.secpod.oval:def:89050362 This update for wireshark fixes the following issues: - wireshark was updated to 3.2.8: - CVE-2020-26575: Fixed an issue where FBZERO dissector was entering in infinite loop - CVE-2020-28030: Fixed an issue where GQUIC dissector was crashing * Infinite memory allocation while parsing this tcp pack ... oval:org.secpod.oval:def:89050645 This update for wireshark to version 2.4.12 fixes the following issues: Security issues fixed: - CVE-2019-5717: Fixed a denial of service in the P_MUL dissector - CVE-2019-5718: Fixed a denial of service in the RTSE dissector and other dissectors - CVE-2019-5719: Fixed a denial of service in the I ... oval:org.secpod.oval:def:89050689 This update for wireshark to version 2.4.15 fixes the following issues: Security issue fixed: - Fixed a denial of service in the dissection engine . oval:org.secpod.oval:def:89050690 This update for wireshark to version 2.4.13 fixes the following issues: Security issues fixed: - CVE-2019-9214: Avoided a dereference of a null coversation which could make RPCAP dissector crash . - CVE-2019-9209: Fixed a buffer overflow in time values which could make ASN.1 BER and related dissecto ... oval:org.secpod.oval:def:89050798 This update for wireshark to version 2.4.14 fixes the following issues: Security issues fixed: - CVE-2019-10895: NetScaler file parser crash. - CVE-2019-10899: SRVLOC dissector crash. - CVE-2019-10894: GSS-API dissector crash. - CVE-2019-10896: DOF dissector crash. - CVE-2019-10901: LDSS dissector c ... oval:org.secpod.oval:def:89050886 This update for wireshark to version 2.4.16 fixes the following issues: Security issue fixed: - CVE-2019-13619: ASN.1 BER and related dissectors crash . oval:org.secpod.oval:def:3301226 SUSE Security Update: Security update for wireshark oval:org.secpod.oval:def:19500156 A NULL pointer exception flaw was found in Wireshark. A process failure on crafted or malformed input in the IPPUSB dissector can cause a denial of service via a packet injection or a crafted capture file. A NULL pointer exception flaw was found in Wireshark. A process failure on crafted or malforme ... oval:org.mitre.oval:def:8490 Multiple buffer overflows in the LWRES dissector in Wireshark 0.9.15 through 1.0.10 and 1.2.0 through 1.2.5 allow remote attackers to cause a denial of service (crash) via a malformed packet, as demonstrated using a stack-based buffer overflow to the dissect_getaddrsbyname_request function. oval:org.secpod.oval:def:201827 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. An invalid pointer dereference flaw was found in the Wireshark SMB and SMB2 dissectors. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, ... oval:org.secpod.oval:def:40805 The host is installed with Wireshark 0.10.10 through 1.0.9 or 1.2.0 through 1.2.2 and is prone to a denial of service vulnerability. A flaw is present in the DCERPC/NT dissector, which fails to properly handle a file that records a malformed packet trace. Successful exploitation allows remote attack ... oval:org.secpod.oval:def:40806 The host is installed with Wireshark 1.2.0 through 1.2.2 and is prone to a denial of service vulnerability. A flaw is present in the SMB dissector, which fails to properly handle a file that records a malformed packet trace. Successful exploitation allows remote attackers to cause a denial of servic ... oval:org.mitre.oval:def:6005 The DCERPC/NT dissector in Wireshark 0.10.10 through 1.0.9 and 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a file that records a malformed packet trace. NOTE: some of these details are obtained from third party inform ... oval:org.secpod.oval:def:201744 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. An invalid pointer dereference flaw was found in the Wireshark SMB and SMB2 dissectors. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, ... oval:org.secpod.oval:def:500291 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. An invalid pointer dereference flaw was found in the Wireshark SMB and SMB2 dissectors. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, ... oval:org.mitre.oval:def:6049 Off-by-one error in the dissect_negprot_response function in packet-smb.c in the SMB dissector in Wireshark 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace. NOTE: some of these details are obtained from th ... oval:org.secpod.oval:def:1506682 [1:3.4.10-4] - Resolves: #2152064 - CVE-2022-3190 wireshark: f5ethtrailer Infinite loop in legacy style dissector [1:3.4.10-3] - Resolves: #2083581 - capinfos aborts in FIPS [1:3.4.10-2] - Resolves: #2160648 - Enhanced TMT testing for centos-stream oval:org.secpod.oval:def:121705 Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful features including a rich ... oval:org.secpod.oval:def:121699 Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful features including a rich ... oval:org.secpod.oval:def:1801679 It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.marked the task master as completedmarked the task 3.11-stable as completed oval:org.secpod.oval:def:1801621 It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. oval:org.secpod.oval:def:1801475 It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Affected versions: 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, 2.4.0 to 2.4.14 Fixed versions: 3.0.2, 2.6.9, 2.4.15 oval:org.secpod.oval:def:1801435 It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Affected versions: 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, 2.4.0 to 2.4.14 Fixed versions: 3.0.2, 2.6.9, 2.4.15 oval:org.secpod.oval:def:1801408 CVE-2019-10894: GSS-API dissector crash¶ Affected versions: 3.0.0, 2.6.0 to 2.6.7, 2.4.0 to 2.4.13 Fixed versions: 3.0.1, 2.6.8, 2.4.14 oval:org.secpod.oval:def:116259 Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful features including a rich ... oval:org.secpod.oval:def:1801357 CVE-2019-9209: ASN.1 BER and related dissectors crash Affected versions: 2.6.0 to 2.6.6, 2.4.0 to 2.4.12 Fixed versions: 2.6.7, 2.4.13 oval:org.secpod.oval:def:1801313 CVE-2019-5717: P_MUL dissector crash¶ Affected versions: 2.6.0 to 2.6.5, 2.4.0 to 2.4.11 Fixed versions: 2.6.6, 2.4.12 oval:org.secpod.oval:def:1801156 CVE-2018-16056: Bluetooth Attribute Protocol dissector crash¶ Affected versions: 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, 2.2.0 to 2.2.16 Fixed versions: 2.6.3, 2.4.9, 2.2.17 oval:org.secpod.oval:def:1801103 CVE-2018-14339: MMSE dissector infinite loop Affected versions: 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, 2.2.0 to 2.2.15 Fixed versions: 2.6.2, 2.4.8, 2.2.16 oval:org.secpod.oval:def:1801003 CVE-2018-11356: DNS dissector crash¶ Affected versions: 2.6.0, 2.4.0 to 2.4.6, 2.2.0 to 2.2.14 Fixed versions: 2.6.1, 2.4.7, 2.2.15 oval:org.secpod.oval:def:1800975 CVE-2018-9256: LWAPP dissector crash Affected versions: 2.4.0 to 2.4.5, 2.2.0 to 2.2.13 Fixed versions: 2.4.6, 2.2.14 oval:org.secpod.oval:def:1800976 CVE-2018-9256: LWAPP dissector crash Affected versions: 2.4.0 to 2.4.5, 2.2.0 to 2.2.13 Fixed versions: 2.4.6, 2.2.14 oval:org.secpod.oval:def:112337 Metapackage with installs wireshark-cli and wireshark-qt. oval:org.secpod.oval:def:1800908 CVE-2018-5334: IxVeriWave file parser crash¶ Affected versions: 2.4.0 to 2.4.3, 2.2.0 to 2.2.11Fixed versions: 2.4.4, 2.2.12 oval:org.secpod.oval:def:1800744 CVE-2017-15191: DMP dissector crash Affected versions: 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, 2.0.0 to 2.0.15 Fixed versions: 2.4.2, 2.2.10, 2.0.16 oval:org.secpod.oval:def:1800786 CVE-2017-15191: DMP dissector crash; Affected versions: 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, 2.0.0 to 2.0.15 Fixed versions: 2.4.2, 2.2.10, 2.0.16 oval:org.secpod.oval:def:1800897 CVE-2017-13765: IrCOMM dissector buffer overrun Affected versions: 2.4.0, 2.2.0 to 2.2.8, 2.0.0 to 2.0.14 Fixed versions: 2.4.1, 2.2.9, 2.0.15 oval:org.secpod.oval:def:1800147 CVE-2017-11406: DOCSIS infinite loop Affected versions: 2.2.0 to 2.2.7, 2.0.0 to 2.0.13 Fixed versions: 2.2.8, 2.0.14 oval:org.secpod.oval:def:1800273 CVE-2017-11406: DOCSIS infinite loop Affected versions: 2.2.0 to 2.2.7, 2.0.0 to 2.0.13 Fixed versions: 2.2.8, 2.0.14 oval:org.secpod.oval:def:1800138 CVE-2017-9343: MSNIP dissector crash. Affected versions: 2.2.0 to 2.2.6, 2.0.0 to 2.0.12 Fixed versions: 2.2.7, 2.0.13 Reference: CVE-2017-9344: BT L2CAP dissector divide by zero. Affected versions: 2.2.0 to 2.2.6, 2.0.0 to 2.0.12 Fixed versions: 2.2.7, 2.0.13 Reference: CVE-2017-9345: DNS dissector ... oval:org.secpod.oval:def:1800852 CVE-2017-9343: MSNIP dissector crash Affected versions: 2.2.0 to 2.2.6, 2.0.0 to 2.0.12 Fixed versions: 2.2.7, 2.0.13 Reference CVE-2017-9344: BT L2CAP dissector divide by zero Affected versions: 2.2.0 to 2.2.6, 2.0.0 to 2.0.12 Fixed versions: 2.2.7, 2.0.13 Reference CVE-2017-9345: DNS dissector inf ... oval:org.secpod.oval:def:1800119 CVE-2016-9374: AllJoyn crash. Affected versions: 2.2.0 to 2.2.1, 2.0.0 to 2.0.7 Fixed versions: 2.2.2, 2.0.8 Reference: CVE-2016-9376: OpenFlow crash. Affected versions: 2.2.0 to 2.2.1, 2.0.0 to 2.0.7 Fixed versions: 2.2.2, 2.0.8 Reference: CVE-2016-9373: DCERPC crash. Affected versions: 2.2.0 to 2. ... oval:org.secpod.oval:def:1800716 CVE-2016-7175: QNX6 QNET dissector crash. Affected versions: 2.0.0 to 2.0.5 Fixed versions: 2.0.6 Reference: CVE-2016-7176: H.225 dissector crash. Affected versions: 2.0.0 to 2.0.5 Fixed versions: 2.0.6 Reference: CVE-2016-7177: Catapult DCT2000 dissector crash. Affected versions: 2.0.0 to 2.0.5 Fix ... oval:org.secpod.oval:def:1800177 CVE-2016-6512: MMSE, WAP, WBXML, and WSP infinite loop. Affected versions: 2.0.0 to 2.0.4 Fixed versions: 2.0.5 oval:org.secpod.oval:def:1800140 CVE-2016-6505: PacketBB crash. Affected versions: 2.0.0 to 2.0.4, 1.12.0 to 1.12.12. Fixed versions: 2.0.5, 1.12.13. Reference: CVE-2016-6506: WSP infinite loop. Affected versions: 2.0.0 to 2.0.4, 1.12.0 to 1.12.12. Fixed versions: 2.0.5, 1.12.13. Reference: CVE-2016-6508:RLC long loop. Affected ver ... oval:org.secpod.oval:def:32528 The host is installed with Wireshark 1.10.12 through 1.10.14 and is prone to a denial of service vulnerability. A flaw is present in the application, which mishandles a certain strdup return value. Successful exploitation could allow attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:32563 The host is installed with Wireshark 1.10.12 through 1.10.14 and is prone to a denial of service vulnerability. A flaw is present in the application, which mishandles a certain strdup return value. Successful exploitation could allow attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:17061 The host is installed with Wireshark 1.10.0 before 1.10.6 or 1.8.0 before 1.8.13 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet trace file. Successful exploitation could allow attackers to make Wireshark cras ... oval:org.secpod.oval:def:17053 The host is installed with Wireshark 1.10.0 before 1.10.6 or 1.8.0 before 1.8.13 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet trace file. Successful exploitation could allow attackers to make Wireshark cras ... oval:org.secpod.oval:def:1800642 CVE-2017-17083: NetBIOS dissector crash¶ Affected versions: 2.4.0 to 2.4.2, 2.2.0 to 2.2.10 Fixed versions: 2.4.3, 2.2.11 oval:org.secpod.oval:def:113856 Metapackage with installs wireshark-cli and wireshark-qt. oval:org.secpod.oval:def:1800441 CVE-2017-17083: NetBIOS dissector crash Affected versions: 2.4.0 to 2.4.2, 2.2.0 to 2.2.10 Fixed versions: 2.4.3, 2.2.11 oval:org.secpod.oval:def:43221 The host is installed with Wireshark 2.4.0 to 2.4.2 or 2.2.0 to 2.2.10 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the IWARP_MPA dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:43220 The host is installed with Wireshark 2.4.0 to 2.4.2 or 2.2.0 to 2.2.10 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the CIP safety dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:1800521 CVE-2017-15191: DMP dissector crash. Affected versions: 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, 2.0.0 to 2.0.15 Fixed versions: 2.4.2, 2.2.10, 2.0.16 oval:org.secpod.oval:def:1800571 CVE-2017-13765: IrCOMM dissector buffer overrun¶ Affected versions: 2.4.0, 2.2.0 to 2.2.8, 2.0.0 to 2.0.14 Fixed versions: 2.4.1, 2.2.9, 2.0.15 oval:org.secpod.oval:def:1800592 CVE-2017-13765: IrCOMM dissector buffer overrun. Affected versions: 2.4.0, 2.2.0 to 2.2.8, 2.0.0 to 2.0.14 Fixed versions: 2.4.1, 2.2.9, 2.0.15 oval:org.secpod.oval:def:1800615 CVE-2017-13765: IrCOMM dissector buffer overrun; Affected versions: 2.4.0, 2.2.0 to 2.2.8, 2.0.0 to 2.0.14 Fixed versions: 2.4.1, 2.2.9, 2.0.15 oval:org.secpod.oval:def:113740 Metapackage with installs wireshark-cli and wireshark-qt. oval:org.secpod.oval:def:1800483 CVE-2017-15191: DMP dissector crash¶ Affected versions: 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, 2.0.0 to 2.0.15 Fixed versions: 2.4.2, 2.2.10, 2.0.16 oval:org.secpod.oval:def:53206 It was discovered that wireshark, a network protocol analyzer, contained several vulnerabilities in the dissectors for CIP Safety, IWARP_MPA, NetBIOS, Profinet I/O and AMQP, which result in denial of dervice or the execution of arbitrary code. oval:org.secpod.oval:def:603207 It was discovered that wireshark, a network protocol analyzer, contained several vulnerabilities in the dissectors for CIP Safety, IWARP_MPA, NetBIOS, Profinet I/O and AMQP, which result in denial of dervice or the execution of arbitrary code. oval:org.secpod.oval:def:1800323 CVE-2017-11406: DOCSIS infinite loop Affected versions: 2.2.0 to 2.2.7, 2.0.0 to 2.0.13 Fixed versions: 2.2.8, 2.0.14 oval:org.secpod.oval:def:1800403 CVE-2017-11406: DOCSIS infinite loop Affected versions: 2.2.0 to 2.2.7, 2.0.0 to 2.0.13 Fixed versions: 2.2.8, 2.0.14 oval:org.secpod.oval:def:112998 Metapackage with installs wireshark-cli and wireshark-qt. oval:org.secpod.oval:def:1800649 CVE-2017-9343: MSNIP dissector crash; Affected versions: 2.2.0 to 2.2.6, 2.0.0 to 2.0.12 Fixed versions: 2.2.7, 2.0.13 Reference: CVE-2017-9344: BT L2CAP dissector divide by zero; Affected versions: 2.2.0 to 2.2.6, 2.0.0 to 2.0.12 Fixed versions: 2.2.7, 2.0.13 Reference: CVE-2017-9345: DNS dissector ... oval:org.secpod.oval:def:1800672 CVE-2017-9343: MSNIP dissector crash¶ Affected versions: 2.2.0 to 2.2.6, 2.0.0 to 2.0.12 Fixed versions: 2.2.7, 2.0.13 Reference:¶ CVE-2017-9344: BT L2CAP dissector divide by zero¶ Affected versions: 2.2.0 to 2.2.6, 2.0.0 to 2.0.12 Fixed versions: 2.2.7, 2.0.13 Reference:¶ CVE-20 ... oval:org.secpod.oval:def:1800340 CVE-2017-7700: NetScaler file parser infinite loop. Affected versions: 2.2.0 to 2.2.5, 2.0.0 to 2.0.11 Fixed versions: 2.2.6, 2.0.12 oval:org.secpod.oval:def:1800307 CVE-2017-7700: NetScaler file parser infinite loop Affected versions: 2.2.0 to 2.2.5, 2.0.0 to 2.0.11 Fixed versions: 2.2.6, 2.0.12 oval:org.secpod.oval:def:1800386 CVE-2016-7957: Bluetooth L2CAP dissector crash Affected versions: 2.2.0 Fixed versions: 2.2.1 Reference CVE-2016-7958: NCP dissector crash Affected versions: 2.2.0 Fixed versions: 2.2.1 Reference CVE-2016-9372: Profinet I/O long loop Affected versions: 2.2.0 to 2.2.1 Fixed versions: 2.2.2 Reference ... oval:org.secpod.oval:def:112145 Metapackage with installs wireshark-cli and wireshark-qt. oval:org.secpod.oval:def:1800563 CVE-2017-5596: ASTERIX infinite loop Affected versions: 2.2.0 to 2.2.3, 2.0.0 to 2.0.9 Fixed versions: 2.2.4, 2.0.10 Reference CVE-2017-5597: DHCPv6 large loop Affected versions: 2.2.0 to 2.2.3, 2.0.0 to 2.0.9 Fixed versions: 2.2.4, 2.0.10 Reference oval:org.secpod.oval:def:1800638 CVE-2017-5596: ASTERIX infinite loop. Affected versions: 2.2.0 to 2.2.3, 2.0.0 to 2.0.9 Fixed versions: 2.2.4, 2.0.10 Reference: CVE-2017-5597: DHCPv6 large loop. Affected versions: 2.2.0 to 2.2.3, 2.0.0 to 2.0.9 Fixed versions: 2.2.4, 2.0.10 Reference: oval:org.secpod.oval:def:602816 It was discovered that wireshark, a network protocol analyzer, contained several vulnerabilities in the dissectors for ASTERIX , DHCPv6, NetScaler, LDSS, IAX2, WSP, K12 and STANAG 4607, that could lead to various crashes, denial-of-service or execution of arbitrary code. oval:org.secpod.oval:def:112013 Metapackage with installs wireshark-cli and wireshark-qt. oval:org.secpod.oval:def:602678 It was discovered that wireshark, a network protocol analyzer, contained several vulnerabilities in the dissectors for DCERPC, AllJoyn, DTN, and OpenFlow, that could lead to various crashes, denial-of-service, or execution of arbitrary code. oval:org.secpod.oval:def:602619 Multiple vulnerabilities were discovered in the dissectors for H.225, Catapult DCT2000, UMTS FP and IPMI, which could result in denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:36986 The host is installed with Wireshark 2.0.x before 2.0.6 and is prone to a denial of service vulnerability. A flaw is present in the IPMI trace dissector, which does not properly consider whether a string is constant. Successful exploitation allows remote attackers to cause a denial of service (use-a ... oval:org.secpod.oval:def:36985 The host is installed with Wireshark 2.0.x before 2.0.6 and is prone to a denial of service vulnerability. A flaw is present in the Catapult DCT2000 dissector, which fails to handle a malformed packet. Successful exploitation allows remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:36984 The host is installed with Wireshark 2.0.x before 2.0.6 and is prone to a denial of service vulnerability. A flaw is present in the UMTS FP dissector, which does not ensure that memory is allocated for certain data structures. Successful exploitation allows remote attackers to cause a denial of serv ... oval:org.secpod.oval:def:36983 The host is installed with Wireshark 2.0.x before 2.0.6 and is prone to a denial of service vulnerability. A flaw is present in the Catapult DCT2000 dissector, which does not restrict the number of channels. Successful exploitation allows remote attackers to cause a denial of service (buffer over-re ... oval:org.secpod.oval:def:36982 The host is installed with Wireshark 2.0.x before 2.0.6 and is prone to a denial of service vulnerability. A flaw is present in the H.225 dissector, which calls snprintf with one of its input buffers as the output buffer. Successful exploitation allows remote attackers to cause a denial of service ( ... oval:org.secpod.oval:def:36976 The host is installed with Wireshark 2.0.x before 2.0.6 and is prone to a denial of service vulnerability. A flaw is present in the IPMI trace dissector, which does not properly consider whether a string is constant. Successful exploitation allows remote attackers to cause a denial of service (use-a ... oval:org.secpod.oval:def:36975 The host is installed with Wireshark 2.0.x before 2.0.6 and is prone to a denial of service vulnerability. A flaw is present in the Catapult DCT2000 dissector, which fails to handle a malformed packet. Successful exploitation allows remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:36974 The host is installed with Wireshark 2.0.x before 2.0.6 and is prone to a denial of service vulnerability. A flaw is present in the UMTS FP dissector, which does not ensure that memory is allocated for certain data structures. Successful exploitation allows remote attackers to cause a denial of serv ... oval:org.secpod.oval:def:36973 The host is installed with Wireshark 2.0.x before 2.0.6 and is prone to a denial of service vulnerability. A flaw is present in the Catapult DCT2000 dissector, which does not restrict the number of channels. Successful exploitation allows remote attackers to cause a denial of service (buffer over-re ... oval:org.secpod.oval:def:36972 The host is installed with Wireshark 2.0.x before 2.0.6 and is prone to a denial of service vulnerability. A flaw is present in the H.225 dissector, which calls snprintf with one of its input buffers as the output buffer. Successful exploitation allows remote attackers to cause a denial of service ( ... oval:org.secpod.oval:def:36981 The host is installed with Wireshark 2.0.x before 2.0.6 and is prone to a denial of service vulnerability. A flaw is present in the QNX6 QNET dissector, which fails to handle a malformed packet. Successful exploitation allows remote attackers to cause a denial of service (out-of-bounds read and appl ... oval:org.secpod.oval:def:36971 The host is installed with Wireshark 2.0.x before 2.0.6 and is prone to a denial of service vulnerability. A flaw is present in the QNX6 QNET dissector, which fails to handle a malformed packet. Successful exploitation allows remote attackers to cause a denial of service (out-of-bounds read and appl ... oval:org.secpod.oval:def:36697 The host is installed with Wireshark 2.0.x before 2.0.5 and is prone to a denial of service vulnerability. A flaw is present in the WBXML dissector, which fails to handle a crafted packet. Successful exploitation allows remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:36696 The host is installed with Wireshark 2.0.x before 2.0.5 and is prone to a denial of service vulnerability. A flaw is present in the tvb_get_guintvar function, which fails to handle a crafted packet. Successful exploitation allows remote attackers to cause a denial of service (infinite loop). oval:org.secpod.oval:def:36707 The host is installed with Wireshark 2.0.x before 2.0.5 and is prone to a denial of service vulnerability. A flaw is present in the WBXML dissector, which fails to handle a crafted packet. Successful exploitation allows remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:36706 The host is installed with Wireshark 2.0.x before 2.0.5 and is prone to a denial of service vulnerability. A flaw is present in the tvb_get_guintvar function, which fails to handle a crafted packet. Successful exploitation allows remote attackers to cause a denial of service (infinite loop). oval:org.secpod.oval:def:1800504 CVE-2016-6505: PacketBB crash Affected versions: 2.0.0 to 2.0.4, 1.12.0 to 1.12.12 Fixed versions: 2.0.5, 1.12.13 Reference CVE-2016-6506: WSP infinite loop Affected versions: 2.0.0 to 2.0.4, 1.12.0 to 1.12.12 Fixed versions: 2.0.5, 1.12.13 Reference CVE-2016-6508:RLC long loop Affected versions: 2. ... oval:org.secpod.oval:def:36692 The host is installed with Wireshark 1.12.x before 1.12.13 or 2.0.x before 2.0.5 and is prone to a denial of service vulnerability. A flaw is present in the RLC dissector, which fails to handle a crafted packet which uses an incorrect integer data type. Successful exploitation allows remote attacker ... oval:org.secpod.oval:def:36695 The host is installed with Wireshark 1.12.x before 1.12.13 or 2.0.x before 2.0.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted packet. Successful exploitation allows remote attackers to cause a denial of service (OpenFlow dis ... oval:org.secpod.oval:def:36694 The host is installed with Wireshark 1.12.x before 1.12.13 or 2.0.x before 2.0.5 and is prone to a denial of service vulnerability. A flaw is present in the RLC dissector, which fails to handle a crafted packet. Successful exploitation allows remote attackers to cause a denial of service (stack-base ... oval:org.secpod.oval:def:36693 The host is installed with Wireshark 1.12.x before 1.12.13 or 2.0.x before 2.0.5 and is prone to a denial of service vulnerability. A flaw is present in the LDSS dissector, which fails to handle a crafted packet and conversations. Successful exploitation allows remote attackers to cause a denial of ... oval:org.secpod.oval:def:602591 Multiple vulnerabilities were discovered in the dissectors for NDS, PacketBB, WSP, MMSE, RLC, LDSS, RLC and OpenFlow, which could result in denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:36705 The host is installed with Wireshark 1.12.x before 1.12.13 or 2.0.x before 2.0.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted packet. Successful exploitation allows remote attackers to cause a denial of service (OpenFlow dis ... oval:org.secpod.oval:def:36704 The host is installed with Wireshark 1.12.x before 1.12.13 or 2.0.x before 2.0.5 and is prone to a denial of service vulnerability. A flaw is present in the RLC dissector, which fails to handle a crafted packet. Successful exploitation allows remote attackers to cause a denial of service (stack-base ... oval:org.secpod.oval:def:36703 The host is installed with Wireshark 1.12.x before 1.12.13 or 2.0.x before 2.0.5 and is prone to a denial of service vulnerability. A flaw is present in the LDSS dissector, which fails to handle a crafted packet and conversations. Successful exploitation allows remote attackers to cause a denial of ... oval:org.secpod.oval:def:36702 The host is installed with Wireshark 1.12.x before 1.12.13 or 2.0.x before 2.0.5 and is prone to a denial of service vulnerability. A flaw is present in the RLC dissector, which fails to handle a crafted packet which uses an incorrect integer data type. Successful exploitation allows remote attacker ... oval:org.secpod.oval:def:36691 The host is installed with Wireshark 1.12.x before 1.12.13 and is prone to a denial of service vulnerability. A flaw is present in the MMSE dissector, which fails to handle a crafted packet. Successful exploitation allows remote attackers to cause a denial of service (infinite loop). oval:org.secpod.oval:def:36690 The host is installed with Wireshark 1.12.x before 1.12.13 or 2.0.x before 2.0.5 and is prone to a denial of service vulnerability. A flaw is present in the WSP dissector, which fails to handle a crafted packet. Successful exploitation allows remote attackers to cause a denial of service (infinite l ... oval:org.secpod.oval:def:36699 The host is installed with Wireshark 1.12.x before 1.12.13 or 2.0.x before 2.0.5 and is prone to a denial of service vulnerability. A flaw is present in the PacketBB dissector, which fails to handle a crafted packet. Successful exploitation allows remote attackers to cause a denial of service (divid ... oval:org.secpod.oval:def:36689 The host is installed with Wireshark 1.12.x before 1.12.13 or 2.0.x before 2.0.5 and is prone to a denial of service vulnerability. A flaw is present in the PacketBB dissector, which fails to handle a crafted packet. Successful exploitation allows remote attackers to cause a denial of service (divid ... oval:org.secpod.oval:def:36688 The host is installed with Wireshark 1.12.x before 1.12.13 and is prone to a denial of service vulnerability. A flaw is present in the NDS dissector, which fails to properly maintain a ptvc data structure. Successful exploitation allows remote attackers to cause a denial of service (NULL pointer der ... oval:org.secpod.oval:def:36687 The host is installed with Wireshark 2.0.x before 2.0.5 and is prone to a denial of service vulnerability. A flaw is present in the CORBA IDL dissector, which fails to properly interact with visual C++ compiler options. Successful exploitation which allows remote attackers to cause a denial of servi ... oval:org.secpod.oval:def:36700 The host is installed with Wireshark 1.12.x before 1.12.13 or 2.0.x before 2.0.5 and is prone to a denial of service vulnerability. A flaw is present in the WSP dissector, which fails to handle a crafted packet. Successful exploitation allows remote attackers to cause a denial of service (infinite l ... oval:org.secpod.oval:def:34143 The host is installed with Wireshark 2.0.x before 2.0.3 and is prone to a denial of service vulnerability. A flaw is present in the MS-WSP dissector, which fails to ensure that data is available before array allocation. Successful exploitation allows remote attackers to cause a denial of service (ap ... oval:org.secpod.oval:def:34144 The host is installed with Wireshark 2.0.x before 2.0.3 and is prone to a denial of service vulnerability. A flaw is present in the MS-WSP dissector, which fails to handle a crafted packet that triggers an unexpected array size. Successful exploitation allows remote attackers to cause a denial of se ... oval:org.secpod.oval:def:34142 The host is installed with Wireshark 1.12.x before 1.12.11 or 2.0.x before 2.0.3 and is prone to a denial of service vulnerability. A flaw is present in the GSM CBCH dissector, which uses the wrong variable to index an array. Successful exploitation allows remote attackers to cause a denial of servi ... oval:org.secpod.oval:def:34134 The host is installed with Wireshark 1.12.x before 1.12.11 and is prone to a stack-based buffer overflow vulnerability. A flaw is present in the NCP dissector, which fails to handle a long string in a packet. Successful exploitation could allow remote attackers to cause a denial of service (applicat ... oval:org.secpod.oval:def:34132 The host is installed with Wireshark 2.0.x before 2.0.3 and is prone to a denial of service vulnerability. A flaw is present in the MS-WSP dissector, which fails to ensure that data is available before array allocation. Successful exploitation allows remote attackers to cause a denial of service (ap ... oval:org.secpod.oval:def:34133 The host is installed with Wireshark 2.0.x before 2.0.3 and is prone to a denial of service vulnerability. A flaw is present in the MS-WSP dissector, which fails to handle a crafted packet that triggers an unexpected array size. Successful exploitation allows remote attackers to cause a denial of se ... oval:org.secpod.oval:def:34131 The host is installed with Wireshark 1.12.x before 1.12.11 or 2.0.x before 2.0.3 and is prone to a denial of service vulnerability. A flaw is present in the GSM CBCH dissector, which uses the wrong variable to index an array. Successful exploitation allows remote attackers to cause a denial of servi ... oval:org.secpod.oval:def:602507 Multiple vulnerabilities were discovered in the dissectors/parsers for PKTC, IAX2, GSM CBCH and NCP which could result in denial of service. oval:org.secpod.oval:def:34126 The host is installed with Wireshark 2.0.x before 2.0.3 and is prone to a denial of service vulnerability. A flaw is present in the TShark, which relies on incorrect special-case handling of truncated Tvb data structures. Successful exploitation allows remote attackers to cause a denial of service ( ... oval:org.secpod.oval:def:34140 The host is installed with Wireshark 1.12.x before 1.12.11 or 2.0.x before 2.0.3 and is prone to a denial of service vulnerability. A flaw is present in the PKTC dissector, which misparses timestamp fields. Successful exploitation allows remote attackers to cause a denial of service (out-of-bounds r ... oval:org.secpod.oval:def:34141 The host is installed with Wireshark 1.12.x before 1.12.11 or 2.0.x before 2.0.3 and is prone to a denial of service vulnerability. A flaw is present in the IAX2 dissector, which uses an incorrect integer data type. Successful exploitation allows remote attackers to cause a denial of service (infini ... oval:org.secpod.oval:def:34138 The host is installed with Wireshark 1.12.x before 1.12.11 or 2.0.x before 2.0.3 and is prone to a denial of service vulnerability. A flaw is present in the IEEE 802.11 dissector, related to epan/dissectors/packet-capwap.c and epan/dissectors/packet-ieee80211.c, which fails to properly restrict elem ... oval:org.secpod.oval:def:34139 The host is installed with Wireshark 1.12.x before 1.12.11 or 2.0.x before 2.0.3 and is prone to a denial of service vulnerability. A flaw is present in the PKTC dissector, which fails to verify BER identifiers. Successful exploitation allows remote attackers to cause a denial of service (out-of-bou ... oval:org.secpod.oval:def:34137 The host is installed with Wireshark 2.0.x before 2.0.3 and is prone to a denial of service vulnerability. A flaw is present in the TShark, which relies on incorrect special-case handling of truncated Tvb data structures. Successful exploitation allows remote attackers to cause a denial of service ( ... oval:org.secpod.oval:def:34130 The host is installed with Wireshark 1.12.x before 1.12.11 or 2.0.x before 2.0.3 and is prone to a denial of service vulnerability. A flaw is present in the IAX2 dissector, which uses an incorrect integer data type. Successful exploitation allows remote attackers to cause a denial of service (infini ... oval:org.secpod.oval:def:34129 The host is installed with Wireshark 1.12.x before 1.12.11 or 2.0.x before 2.0.3 and is prone to a denial of service vulnerability. A flaw is present in the PKTC dissector, which misparses timestamp fields. Successful exploitation allows remote attackers to cause a denial of service (out-of-bounds r ... oval:org.secpod.oval:def:34127 The host is installed with Wireshark 1.12.x before 1.12.11 or 2.0.x before 2.0.3 and is prone to a denial of service vulnerability. A flaw is present in the IEEE 802.11 dissector, related to epan/dissectors/packet-capwap.c and epan/dissectors/packet-ieee80211.c, which fails to properly restrict elem ... oval:org.secpod.oval:def:34128 The host is installed with Wireshark 1.12.x before 1.12.11 or 2.0.x before 2.0.3 and is prone to a denial of service vulnerability. A flaw is present in the PKTC dissector, which fails to verify BER identifiers. Successful exploitation allows remote attackers to cause a denial of service (out-of-bou ... oval:org.secpod.oval:def:34125 The host is installed with Wireshark 2.0.x before 2.0.3 and is prone to a denial of service vulnerability. A flaw is present in the NCP dissector, which fails to properly initialize memory for search patterns. Successful exploitation allows remote attackers to cause a denial of service (application ... oval:org.secpod.oval:def:34124 The host is installed with Wireshark 1.12.x before 1.12.11 or 2.0.x before 2.0.3 and is prone to a denial of service vulnerability. A flaw is present in the epan/proto.c, which fails to properly limit the protocol-tree depth. Successful exploitation allows remote attackers to cause a denial of servi ... oval:org.secpod.oval:def:34136 The host is installed with Wireshark 2.0.x before 2.0.3 and is prone to a denial of service vulnerability. A flaw is present in the NCP dissector, which fails to properly initialize memory for search patterns. Successful exploitation allows remote attackers to cause a denial of service (application ... oval:org.secpod.oval:def:34135 The host is installed with Wireshark 1.12.x before 1.12.11 or 2.0.x before 2.0.3 and is prone to a denial of service vulnerability. A flaw is present in the epan/proto.c, which fails to properly limit the protocol-tree depth. Successful exploitation allows remote attackers to cause a denial of servi ... oval:org.secpod.oval:def:602419 Multiple vulnerabilities were discovered in the dissectors/parsers for DNP, RSL, LLRP, GSM A-bis OML, ASN 1 BER which could result in denial of service. oval:org.secpod.oval:def:32496 The host is installed with Wireshark 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which does not validate the column size. Successful exploitation allows remote attackers to cause a denial of service (memory consumption or application cras ... oval:org.secpod.oval:def:32498 The host is installed with Wireshark 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which does not validate the number of columns. Successful exploitation allows remote attackers to cause a denial of service (stack-based buffer overflow and ... oval:org.secpod.oval:def:32497 The host is installed with Wireshark 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which does not initialize a packet-header data structure. Successful exploitation allows remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:32533 The host is installed with Wireshark 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which does not validate the number of columns. Successful exploitation allows remote attackers to cause a denial of service (stack-based buffer overflow and ... oval:org.secpod.oval:def:32532 The host is installed with Wireshark 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which does not initialize a packet-header data structure. Successful exploitation allows remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:32530 The host is installed with Wireshark 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which does not validate the column size. Successful exploitation allows remote attackers to cause a denial of service (memory consumption or application cras ... oval:org.secpod.oval:def:32499 The host is installed with Wireshark 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which improperly attempts to access a packet scope. Successful exploitation allows remote attackers to cause a denial of service (assertion failure and appli ... oval:org.secpod.oval:def:32537 The host is installed with Wireshark 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which does not reserve memory for a trailer. Successful exploitation allows remote attackers to cause a denial of service (stack-based buffer overflow and ap ... oval:org.secpod.oval:def:32536 The host is installed with Wireshark 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which does not validate the bit rate. Successful exploitation allows remote attackers to cause a denial of service (divide-by-zero error and application cras ... oval:org.secpod.oval:def:32538 The host is installed with Wireshark 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which uses an incorrect integer data type. Successful exploitation allows remote attackers to cause a denial of service (invalid write operation and applicat ... oval:org.secpod.oval:def:32535 The host is installed with Wireshark 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which does not validate the list count in an SZL response. Successful exploitation allows remote attackers to cause a denial of service (divide-by-zero error ... oval:org.secpod.oval:def:32534 The host is installed with Wireshark 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which improperly attempts to access a packet scope. Successful exploitation allows remote attackers to cause a denial of service (assertion failure and appli ... oval:org.secpod.oval:def:32503 The host is installed with Wireshark 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which uses an incorrect integer data type. Successful exploitation allows remote attackers to cause a denial of service (invalid write operation and applicat ... oval:org.secpod.oval:def:32500 The host is installed with Wireshark 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which does not validate the list count in an SZL response. Successful exploitation allows remote attackers to cause a denial of service (divide-by-zero error ... oval:org.secpod.oval:def:32502 The host is installed with Wireshark 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which does not reserve memory for a trailer. Successful exploitation allows remote attackers to cause a denial of service (stack-based buffer overflow and ap ... oval:org.secpod.oval:def:32501 The host is installed with Wireshark 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which does not validate the bit rate. Successful exploitation allows remote attackers to cause a denial of service (divide-by-zero error and application cras ... oval:org.secpod.oval:def:32540 The host is installed with Wireshark 1.12.x before 1.12.9 or 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which does not validate the relationships between record lengths and record header lengths. Successful exploitation could allow attac ... oval:org.secpod.oval:def:32542 The host is installed with Wireshark 1.12.x before 1.12.9 or 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which does not reject unknown TLV types. Successful exploitation could allow attackers to cause a denial of service (out-of-bounds re ... oval:org.secpod.oval:def:32541 The host is installed with Wireshark 1.12.x before 1.12.9 or 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which does not validate the Total Profile Number field. Successful exploitation could allow attackers to cause a denial of service (o ... oval:org.secpod.oval:def:32539 The host is installed with Wireshark 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which mishandles the packet type. Successful exploitation allows remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:32504 The host is installed with Wireshark 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which mishandles the packet type. Successful exploitation allows remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:32506 The host is installed with Wireshark 1.12.x before 1.12.9 or 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which does not validate the Total Profile Number field. Successful exploitation could allow attackers to cause a denial of service (o ... oval:org.secpod.oval:def:32505 The host is installed with Wireshark 1.12.x before 1.12.9 or 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which does not validate the relationships between record lengths and record header lengths. Successful exploitation could allow attac ... oval:org.secpod.oval:def:32508 The host is installed with Wireshark 1.12.x before 1.12.9 or 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which does not validate the number of items. Successful exploitation could allow attackers to cause a denial of service (invalid read ... oval:org.secpod.oval:def:32507 The host is installed with Wireshark 1.12.x before 1.12.9 or 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which does not reject unknown TLV types. Successful exploitation could allow attackers to cause a denial of service (out-of-bounds re ... oval:org.secpod.oval:def:32543 The host is installed with Wireshark 1.12.x before 1.12.9 or 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which does not validate the number of items. Successful exploitation could allow attackers to cause a denial of service (invalid read ... oval:org.secpod.oval:def:32511 The host is installed with Wireshark 1.12.x before 1.12.9 or 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which does not properly maintain request-key data. Successful exploitation could allow attackers to cause a denial of service (use-af ... oval:org.secpod.oval:def:32510 The host is installed with Wireshark 1.12.x before 1.12.9 or 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which improperly uses the tvb_bcd_dig_to_wmem_packet_str function. Successful exploitation could allow attackers to cause a denial of ... oval:org.secpod.oval:def:32512 The host is installed with Wireshark 1.12.x before 1.12.9 or 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which does not validate certain signature and Modulation and Coding Scheme (MCS) data. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:32509 The host is installed with Wireshark 1.12.x before 1.12.9 or 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which does not ensure the presence of a '\0' character at the end of a date string. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:32547 The host is installed with Wireshark 1.12.x before 1.12.9 or 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which does not validate certain signature and Modulation and Coding Scheme (MCS) data. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:32544 The host is installed with Wireshark 1.12.x before 1.12.9 or 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which does not ensure the presence of a '\0' character at the end of a date string. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:32546 The host is installed with Wireshark 1.12.x before 1.12.9 or 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which does not properly maintain request-key data. Successful exploitation could allow attackers to cause a denial of service (use-af ... oval:org.secpod.oval:def:32545 The host is installed with Wireshark 1.12.x before 1.12.9 or 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which improperly uses the tvb_bcd_dig_to_wmem_packet_str function. Successful exploitation could allow attackers to cause a denial of ... oval:org.secpod.oval:def:32515 The host is installed with Wireshark 1.12.x before 1.12.9 or 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which does not validate the relationship between the total length and the capture length. Successful exploitation could allow attacke ... oval:org.secpod.oval:def:32514 The host is installed with Wireshark 1.12.x before 1.12.9 or 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which does not verify the WPA broadcast key length. Successful exploitation could allow attackers to cause a denial of service (out-o ... oval:org.secpod.oval:def:32517 The host is installed with Wireshark 1.12.x before 1.12.9 or 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which cause a denial of service. Successful exploitation could allow attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:32516 The host is installed with Wireshark 1.12.x before 1.12.9 or 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which does not validate the frame pointer. Successful exploitation could allow attackers to cause a denial of service (NULL pointer d ... oval:org.secpod.oval:def:32513 The host is installed with Wireshark 1.12.x before 1.12.9 or 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which does not validate the IPv6 prefix length. Successful exploitation could allow attackers to cause a denial of service (stack-bas ... oval:org.secpod.oval:def:32551 The host is installed with Wireshark 1.12.x before 1.12.9 or 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which does not validate the frame pointer. Successful exploitation could allow attackers to cause a denial of service (NULL pointer d ... oval:org.secpod.oval:def:32550 The host is installed with Wireshark 1.12.x before 1.12.9 or 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which does not validate the relationship between the total length and the capture length. Successful exploitation could allow attacke ... oval:org.secpod.oval:def:32552 The host is installed with Wireshark 1.12.x before 1.12.9 or 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which cause a denial of service. Successful exploitation could allow attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:32548 The host is installed with Wireshark 1.12.x before 1.12.9 or 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which does not validate the IPv6 prefix length. Successful exploitation could allow attackers to cause a denial of service (stack-bas ... oval:org.secpod.oval:def:32549 The host is installed with Wireshark 1.12.x before 1.12.9 or 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which does not verify the WPA broadcast key length. Successful exploitation could allow attackers to cause a denial of service (out-o ... oval:org.secpod.oval:def:32522 The host is installed with Wireshark 1.12.x before 1.12.9 and is prone to denial of service vulnerability. A flaw is present in the application, which does not ensure that a conversation exists. Successful exploitation allows remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:32521 The host is installed with Wireshark 1.12.x before 1.12.9 and is prone to denial of service vulnerability. A flaw is present in the application, which does not prevent use of a negative media count. Successful exploitation allows remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:32520 The host is installed with Wireshark 1.12.x before 1.12.9 or 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which enables "Match MSG/RES packets for async NLM" option. Successful exploitation could allow attackers to cause a denial of servic ... oval:org.secpod.oval:def:32519 The host is installed with Wireshark 1.12.x before 1.12.9 and is prone to denial of service vulnerability. A flaw is present in the application, which mishandles the EDNS0 Client Subnet option. Successful exploitation could allow attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:32518 The host is installed with Wireshark 1.12.x before 1.12.9 or 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which improperly checks an sscanf return value. Successful exploitation could allow attackers to cause a denial of service (applicati ... oval:org.secpod.oval:def:32555 The host is installed with Wireshark 1.12.x before 1.12.9 or 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which enables "Match MSG/RES packets for async NLM" option. Successful exploitation could allow attackers to cause a denial of servic ... oval:org.secpod.oval:def:32553 The host is installed with Wireshark 1.12.x before 1.12.9 or 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which improperly checks an sscanf return value. Successful exploitation could allow attackers to cause a denial of service (applicati ... oval:org.secpod.oval:def:32526 The host is installed with Wireshark 1.12.x before 1.12.9 and is prone to denial of service vulnerability. A flaw is present in the application, which does not validate the number of PDUs. Successful exploitation allows remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:32525 The host is installed with Wireshark 1.12.x before 1.12.9 and is prone to denial of service vulnerability. A flaw is present in the application, which does not properly reserve memory for channel ID mappings. Successful exploitation allows remote attackers to cause a denial of service (out-of-bounds ... oval:org.secpod.oval:def:32524 The host is installed with Wireshark 1.12.x before 1.12.9 and is prone to denial of service vulnerability. A flaw is present in the application, which does not initialize a certain IPv4 data structure. Successful exploitation allows remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:32523 The host is installed with Wireshark 1.12.x before 1.12.9 and is prone to denial of service vulnerability. A flaw is present in the application, which does not check for empty arguments. Successful exploitation allows remote attackers to cause a denial of service (infinite loop). oval:org.secpod.oval:def:32527 The host is installed with Wireshark 1.12.x before 1.12.9 or 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which does not validate conversation data. Successful exploitation allows remote attackers to cause a denial of service (NULL pointer ... oval:org.secpod.oval:def:602421 Multiple vulnerabilities were discovered in the dissectors/parsers for Pcapng, NBAP, UMTS FP, DCOM, AllJoyn, T.38, SDP, NLM, DNS, BED, SCTP, 802.11, DIAMETER, VeriWave, RVSP, ANSi A, GSM A, Ascend, NBAP, ZigBee ZCL and Sniffer which could result in denial of service. oval:org.secpod.oval:def:32562 The host is installed with Wireshark 1.12.x before 1.12.9 or 2.0.x before 2.0.1 and is prone to denial of service vulnerability. A flaw is present in the application, which does not validate conversation data. Successful exploitation allows remote attackers to cause a denial of service (NULL pointer ... oval:org.secpod.oval:def:602238 Multiple vulnerabilities were discovered in the dissectors/parsers for ZigBee, GSM RLC/MAC, WaveAgent, ptvcursor, OpenFlow, WCCP and in internal functions which could result in denial of service. oval:org.secpod.oval:def:109580 Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. oval:org.secpod.oval:def:602153 Multiple vulnerabilities were discovered in the dissectors for WCCP and GSM DTAP, which could result in denial of service. The oldstable distribution is not affected. oval:org.secpod.oval:def:602126 Multiple vulnerabilities were discovered in the dissectors/parsers for LBMR, web sockets, WCP, X11, IEEE 802.11 and Android Logcat, which could result in denial of service. oval:org.secpod.oval:def:1501813 The wireshark packages contain a network protocol analyzer used to capture and browse the traffic running on a computer network. Security Fix: * Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a ... oval:org.secpod.oval:def:1600523 Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. oval:org.secpod.oval:def:502001 The wireshark packages contain a network protocol analyzer used to capture and browse the traffic running on a computer network. Security Fix: * Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a ... oval:org.secpod.oval:def:23711 The host is installed with Wireshark 1.12.x before 1.12.4 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted length field in a packet. Successful exploitation allows remote attackers to cause a denial of service (infinite ... oval:org.secpod.oval:def:23709 The host is installed with Wireshark 1.10.x before 1.10.13 or 1.12.x before 1.12.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle an invalid Interface Statistics Block (ISB) interface ID in a crafted packet. Successful exploita ... oval:org.secpod.oval:def:23708 The host is installed with Wireshark 1.10.x before 1.10.13 or 1.12.x before 1.12.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted packet during decompression. Successful exploitation allows remote attackers to cause a ... oval:org.secpod.oval:def:1200152 Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file oval:org.secpod.oval:def:501602 Wireshark, previously known as Ethereal, is a network protocol analyzer, which is used to capture and browse the traffic running on a computer network. Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or op ... oval:org.secpod.oval:def:602023 Multiple vulnerabilities were discovered in the dissectors/parsers for WCP, pcapng and TNEF, which could result in denial of service. oval:org.secpod.oval:def:23712 The host is installed with Wireshark 1.12.x before 1.12.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which does not properly handle integer data types greater than 32 bits in size. Successful exploitation allows remote attackers to cause a denial of serv ... oval:org.secpod.oval:def:23710 The host is installed with Wireshark 1.10.x before 1.10.13 or 1.12.x before 1.12.4 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted length field in a packet. Successful exploitation allows remote attackers to cause a de ... oval:org.secpod.oval:def:501693 The wireshark packages contain a network protocol analyzer used to capture and browse the traffic running on a computer network. Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump f ... oval:org.secpod.oval:def:1501221 The remote host is missing a patch containing a security fix, which affects the following package(s): wireshark oval:org.secpod.oval:def:1501092 Multiple vulnerabilities were discovered in the dissectors/parsers for WCP, pcapng and TNEF, which could result in denial of service. oval:org.secpod.oval:def:23713 The host is installed with Wireshark 1.12.x before 1.12.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which does not properly follow the TRY/ENDTRY code requirements. Successful exploitation allows remote attackers to cause a denial of service (stack memo ... oval:org.secpod.oval:def:23096 The host is installed with Wireshark 1.10.x before 1.10.12 or 1.12.x before 1.12.3 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted packet. Successful exploitation allows remote attackers to cause a denial of service (a ... oval:org.secpod.oval:def:23095 The host is installed with Wireshark 1.10.x before 1.10.12 or 1.12.x before 1.12.3 and is prone to multiple use-after-free vulnerabilities. The flaws are present in the application, which fails to properly handle a crafted packet, related to the use of packet-scope memory instead of pinfo-scope memo ... oval:org.secpod.oval:def:23094 The host is installed with Wireshark 1.10.x before 1.10.12 or 1.12.x before 1.12.3 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted packet. Successful exploitation allows remote attackers to cause a denial of service (o ... oval:org.secpod.oval:def:23097 The host is installed with Wireshark 1.10.x before 1.10.12 or 1.12.x before 1.12.3 and is prone to a buffer underflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted packet that is improperly handled during decryption of an SSL session. Successful exploi ... oval:org.secpod.oval:def:601936 Multiple vulnerabilities were discovered in the dissectors/parsers for SSL/TLS and DEC DNA, which could result in denial of service. oval:org.secpod.oval:def:23093 The host is installed with Wireshark 1.10.x before 1.10.12 or 1.12.x before 1.12.3 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted packet. Successful exploitation allows remote attackers to cause a denial of service (a ... oval:org.secpod.oval:def:23092 The host is installed with Wireshark 1.10.x before 1.10.12 or 1.12.x before 1.12.3 and is prone to multiple use-after-free vulnerabilities. The flaws are present in the application, which fails to properly handle a crafted packet, related to the use of packet-scope memory instead of pinfo-scope memo ... oval:org.secpod.oval:def:601841 Multiple vulnerabilities were discovered in the dissectors/parsers for SigComp UDVM, AMQP, NCP and TN5250, which could result in denial of service. oval:org.secpod.oval:def:21741 The host is installed with Wireshark 1.10.x before 1.10.11 or 1.12.x before 1.12.2 and is prone to a stack-based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted packet. Successful exploitation allows remote attackers to cause a denial of ... oval:org.secpod.oval:def:21742 The host is installed with Wireshark 1.10.x before 1.10.11 or 1.12.x before 1.12.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted packet. Successful exploitation allows remote attackers to cause a denial of service (a ... oval:org.secpod.oval:def:21736 The host is installed with Wireshark 1.10.x before 1.10.11 or 1.12.x before 1.12.2 and is prone to a stack-based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted packet. Successful exploitation allows remote attackers to cause a denial of ... oval:org.secpod.oval:def:21737 The host is installed with Wireshark 1.10.x before 1.10.11 or 1.12.x before 1.12.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted packet. Successful exploitation allows remote attackers to cause a denial of service (a ... oval:org.secpod.oval:def:21735 The host is installed with Wireshark 1.10.x before 1.10.11 or 1.12.x before 1.12.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted packet. Successful exploitation allows remote attackers to cause a denial of service (i ... oval:org.secpod.oval:def:21740 The host is installed with Wireshark 1.10.x before 1.10.11 or 1.12.x before 1.12.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted packet. Successful exploitation allows remote attackers to cause a denial of service (i ... oval:org.secpod.oval:def:108193 Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. oval:org.secpod.oval:def:108002 Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. oval:org.secpod.oval:def:21743 The host is installed with Wireshark 1.10.x before 1.10.11 or 1.12.x before 1.12.2 and is prone to multiple integer overflow vulnerabilities. A flaw is present in the application, which fails to properly handle a crafted packet. Successful exploitation allows remote attackers to cause a denial of se ... oval:org.secpod.oval:def:21744 The host is installed with Wireshark 1.10.x before 1.10.11 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted packet. Successful exploitation allows remote attackers to cause a denial of service (buffer over-read and application c ... oval:org.secpod.oval:def:21738 The host is installed with Wireshark 1.10.x before 1.10.11 or 1.12.x before 1.12.2 and is prone to multiple integer overflow vulnerabilities. A flaw is present in the application, which fails to properly handle a crafted packet. Successful exploitation allows remote attackers to cause a denial of se ... oval:org.secpod.oval:def:21739 The host is installed with Wireshark 1.10.x before 1.10.11 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted packet. Successful exploitation allows remote attackers to cause a denial of service (buffer over-read and application c ... oval:org.secpod.oval:def:20698 The host is installed with Wireshark 1.10.x before 1.10.9 and is prone to denial of service vulnerability. A flaw is present in the application, which does not properly validate padding values. Successful exploitation allows remote attackers to cause a denial of service (buffer underflow and applica ... oval:org.secpod.oval:def:21794 The host is installed with Wireshark 1.10.x before 1.10.9 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted packet. Successful exploitation could allow attackers to cause a denial of service (buffer underflow and application cras ... oval:org.secpod.oval:def:20703 The host is installed with Wireshark 1.10.x before 1.10.9 and is prone to denial of service vulnerability. A flaw is present in the application, which does not properly validate padding values. Successful exploitation allows remote attackers to cause a denial of service (buffer underflow and applica ... oval:org.secpod.oval:def:21796 The host is installed with Wireshark 1.10.x before 1.10.9 and is prone to a denial of service vulnerability. A flaw is present in the application, which does not properly strip '\n' and '\r' characters. Successful exploitation could allow attackers to cause a denial of service (off-by-one buffer und ... oval:org.secpod.oval:def:21797 The host is installed with Wireshark 1.10.x before 1.10.9 and is prone to a denial of service vulnerability. A flaw is present in the application, which does not completely initialize a certain buffer. Successful exploitation could allow attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:20699 The host is installed with Wireshark 1.10.x before 1.10.9 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted packet. Successful exploitation allows remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:21795 The host is installed with Wireshark 1.10.x before 1.10.9 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted packet. Successful exploitation could allow attackers to cause a denial of service (buffer underflow and application cras ... oval:org.secpod.oval:def:21793 The host is installed with Wireshark 1.10.x before 1.10.9 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted packet. Successful exploitation could allow attackers to cause a denial of service (application crash) oval:org.secpod.oval:def:20702 The host is installed with Wireshark 1.10.x before 1.10.9 and is prone to denial of service vulnerability. A flaw is present in the application, which does not properly strip '\n' characters. Successful exploitation allows remote attackers to cause a denial of service (buffer underflow and applicati ... oval:org.secpod.oval:def:20700 The host is installed with Wireshark 1.10.x before 1.10.9 and is prone to denial of service vulnerability. A flaw is present in the application, which does not completely initialize a certain buffer. Successful exploitation allows remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:20701 The host is installed with Wireshark 1.10.x before 1.10.9 and is prone to denial of service vulnerability. A flaw is present in the application, which does not properly strip '\n' and '\r' characters. Successful exploitation allows remote attackers to cause a denial of service (off-by-one buffer und ... oval:org.secpod.oval:def:20706 The host is installed with Wireshark 1.10.x before 1.10.9 and is prone to denial of service vulnerability. A flaw is present in the application, which does not properly strip '\n' and '\r' characters. Successful exploitation allows remote attackers to cause a denial of service (off-by-one buffer und ... oval:org.secpod.oval:def:20707 The host is installed with Wireshark 1.10.x before 1.10.9 and is prone to denial of service vulnerability. A flaw is present in the application, which does not properly strip '\n' characters. Successful exploitation allows remote attackers to cause a denial of service (buffer underflow and applicati ... oval:org.secpod.oval:def:20704 The host is installed with Wireshark 1.10.x before 1.10.9 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted packet. Successful exploitation allows remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:20705 The host is installed with Wireshark 1.10.x before 1.10.9 and is prone to denial of service vulnerability. A flaw is present in the application, which does not completely initialize a certain buffer. Successful exploitation allows remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:107316 Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. oval:org.secpod.oval:def:21523 The host is installed with Wireshark 1.10.x before 1.10.8 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted packet. Successful exploitation could allow attackers to cause a denial of service (application crash) oval:org.secpod.oval:def:20058 The host is installed with Wireshark 1.10.x before 1.10.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted packet. Successful exploitation allows attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:19985 The host is installed with Wireshark 1.10.x before 1.10.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted packet. Successful exploitation allows attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:107134 Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. oval:org.secpod.oval:def:19895 The host is installed with Wireshark 1.10.x before 1.10.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted packet. Successful exploitation could allow attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:106889 Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. oval:org.secpod.oval:def:19903 The host is installed with Wireshark 1.10.x before 1.10.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted packet. Successful exploitation could allow attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:63394 The host is installed with Wireshark 2.6.0 before 2.6.17, 3.0.0 before 3.0.11 or 3.2.0 before 3.2.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a issue in NFS dissector. Successful exploitation allows attackers to crash wire ... oval:org.secpod.oval:def:63395 The host is missing a security update according to Wireshark Advisory. The update is required to fix a denial-of-service vulnerability. A flaw is present in the application, which fails to properly handle a issue in NFS dissector. Successful exploitation allows attackers to crash wireshark by inject ... oval:org.secpod.oval:def:118799 Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful features including a rich ... oval:org.secpod.oval:def:89050484 This update for wireshark fixes the following issues: - Update to wireshark 3.2.7: * CVE-2020-25863: MIME Multipart dissector crash * CVE-2020-25862: TCP dissector crash * CVE-2020-25866: BLIP dissector crash * CVE-2020-17498: Kafka dissector crash oval:org.secpod.oval:def:118629 Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful features including a rich ... oval:org.secpod.oval:def:118807 Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful features including a rich ... oval:org.secpod.oval:def:95034 wireshark: network traffic analyzer - meta-package Several security issues were fixed in Wireshark. oval:org.secpod.oval:def:89050216 This update for wireshark fixes the following issues: - Wireshark to 3.2.5: * CVE-2020-15466: GVCP dissector infinite loop * CVE-2020-13164: NFS dissector crash * CVE-2020-11647: The BACapp dissector could crash - Further features, bug fixes and updated protocol support as listed in: https://www. ... oval:org.secpod.oval:def:1801758 In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the NFS dissector could crash. This was addressed in epan/dissectors/packet-nfs.c by preventing excessive recursion, such as for a cycle in the directory graph on a filesystem. oval:org.secpod.oval:def:118630 Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful features including a rich ... oval:org.secpod.oval:def:40807 The host is installed with Wireshark before 1.2.2 and is prone to an integer overflow vulnerability. A flaw is present in the SMB dissector, which fails to properly handle a crafted erf file. Successful exploitation allows remote attackers to execute arbitrary code or cause a denial of service (appl ... oval:org.secpod.oval:def:43222 The host is installed with Wireshark 2.4.0 to 2.4.2 or 2.2.0 to 2.2.10 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the NetBIOS dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:43368 The host is installed with Wireshark 2.2.x through 2.2.11 and is prone to a null pointer dereference vulnerability. A flaw is present in the application, which fails to properly validate an IPv4 address. Successful exploitation could allow remote attackers to produce unknown impact. oval:org.secpod.oval:def:43367 The host is installed with Wireshark 2.2.x through 2.2.11 and is prone to a null pointer dereference vulnerability. A flaw is present in the application, which fails to properly validate an IPv4 address. Successful exploitation could allow remote attackers to produce unknown impact. oval:org.secpod.oval:def:43556 The host is installed with Wireshark 2.4.0 to 2.4.3 or 2.2.0 to 2.2.11 and is prone to multiple denial of service vulnerabilities. The flaws are present in the application, which fails to properly handle the JSON, XML, NTP, XMPP, and GDB dissector issues. Successful exploitation allows attackers to ... oval:org.secpod.oval:def:1800315 CVE-2017-17997: MRDISC dissector crash Affected versions: 2.2.0 to 2.2.11Fixed versions: 2.2.12 oval:org.secpod.oval:def:603254 It was discovered that wireshark, a network protocol analyzer, contained several vulnerabilities in the dissectors/file parsers for IxVeriWave, WCP, JSON, XML, NTP, XMPP and GDB, which could result in denial of dervice or the execution of arbitrary code. oval:org.secpod.oval:def:53240 It was discovered that wireshark, a network protocol analyzer, contained several vulnerabilities in the dissectors/file parsers for IxVeriWave, WCP, JSON, XML, NTP, XMPP and GDB, which could result in denial of dervice or the execution of arbitrary code. oval:org.secpod.oval:def:43557 The host is installed with Wireshark 2.4.0 to 2.4.3 or 2.2.0 to 2.2.11 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the WCP dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:43558 The host is installed with Wireshark 2.4.0 to 2.4.3 or 2.2.0 to 2.2.11 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle exceptional conditions. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44422 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the SIGCOMP dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44399 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the SIGCOMP dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44400 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the IPMI dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44423 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the IPMI dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44401 The host is installed with Wireshark 2.4.0 to 2.4.4 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the DOCSIS protocol dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44424 The host is installed with Wireshark 2.4.0 to 2.4.4 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the DOCSIS protocol dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44402 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the FCP protocol dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44425 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the FCP protocol dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44403 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the IEEE 802.11 dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44426 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the IEEE 802.11 dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44404 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the UMTS MAC dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44427 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the UMTS MAC dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44405 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-rpcrdma.c issue. Successful exploitation allows attackers to cause an application cr ... oval:org.secpod.oval:def:44428 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-rpcrdma.c issue. Successful exploitation allows attackers to cause an application cr ... oval:org.secpod.oval:def:44406 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-reload.c issue. Successful exploitation allows attackers to cause an application cra ... oval:org.secpod.oval:def:44429 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-reload.c issue. Successful exploitation allows attackers to cause an application cra ... oval:org.secpod.oval:def:44407 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-ber.c issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44430 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-ber.c issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44408 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-thread.c issue. Successful exploitation allows attackers to cause an application cra ... oval:org.secpod.oval:def:44431 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-thread.c issue. Successful exploitation allows attackers to cause an application cra ... oval:org.secpod.oval:def:44409 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-s7comm.c issue. Successful exploitation allows attackers to cause an application cra ... oval:org.secpod.oval:def:44432 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-s7comm.c issue. Successful exploitation allows attackers to cause an application cra ... oval:org.secpod.oval:def:44410 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-usb.c issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44433 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-usb.c issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44411 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-openflow_v6.c issue. Successful exploitation allows attackers to cause an applicatio ... oval:org.secpod.oval:def:44434 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-openflow_v6.c issue. Successful exploitation allows attackers to cause an applicatio ... oval:org.secpod.oval:def:44412 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-lltd.c issue. Successful exploitation allows attackers to cause an application crash ... oval:org.secpod.oval:def:44435 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-lltd.c issue. Successful exploitation allows attackers to cause an application crash ... oval:org.secpod.oval:def:44413 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-rpki-rtr.c issue. Successful exploitation allows attackers to cause an application c ... oval:org.secpod.oval:def:44436 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-rpki-rtr.c issue. Successful exploitation allows attackers to cause an application c ... oval:org.secpod.oval:def:44414 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-sccp.c issue. Successful exploitation allows attackers to cause an application crash ... oval:org.secpod.oval:def:44437 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-sccp.c issue. Successful exploitation allows attackers to cause an application crash ... oval:org.secpod.oval:def:44415 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-wccp.c issue. Successful exploitation allows attackers to cause an application crash ... oval:org.secpod.oval:def:44438 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-wccp.c issue. Successful exploitation allows attackers to cause an application crash ... oval:org.secpod.oval:def:44416 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-dcm.c issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44439 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-dcm.c issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44417 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-thrift.c issue. Successful exploitation allows attackers to cause an application cra ... oval:org.secpod.oval:def:44440 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-thrift.c issue. Successful exploitation allows attackers to cause an application cra ... oval:org.secpod.oval:def:44418 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the SIGCOMP dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44441 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the SIGCOMP dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44419 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the DMP dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44442 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the DMP dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44420 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the pcapng file parser issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44443 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the pcapng file parser issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44421 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the NBAP dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44444 The host is installed with Wireshark 2.4.0 to 2.4.4 or 2.2.0 to 2.2.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the NBAP dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44869 The host is installed with Wireshark 2.4.0 to 2.4.5 or 2.2.0 to 2.2.13 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the LWAPP dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44888 The host is installed with Wireshark 2.4.0 to 2.4.5 or 2.2.0 to 2.2.13 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the LWAPP dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44870 The host is installed with Wireshark 2.4.0 to 2.4.5 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the CQL dissector issue. Successful exploitation allows attackers to cause an application to go into infinite loop. oval:org.secpod.oval:def:44889 The host is installed with Wireshark 2.4.0 to 2.4.5 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the CQL dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44871 The host is installed with Wireshark 2.4.0 to 2.4.5 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the TCP dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44890 The host is installed with Wireshark 2.4.0 to 2.4.5 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the TCP dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44872 The host is installed with Wireshark 2.4.0 to 2.4.5 or 2.2.0 to 2.2.13 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the MP4 dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44891 The host is installed with Wireshark 2.4.0 to 2.4.5 or 2.2.0 to 2.2.13 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the MP4 dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44873 The host is installed with Wireshark 2.4.0 to 2.4.5 or 2.2.0 to 2.2.13 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the IEEE 802.15.4 dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44892 The host is installed with Wireshark 2.4.0 to 2.4.5 or 2.2.0 to 2.2.13 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the IEEE 802.15.4 dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44874 The host is installed with Wireshark 2.4.0 to 2.4.5 or 2.2.0 to 2.2.13 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the NBAP dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44893 The host is installed with Wireshark 2.4.0 to 2.4.5 or 2.2.0 to 2.2.13 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the NBAP dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44875 The host is installed with Wireshark 2.4.0 to 2.4.5 or 2.2.0 to 2.2.13 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the VLAN dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44894 The host is installed with Wireshark 2.4.0 to 2.4.5 or 2.2.0 to 2.2.13 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the VLAN dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44876 The host is installed with Wireshark 2.4.0 to 2.4.5 or 2.2.0 to 2.2.13 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the Kerberos dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44895 The host is installed with Wireshark 2.4.0 to 2.4.5 or 2.2.0 to 2.2.13 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the Kerberos dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44877 The host is installed with Wireshark 2.4.0 to 2.4.5 or 2.2.0 to 2.2.13 and is prone to heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle the ADB dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44896 The host is installed with Wireshark 2.4.0 to 2.4.5 or 2.2.0 to 2.2.13 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the ADB dissector issue. Successful exploitation allows attackers to cause an application crash with a heap-bas ... oval:org.secpod.oval:def:44878 The host is installed with Wireshark 2.4.0 to 2.4.5 or 2.2.0 to 2.2.13 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-tn3270.c issue. Successful exploitation allows attackers to cause a memory leak. oval:org.secpod.oval:def:44897 The host is installed with Wireshark 2.4.0 to 2.4.5 or 2.2.0 to 2.2.13 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-tn3270.c issue. Successful exploitation allows attackers to cause a memory leak. oval:org.secpod.oval:def:44879 The host is installed with Wireshark 2.4.0 to 2.4.5 or 2.2.0 to 2.2.13 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-isup.c issue. Successful exploitation allows attackers to cause a memory leak. oval:org.secpod.oval:def:44898 The host is installed with Wireshark 2.4.0 to 2.4.5 or 2.2.0 to 2.2.13 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-isup.c issue. Successful exploitation allows attackers to cause a memory leak. oval:org.secpod.oval:def:44880 The host is installed with Wireshark 2.4.0 to 2.4.5 or 2.2.0 to 2.2.13 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-lapd.c issue. Successful exploitation allows attackers to cause a memory leak. oval:org.secpod.oval:def:44899 The host is installed with Wireshark 2.4.0 to 2.4.5 or 2.2.0 to 2.2.13 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-lapd.c issue. Successful exploitation allows attackers to cause a memory leak. oval:org.secpod.oval:def:44881 The host is installed with Wireshark 2.4.0 to 2.4.5 or 2.2.0 to 2.2.13 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-smb2.c issue. Successful exploitation allows attackers to cause a memory leak. oval:org.secpod.oval:def:44900 The host is installed with Wireshark 2.4.0 to 2.4.5 or 2.2.0 to 2.2.13 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-smb2.c issue. Successful exploitation allows attackers to cause a memory leak. oval:org.secpod.oval:def:44882 The host is installed with Wireshark 2.4.0 to 2.4.5 or 2.2.0 to 2.2.13 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-giop.c issue. Successful exploitation allows attackers to cause a memory leak. oval:org.secpod.oval:def:44901 The host is installed with Wireshark 2.4.0 to 2.4.5 or 2.2.0 to 2.2.13 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-giop.c issue. Successful exploitation allows attackers to cause a memory leak. oval:org.secpod.oval:def:44883 The host is installed with Wireshark 2.4.0 to 2.4.5 or 2.2.0 to 2.2.13 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the epan/oids.c issue. Successful exploitation allows attackers to cause a memory leak. oval:org.secpod.oval:def:44902 The host is installed with Wireshark 2.4.0 to 2.4.5 or 2.2.0 to 2.2.13 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the epan/oids.c issue. Successful exploitation allows attackers to cause a memory leak. oval:org.secpod.oval:def:44884 The host is installed with Wireshark 2.4.0 to 2.4.5 or 2.2.0 to 2.2.13 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-multipart.c issue. Successful exploitation allows attackers to cause a memory leak ... oval:org.secpod.oval:def:44903 The host is installed with Wireshark 2.4.0 to 2.4.5 or 2.2.0 to 2.2.13 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-multipart.c issue. Successful exploitation allows attackers to cause a memory leak ... oval:org.secpod.oval:def:44885 The host is installed with Wireshark 2.4.0 to 2.4.5 or 2.2.0 to 2.2.13 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-h223.c issue. Successful exploitation allows attackers to cause a memory leak. oval:org.secpod.oval:def:44904 The host is installed with Wireshark 2.4.0 to 2.4.5 or 2.2.0 to 2.2.13 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-h223.c issue. Successful exploitation allows attackers to cause a memory leak. oval:org.secpod.oval:def:44886 The host is installed with Wireshark 2.4.0 to 2.4.5 or 2.2.0 to 2.2.13 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-pcp.c issue. Successful exploitation allows attackers to cause a memory leak. oval:org.secpod.oval:def:44905 The host is installed with Wireshark 2.4.0 to 2.4.5 or 2.2.0 to 2.2.13 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-pcp.c issue. Successful exploitation allows attackers to cause a memory leak. oval:org.secpod.oval:def:44887 The host is installed with Wireshark 2.4.0 to 2.4.5 or 2.2.0 to 2.2.13 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the ui/failure_message.c issue. Successful exploitation allows attackers to cause a memory leak. oval:org.secpod.oval:def:44906 The host is installed with Wireshark 2.4.0 to 2.4.5 or 2.2.0 to 2.2.13 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle the ui/failure_message.c issue. Successful exploitation allows attackers to cause a memory leak. oval:org.secpod.oval:def:45711 The host is installed with Wireshark 2.6.0, 2.4.0 to 2.4.6 or 2.2.0 to 2.2.14 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the LWAPP dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:45725 The host is installed with Wireshark 2.6.0, 2.4.0 to 2.4.6 or 2.2.0 to 2.2.14 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the LWAPP dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:45712 The host is installed with Wireshark 2.6.0 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the IEEE 802.11 protocol dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:45726 The host is installed with Wireshark 2.6.0 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the IEEE 802.11 protocol dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:45713 The host is installed with Wireshark 2.6.0, 2.4.0 to 2.4.6 or 2.2.0 to 2.2.14 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the GSM A DTAP dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:45727 The host is installed with Wireshark 2.6.0, 2.4.0 to 2.4.6 or 2.2.0 to 2.2.14 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the GSM A DTAP dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:45714 The host is installed with Wireshark 2.6.0, 2.4.0 to 2.4.6 or 2.2.0 to 2.2.14 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the RRC dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:45728 The host is installed with Wireshark 2.6.0, 2.4.0 to 2.4.6 or 2.2.0 to 2.2.14 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the RRC dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:45715 The host is installed with Wireshark 2.6.0, 2.4.0 to 2.4.6 or 2.2.0 to 2.2.14 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the Q.931 dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:53343 It was discovered that Wireshark, a network protocol analyzer, contained several vulnerabilities in the dissectors for PCP, ADB, NBAP, UMTS MAC, IEEE 802.11, SIGCOMP, LDSS, GSM A DTAP and Q.931, which result in denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:45729 The host is installed with Wireshark 2.6.0, 2.4.0 to 2.4.6 or 2.2.0 to 2.2.14 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the Q.931 dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:603417 It was discovered that Wireshark, a network protocol analyzer, contained several vulnerabilities in the dissectors for PCP, ADB, NBAP, UMTS MAC, IEEE 802.11, SIGCOMP, LDSS, GSM A DTAP and Q.931, which result in denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:45716 The host is installed with Wireshark 2.6.0, 2.4.0 to 2.4.6 or 2.2.0 to 2.2.14 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the LTP dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:45730 The host is installed with Wireshark 2.6.0, 2.4.0 to 2.4.6 or 2.2.0 to 2.2.14 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the LTP dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:45717 The host is installed with Wireshark 2.6.0, 2.4.0 to 2.4.6 or 2.2.0 to 2.2.14 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the DNS dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:45731 The host is installed with Wireshark 2.6.0, 2.4.0 to 2.4.6 or 2.2.0 to 2.2.14 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the DNS dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:89049705 This update for wireshark fixes vulnerabilities that could be used to trigger dissector crashes or cause dissectors to go into large infinite loops by making Wireshark read specially crafted packages from the network or capture files . This includes: - CVE-2018-11356: DNS dissector crash - CVE-2018- ... oval:org.secpod.oval:def:45718 The host is installed with Wireshark 2.6.0 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the RTCP dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:45732 The host is installed with Wireshark 2.6.0 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the RTCP dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:45719 The host is installed with Wireshark 2.6.0 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the IEEE 1905.1a dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:114580 Metapackage with installs wireshark-cli and wireshark-qt. oval:org.secpod.oval:def:45733 The host is installed with Wireshark 2.6.0, 2.4.0 to 2.4.6 or 2.2.0 to 2.2.14 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the IEEE 1905.1a dissector issue. Successful exploitation allows attackers to cause an application crash ... oval:org.secpod.oval:def:114200 Metapackage with installs wireshark-cli and wireshark-qt. oval:org.secpod.oval:def:46074 The host is installed with Wireshark 2.4.0 to 2.4.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the netmonrec_comment_destroy function issue. Successful exploitation allows attackers to cause a denial of service or possibly ... oval:org.secpod.oval:def:114876 Metapackage with installs wireshark-cli and wireshark-qt. oval:org.secpod.oval:def:46081 The host is installed with Wireshark 2.4.0 to 2.4.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the netmonrec_comment_destroy function issue. Successful exploitation allows attackers to cause a denial of service or possibly ... oval:org.secpod.oval:def:114600 Metapackage with installs wireshark-cli and wireshark-qt. oval:org.secpod.oval:def:46722 The host is installed with Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7 or 2.2.0 to 2.2.15 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the MMSE dissector issue. Successful exploitation allows attackers to cause an application cr ... oval:org.secpod.oval:def:46733 The host is installed with Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7 or 2.2.0 to 2.2.15 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the MMSE dissector issue. Successful exploitation allows attackers to cause an application cr ... oval:org.secpod.oval:def:89049773 This update for wireshark fixes the following issues: Security issues fixed: - CVE-2018-14342: BGP dissector large loop - CVE-2018-14344: ISMP dissector crash - CVE-2018-14340: Multiple dissectors could crash - CVE-2018-14343: ASN.1 BER dissector crash - CVE-2018-14339: MMSE dissector infinite l ... oval:org.secpod.oval:def:114871 Metapackage with installs wireshark-cli and wireshark-qt. oval:org.secpod.oval:def:46723 The host is installed with Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7 or 2.2.0 to 2.2.15 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the issues in dissectors that support zlib decompression. Successful exploitation allows atta ... oval:org.secpod.oval:def:46734 The host is installed with Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7 or 2.2.0 to 2.2.15 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the issues in dissectors that support zlib decompression. Successful exploitation allows atta ... oval:org.secpod.oval:def:46724 The host is installed with Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7 or 2.2.0 to 2.2.15 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the DICOM dissector issue. Successful exploitation allows attackers to cause an application c ... oval:org.secpod.oval:def:46735 The host is installed with Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7 or 2.2.0 to 2.2.15 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the DICOM dissector issue. Successful exploitation allows attackers to cause an application c ... oval:org.secpod.oval:def:46725 The host is installed with Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7 or 2.2.0 to 2.2.15 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the BGP protocol dissector issue. Successful exploitation allows attackers to cause an applic ... oval:org.secpod.oval:def:46736 The host is installed with Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7 or 2.2.0 to 2.2.15 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the BGP protocol dissector issue. Successful exploitation allows attackers to cause an applic ... oval:org.secpod.oval:def:46726 The host is installed with Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7 or 2.2.0 to 2.2.15 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the ASN.1 BER dissector issue. Successful exploitation allows attackers to cause an applicati ... oval:org.secpod.oval:def:46737 The host is installed with Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7 or 2.2.0 to 2.2.15 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the ASN.1 BER dissector issue. Successful exploitation allows attackers to cause an applicati ... oval:org.secpod.oval:def:46727 The host is installed with Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7 or 2.2.0 to 2.2.15 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the ISMP dissector issue. Successful exploitation allows attackers to cause an application cr ... oval:org.secpod.oval:def:46738 The host is installed with Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7 or 2.2.0 to 2.2.15 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the ISMP dissector issue. Successful exploitation allows attackers to cause an application cr ... oval:org.secpod.oval:def:46728 The host is installed with Wireshark 2.6.0 to 2.6.1 or 2.4.0 to 2.4.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the CoAP protocol dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:46739 The host is installed with Wireshark 2.6.0 to 2.6.1 or 2.4.0 to 2.4.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the CoAP protocol dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:46729 The host is installed with Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7 or 2.2.0 to 2.2.15 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the Bazaar protocol dissector issue. Successful exploitation allows attackers to cause an app ... oval:org.secpod.oval:def:46740 The host is installed with Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7 or 2.2.0 to 2.2.15 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the Bazaar protocol dissector issue. Successful exploitation allows attackers to cause an app ... oval:org.secpod.oval:def:46730 The host is installed with Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7 or 2.2.0 to 2.2.15 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the HTTP2 dissector issue. Successful exploitation allows attackers to cause an application c ... oval:org.secpod.oval:def:46741 The host is installed with Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7 or 2.2.0 to 2.2.15 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the HTTP2 dissector issue. Successful exploitation allows attackers to cause an application c ... oval:org.secpod.oval:def:46731 The host is installed with Wireshark 2.6.0 to 2.6.1 or 2.4.0 to 2.4.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the IEEE 802.11 protocol dissector issue. Successful exploitation allows attackers to cause an application cra ... oval:org.secpod.oval:def:46742 The host is installed with Wireshark 2.6.0 to 2.6.1 or 2.4.0 to 2.4.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the IEEE 802.11 protocol dissector issue. Successful exploitation allows attackers to cause an application cra ... oval:org.secpod.oval:def:46732 The host is installed with Wireshark through 2.6.2 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle the create_app_running_mutex function issue. Successful exploitation allows attackers to arbitrarily modify access control. oval:org.secpod.oval:def:46743 The host is installed with Wireshark through 2.6.2 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle the create_app_running_mutex function issue. Successful exploitation allows attackers to arbitrarily modify access control. oval:org.secpod.oval:def:47271 The host is installed with Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8 or 2.2.0 to 2.2.16 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the bluetooth AVDTP dissector issue. Successful exploitation allows attackers to cause an app ... oval:org.secpod.oval:def:47274 The host is installed with Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8 or 2.2.0 to 2.2.16 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the Bluetooth AVDTP dissector issue. Successful exploitation allows attackers to cause an app ... oval:org.secpod.oval:def:47272 The host is installed with Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8 or 2.2.0 to 2.2.16 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the radiotap dissector issue. Successful exploitation allows attackers to cause an applicatio ... oval:org.secpod.oval:def:47275 The host is installed with Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8 or 2.2.0 to 2.2.16 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the Radiotap dissector issue. Successful exploitation allows attackers to cause an applicatio ... oval:org.secpod.oval:def:603543 Multiple vulnerabilities have been discovered in Wireshark, a network protocol analyzer which could result in denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:115494 Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful features including a rich ... oval:org.secpod.oval:def:89049736 This update for wireshark to version 2.4.9 fixes the following issues: Security issues fixed : - CVE-2018-16058: Bluetooth AVDTP dissector crash - CVE-2018-16056: Bluetooth Attribute Protocol dissector crash - CVE-2018-16057: Radiotap dissector crash Further bug fixes and updated protocol support ... oval:org.secpod.oval:def:53437 Multiple vulnerabilities have been discovered in Wireshark, a network protocol analyzer which could result in denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:115567 Metapackage with installs wireshark-cli and wireshark-qt. oval:org.secpod.oval:def:47273 The host is installed with Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8 or 2.2.0 to 2.2.16 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the bluetooth attribute protocol dissector issue. Successful exploitation allows attackers to ... oval:org.secpod.oval:def:47276 The host is installed with Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8 or 2.2.0 to 2.2.16 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the Bluetooth Attribute Protocol dissector issue. Successful exploitation allows attackers to ... oval:org.secpod.oval:def:47994 The host is installed with Wireshark 2.6.0 to 2.6.3 or 2.4.0 to 2.4.9 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle the OpcUa dissector issue. Successful exploitation allows attackers to trigger a stack overflow with carefully s ... oval:org.secpod.oval:def:48000 The host is installed with Wireshark 2.6.0 to 2.6.3 or 2.4.0 to 2.4.9 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle the OpcUa dissector issue. Successful exploitation allows attackers to trigger a stack overflow with carefully s ... oval:org.secpod.oval:def:47995 The host is installed with Wireshark 2.6.0 to 2.6.3 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the CoAP dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:48001 The host is installed with Wireshark 2.6.0 to 2.6.3 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the CoAP dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:47996 The host is installed with Wireshark 2.6.0 to 2.6.3 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the steam IHS discovery dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:48002 The host is installed with Wireshark 2.6.0 to 2.6.3 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the steam IHS discovery dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:115803 Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful features including a rich ... oval:org.secpod.oval:def:50170 The host is installed with Wireshark 2.6.0 to 2.6.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle an issue in epan/dissectors/packet-enip.c file. Successful exploitation allows attackers to crash the 6LoWPAN dissector. oval:org.secpod.oval:def:50188 The host is installed with Wireshark 2.6.0 to 2.6.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle an issue in epan/dissectors/packet-enip.c file. Successful exploitation allows attackers to crash the 6LoWPAN dissector. oval:org.secpod.oval:def:50171 The host is installed with Wireshark 2.6.0 to 2.6.5 or 2.4.0 to 2.4.11 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the invalid sequence number of zero in epan/dissectors/packet-p_mul.c. Successful exploitation allows attacke ... oval:org.secpod.oval:def:50189 The host is installed with Wireshark 2.6.0 to 2.6.5 or 2.4.0 to 2.4.11 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the invalid sequence number of zero in epan/dissectors/packet-p_mul.c. Successful exploitation allows attacke ... oval:org.secpod.oval:def:50172 The host is installed with Wireshark 2.6.0 to 2.6.5 or 2.4.0 to 2.4.11 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle issues in epan/charsets.c file. Successful exploitation allows attackers to crash the RTSE dissector. oval:org.secpod.oval:def:50190 The host is installed with Wireshark 2.6.0 to 2.6.5 or 2.4.0 to 2.4.11 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle issues in epan/charsets.c file. Successful exploitation allows attackers to crash the RTSE dissector. oval:org.secpod.oval:def:50173 The host is installed with Wireshark 2.6.0 to 2.6.5 or 2.4.0 to 2.4.11 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the case of a missing decryption data block in epan/dissectors/packet-isakmp.c file. Successful exploitation ... oval:org.secpod.oval:def:50191 The host is installed with Wireshark 2.6.0 to 2.6.5 or 2.4.0 to 2.4.11 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the case of a missing decryption data block in epan/dissectors/packet-isakmp.c file. Successful exploitation ... oval:org.secpod.oval:def:50174 The host is installed with Wireshark 2.4.0 to 2.4.11 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the issues in epan/dissectors/packet-enip.c file. Successful exploitation allows attackers to crash the ENIP dissector. oval:org.secpod.oval:def:50192 The host is installed with Wireshark 2.4.0 to 2.4.11 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the issues in epan/dissectors/packet-enip.c file. Successful exploitation allows attackers to crash the ENIP dissector. oval:org.secpod.oval:def:5177 The host is installed with Wireshark 1.4.x before 1.4.12 or 1.6.x before 1.6.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle epan/dissectors/packet-ansi_a.c in the ANSI A dissector. Successful exploitation could allow remote attackers to ... oval:org.secpod.oval:def:5187 The host is installed with Wireshark 1.4.x before 1.4.12 or 1.6.x before 1.6.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle epan/dissectors/packet-ansi_a.c in the ANSI A dissector. Successful exploitation could allow remote attackers to ... oval:org.secpod.oval:def:5178 The host is installed with Wireshark 1.6.x before 1.6.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector. Successful exploitation could allow remote attackers to cause denial o ... oval:org.secpod.oval:def:5188 The host is installed with Wireshark 1.6.x before 1.6.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector. Successful exploitation could allow remote attackers to cause denial o ... oval:org.secpod.oval:def:5180 The host is installed with Wireshark 1.4.x before 1.4.12 or 1.6.x before 1.6.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the mp2t_process_fragmented_payload function in epan/dissectors/packet-mp2t.c in the MP2T dissector. Successful ... oval:org.secpod.oval:def:5190 The host is installed with Wireshark 1.4.x before 1.4.12 or 1.6.x before 1.6.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the mp2t_process_fragmented_payload function in epan/dissectors/packet-mp2t.c in the MP2T dissector. Successful ... oval:org.secpod.oval:def:54379 The host is installed with Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7 or 3.0.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle an issue in epan/dissectors/packet-gssapi.c file. Successful exploitation allows attackers to crash th ... oval:org.secpod.oval:def:54381 The host is installed with Wireshark 2.6.0 to 2.6.7, 2.4.0 to 2.4.13 or 3.0.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the invalid sequence number of zero in wiretap/netscaler.c. Successful exploitation allows attackers t ... oval:org.secpod.oval:def:54382 The host is installed with Wireshark 2.6.0 to 2.6.7, 2.4.0 to 2.4.13 or 3.0.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle issues in epan/dissectors/packet-dof.c file. Successful exploitation allows attackers to crash the DOF ... oval:org.secpod.oval:def:54383 The host is installed with Wireshark 3.0.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle issues in epan/dissectors/packet-ieee80211.c file. Successful exploitation allows attackers to crash the IEEE 802.11 dissector. oval:org.secpod.oval:def:54384 The host is installed with Wireshark 3.0.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the issues in epan/dissectors/packet-gsm_gsup.c file. Successful exploitation allows attackers to crash the GSUP dissector. oval:org.secpod.oval:def:54385 The host is installed with Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7 or 3.0.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the issues in epan/dissectors/packet-srvloc.c file. Successful exploitation allows attackers to crash ... oval:org.secpod.oval:def:54386 The host is installed with Wireshark 3.0.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the issues in epan/dissectors/file-rbm.r file. Successful exploitation allows attackers to crash the ENIP dissector. oval:org.secpod.oval:def:2005303 In Wireshark 3.0.0, the TSDNS dissector could crash. This was addressed in epan/dissectors/packet-tsdns.c by splitting strings safely. oval:org.secpod.oval:def:54387 The host is installed with Wireshark 3.0.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the issues in epan/dissectors/packet-tsdns.c file. Successful exploitation allows attackers to crash the TSDNS dissector. oval:org.secpod.oval:def:54388 The host is installed with Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7 or 3.0.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the issues in epan/dissectors/packet-ldss.c file. Successful exploitation allows attackers to crash t ... oval:org.secpod.oval:def:54389 The host is installed with Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7 or 3.0.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the issues in DCERPC SPOOLSS dissector file. Successful exploitation allows attackers to crash the ENI ... oval:org.secpod.oval:def:55044 The host is installed with Wireshark 2.4.0 to 2.4.14, 2.6.0 to 2.6.8 or 3.0.0 to 3.0.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle an issue in epan/packet.c file. Successful exploitation allows attackers to crash the dissect ... oval:org.secpod.oval:def:58640 The host is installed with Wireshark 2.6.0 to 2.6.10 or 3.0.0 to 3.0.3 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle an issue in plugins/epan/gryphon/packet-gryphon.c file. Successful exploitation allows attackers to crash the ... oval:org.secpod.oval:def:58641 The host is installed with Wireshark 2.6.0 to 2.6.10 or 3.0.0 to 3.0.3 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle an issue in plugins/epan/gryphon/packet-gryphon.c file. Successful exploitation allows attackers to crash the ... oval:org.secpod.oval:def:2005305 In Wireshark 3.0.0 to 3.0.3 and 2.6.0 to 2.6.10, the Gryphon dissector could go into an infinite loop. This was addressed in plugins/epan/gryphon/packet-gryphon.c by checking for a message length of zero. oval:org.secpod.oval:def:60890 The host is missing a security update according to Wireshark Advisory. The update is required to fix a denial-of-service vulnerability. A flaw is present in the application, which fails to properly handle issues in epan/dissectors/packet-btatt.c file. Successful exploitation allows attackers to cras ... oval:org.secpod.oval:def:60892 The host is installed with Wireshark 3.0.x before 3.0.8 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle issues in epan/dissectors/packet-btatt.c file. Successful exploitation allows attackers to crash the bluetooth attribute dis ... oval:org.secpod.oval:def:2004209 In Wireshark 3.0.x before 3.0.8, the BT ATT dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by validating opcodes. oval:org.secpod.oval:def:2004212 In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory. This was addressed in epan/dissectors/packet-lte-rrc.c by adjusting certain append operations. oval:org.secpod.oval:def:2004213 In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax DLMAP dissector could crash. This was addressed in plugins/epan/wimax/msg_dlmap.c by validating a length field. oval:org.secpod.oval:def:2004207 In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissector could crash. This was addressed in epan/dissectors/packet-eap.c by using more careful sscanf parsing. oval:org.secpod.oval:def:62430 The host is installed with Wireshark 2.6.0 before 2.6.16, 3.0.0 before 3.0.10 or 3.2.0 before 3.2.3 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet. Successful exploitation allows attackers to make Wireshark c ... oval:org.secpod.oval:def:62431 The host is missing a security update according to Wireshark Advisory. The update is required to fix a denial-of-service vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet. Successful exploitation allows attackers to make Wireshark crash. oval:org.secpod.oval:def:2004208 In Wireshark 3.2.0 to 3.2.2, 3.0.0 to 3.0.9, and 2.6.0 to 2.6.15, the BACapp dissector could crash. This was addressed in epan/dissectors/packet-bacapp.c by limiting the amount of recursion. oval:org.secpod.oval:def:6298 The host is installed with Wireshark 1.4.x before 1.4.13 or 1.6.x before 1.6.8 and is prone to multiple integer underflow vulnerabilities. The flaws are present in the application, which fails to handle vectors related to the R3 dissector. Successful exploitation allows remote attackers to cause a d ... oval:org.secpod.oval:def:6294 The host is installed with Wireshark 1.4.x before 1.4.13 or 1.6.x before 1.6.8 and is prone to multiple integer underflow vulnerabilities. The flaws are present in the application, which fails to handle vectors related to the R3 dissector. Successful exploitation allows remote attackers to cause a d ... oval:org.secpod.oval:def:6296 The host is installed with Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly construct certain array data structures. Successful exploitation allows remote attackers to cause application ... oval:org.secpod.oval:def:6300 The host is installed with Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly construct certain array data structures. Successful exploitation allows remote attackers to cause application ... oval:org.secpod.oval:def:2004204 In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the NFS dissector could crash. This was addressed in epan/dissectors/packet-nfs.c by preventing excessive recursion, such as for a cycle in the directory graph on a filesystem. oval:org.secpod.oval:def:2004211 In Wireshark 3.2.0 to 3.2.4, the GVCP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-gvcp.c by ensuring that an offset increases in all situations. oval:org.secpod.oval:def:6419 The host is installed with Wireshark 1.4.x before 1.4.14 or 1.6.x before 1.6.9 or 1.8.x before 1.8.1 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the PPP dissector. Successful exploitation allows remote attackers to cause a denial of se ... oval:org.secpod.oval:def:6417 The host is installed with Wireshark 1.4.x before 1.4.14 or 1.6.x before 1.6.9 or 1.8.x before 1.8.1 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the PPP dissector. Successful exploitation allows remote attackers to cause a denial of se ... oval:org.secpod.oval:def:6420 The host is installed with Wireshark 1.4.x before 1.4.14 or 1.6.x before 1.6.9 or 1.8.x before 1.8.1 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the epan/dissectors/packet-nfs.c in the NFS dissector. Successful exploitation allows remo ... oval:org.secpod.oval:def:6418 The host is installed with Wireshark 1.4.x before 1.4.14 or 1.6.x before 1.6.9 or 1.8.x before 1.8.1 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the epan/dissectors/packet-nfs.c in the NFS dissector. Successful exploitation allows remo ... oval:org.secpod.oval:def:708473 wireshark: network traffic analyzer - meta-package Several security issues were fixed in Wireshark. oval:org.secpod.oval:def:2004210 In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash. This was addressed in epan/dissectors/packet-kafka.c by avoiding a double free during LZ4 decompression. oval:org.secpod.oval:def:65728 The host is installed with Wireshark 2.6.0 to 2.6.19, 3.0.0 to 3.0.13 or 3.2.0 to 3.2.6 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle an issue in malformed packet trace file. Successful exploitation allows attackers to crash t ... oval:org.secpod.oval:def:65729 The host is missing a security update according to Wireshark Advisory. The update is required to fix a denial-of-service vulnerability. A flaw is present in the application, which fails to properly handle an issue in malformed packet trace file. Successful exploitation allows attackers to crash the ... oval:org.secpod.oval:def:2004205 This CVE is missing description oval:org.secpod.oval:def:65730 The host is installed with Wireshark 2.6.0 to 2.6.19, 3.0.0 to 3.0.13 or 3.2.0 to 3.2.6 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle an issue in malformed packet trace file. Successful exploitation allows attackers to crash t ... oval:org.secpod.oval:def:65731 The host is missing a security update according to Wireshark Advisory. The update is required to fix a denial-of-service vulnerability. A flaw is present in the application, which fails to properly handle an issue in malformed packet trace file. Successful exploitation allows attackers to crash the ... oval:org.secpod.oval:def:2004206 This CVE is missing description oval:org.secpod.oval:def:65732 The host is installed with Wireshark 3.0.0 to 3.0.13 or 3.2.0 to 3.2.6 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle an issue in malformed packet trace file. Successful exploitation allows attackers to crash the BLIP dissector ... oval:org.secpod.oval:def:65733 The host is missing a security update according to Wireshark Advisory. The update is required to fix a denial-of-service vulnerability. A flaw is present in the application, which fails to properly handle an issue in malformed packet trace file. Successful exploitation allows attackers to crash the ... oval:org.secpod.oval:def:89047292 This update for wireshark, libvirt, sbc and libqt5-qtmultimedia fixes the following issues: Update wireshark to version 3.4.5 - New and updated support and bug fixes for multiple protocols - Asynchronous DNS resolution is always enabled - Protobuf fields can be dissected as Wireshark fields - UI im ... oval:org.secpod.oval:def:6914 The host is installed with Wireshark 1.8.x before 1.8.2 and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle certain integer fields. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:6777 The host is installed with Wireshark 1.8.x before 1.8.2 and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle certain integer fields. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:6915 The host is installed with Wireshark 1.8.x before 1.8.2 and is prone to array index error vulnerability. A flaw is present in the application, which fails to properly handle certain integer fields. Successful exploitation allows remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:6778 The host is installed with Wireshark 1.8.x before 1.8.2 and is prone to array index error vulnerability. A flaw is present in the application, which fails to properly handle certain integer fields. Successful exploitation allows remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:113958 Metapackage with installs wireshark-cli and wireshark-qt. oval:org.secpod.oval:def:7304 The host is installed with Wireshark 1.8.x before 1.8.3 and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle the dissect_tlv function in epan/dissectors/packet-ldp.c in the LDP dissector. Successful exploitation allows remote attackers t ... oval:org.secpod.oval:def:7305 The host is installed with Wireshark 1.8.x before 1.8.3 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle OUI data structures. Successful exploitation allows remote attackers to cause a denial of service (assertion failure and appli ... oval:org.secpod.oval:def:7306 The host is installed with Wireshark 1.8.x before 1.8.3 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the dissect_hsrp function in epan/dissectors/packet-hsrp.c in the HSRP dissector. Successful exploitation allows remote attack ... oval:org.secpod.oval:def:74006 The host is missing a security update according to Wireshark Advisory. The update is required to fix a denial-of-service vulnerability. A flaw is present in the application, which fails to properly handle the DNP dissector issue.Successful exploitation leads to wireshark crash by injecting a malform ... oval:org.secpod.oval:def:74005 The host is installed with Wireshark 3.4.0 through 3.4.6 or 3.2.0 through 3.2.14 and is prone to a denial-of-service vulnerability. A flaw is present in the application, which fails to properly handle the DNP dissector issue. Successful exploitation leads to wireshark crash by injecting a malformed ... oval:org.secpod.oval:def:89047076 This update for wireshark fixes the following issues: - Update to Wireshark 3.4.7 - CVE-2021-22235: Fixed DNP dissector crash . oval:org.secpod.oval:def:88323 Multiple vulnerabilities have been discovered in Wireshark, a network protocol analyzer which could result in denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:89047272 This update for wireshark fixes the following issues: - Update to Wireshark 3.4.10: - CVE-2021-39920: IPPUSB dissector crash . - CVE-2021-39921: Modbus dissector crash . - CVE-2021-39922: C12.22 dissector crash . - CVE-2021-39924: Bluetooth DHT dissector large loop . - CVE-2021-39925: Bluetooth SDP ... oval:org.secpod.oval:def:89047394 This update for wireshark fixes the following issues: Update to version 3.6.1: - CVE-2021-4185: RTMPT dissector infinite loop - CVE-2021-4184: BitTorrent DHT dissector infinite loop - CVE-2021-4183: pcapng file parser crash - CVE-2021-4182: RFC 7468 file parser infinite loop - CVE-2021-4181: Sys ... oval:org.secpod.oval:def:89046075 This update for wireshark fixes the following issues: Update to Wireshark 3.6.2: - CVE-2022-0586: RTMPT dissector infinite loop - CVE-2022-0585: Large loops in multiple dissectors - CVE-2022-0583: PVFS dissector crash - CVE-2022-0582: CSN.1 dissector crash - CVE-2022-0581: CMS dissector crash oval:org.secpod.oval:def:89047483 This update for wireshark fixes the following issues: Update to Wireshark 3.6.2: - CVE-2022-0586: RTMPT dissector infinite loop - CVE-2022-0585: Large loops in multiple dissectors - CVE-2022-0583: PVFS dissector crash - CVE-2022-0582: CSN.1 dissector crash - CVE-2022-0581: CMS dissector crash oval:org.secpod.oval:def:8167 The host is installed with Wireshark 1.6.x before 1.6.12 or 1.8.x before 1.8.4 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the dissect_isakmp function in epan/dissectors/packet-isakmp.c in the ISAKMP dissector. Successful exploitation ... oval:org.secpod.oval:def:8168 The host is installed with Wireshark 1.6.x before 1.6.12 or 1.8.x before 1.8.4 and is prone to integer overflow vulnerability. A flaw is present in the application, which fails to handle the dissect_icmpv6 function in epan/dissectors/packet-icmpv6.c in the ICMPv6 dissector. Successful exploitation a ... oval:org.secpod.oval:def:8169 The host is installed with Wireshark 1.8.x before 1.8.4 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the dissect_eigrp_metric_comm function in epan/dissectors/packet-eigrp.c in the EIGRP dissector. Successful exploitation allows remote ... oval:org.secpod.oval:def:8171 The host is installed with Wireshark 1.8.x before 1.8.4 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the epan/dissectors/packet-3g-a11.c in the 3GPP2 A11 dissector. Successful exploitation allows remote attackers to cause a denial of se ... oval:org.secpod.oval:def:8172 The host is installed with Wireshark 1.8.x before 1.8.4 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the dissect_sflow_245_address_type function in epan/dissectors/packet-sflow.c in the sFlow dissector. Successful exploitation allows re ... oval:org.secpod.oval:def:8173 The host is installed with Wireshark 1.6.x before 1.6.12 or 1.8.x before 1.8.4 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the epan/dissectors/packet-usb.c in the USB dissector. Successful exploitation allows remote attackers to cause ... oval:org.secpod.oval:def:8174 The host is installed with Wireshark 1.8.x before 1.8.4 and is prone to information disclosure vulnerability. A flaw is present in the application, which fails to handle the read operation on the pcap-ng files. Successful exploitation allows remote attackers to obtain sensitive hostname information. oval:org.secpod.oval:def:89047617 This update for wireshark fixes the following issues: Updated to Wireshark 3.6.8: - CVE-2022-3190: Fixed F5 Ethernet Trailer dissector infinite loop . - CVE-2021-4186: Fixed Gryphon dissector crash . oval:org.secpod.oval:def:89048038 This update for wireshark fixes the following issues: Update to version 3.6.10: - CVE-2022-3725: OPUS dissector crash . - Multiple dissector infinite loops . - Kafka dissector memory exhaustion . oval:org.secpod.oval:def:124522 Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful features including a rich ... oval:org.secpod.oval:def:9101 The host is installed with Wireshark 1.6.x before 1.6.13 or 1.8.x before 1.8.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a malformed packet. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:9102 The host is installed with Wireshark 1.6.x before 1.6.13 or 1.8.x before 1.8.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a malformed packet. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:9103 The host is installed with Wireshark 1.6.x before 1.6.13 or 1.8.x before 1.8.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a malformed packet. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:9104 The host is installed with Wireshark 1.8.x before 1.8.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle unknown profiles. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:9105 The host is installed with Wireshark 1.6.x before 1.6.13 or 1.8.x before 1.8.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly determine the length of a reassembled packet for the DTLS dissector. Successful exploitation could allow att ... oval:org.secpod.oval:def:9106 The host is installed with Wireshark 1.6.x before 1.6.13 or 1.8.x before 1.8.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly validate certain length values for the MS-MMC dissector. Successful exploitation could allow attackers to cr ... oval:org.secpod.oval:def:9107 The host is installed with Wireshark 1.6.x before 1.6.13 or 1.8.x before 1.8.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which tries to access an inappropriate pointer. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:9108 The host is installed with Wireshark 1.6.x before 1.6.13 or 1.8.x before 1.8.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which tries to access an inappropriate pointer. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:9109 The host is installed with Wireshark 1.6.x before 1.6.13 or 1.8.x before 1.8.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly manage an offset variable. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:9110 The host is installed with Wireshark 1.6.x before 1.6.13 or 1.8.x before 1.8.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle fragment gaps. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:9111 The host is installed with Wireshark 1.6.x before 1.6.13 or 1.8.x before 1.8.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle an incorrect data type for a position variable. Successful exploitation could allow attackers to cras ... oval:org.secpod.oval:def:9112 The host is installed with Wireshark 1.6.x before 1.6.13 or 1.8.x before 1.8.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly implement certain nested loops for processing bitmap data. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:9113 The host is installed with Wireshark 1.6.x before 1.6.13 or 1.8.x before 1.8.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle apparent Ethernet address values at the beginning of MPLS data. Successful exploitation could allow a ... oval:org.secpod.oval:def:9114 The host is installed with Wireshark 1.6.x before 1.6.13 or 1.8.x before 1.8.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle offset data associated with a quoted string. Successful exploitation could allow attackers to crash t ... oval:org.secpod.oval:def:9115 The host is installed with Wireshark 1.6.x before 1.6.13 or 1.8.x before 1.8.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly process crypto-suite parameters. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:9116 The host is installed with Wireshark 1.6.x before 1.6.13 or 1.8.x before 1.8.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a certain alarm length. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:9117 The host is installed with Wireshark 1.6.x before 1.6.13 or 1.8.x before 1.8.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle an incorrect data type for a counter variable. Successful exploitation could allow attackers to crash ... oval:org.secpod.oval:def:9118 The host is installed with Wireshark 1.6.x before 1.6.13 or 1.8.x before 1.8.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a large number of padding bits. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:9119 The host is installed with Wireshark 1.6.x before 1.6.13 or 1.8.x before 1.8.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle certain short lengths. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:9979 The host is installed with Wireshark 1.6.x before 1.6.14 or 1.8.x before 1.8.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to validate the fragment offset before invoking the reassembly state machine. Successful exploitation allows remote attack ... oval:org.secpod.oval:def:9980 The host is installed with Wireshark 1.8.x before 1.8.6 and is prone to denial of service vulnerability. A flaw is present in the application, which uses incorrect integer data types. successful exploitation allows remote attackers to cause a denial of service (infinite loop) via crafted integer val ... oval:org.secpod.oval:def:9981 The host is installed with Wireshark 1.8.x before 1.8.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle crafted integer values in a packet. Successful exploitation allows remote attackers to cause a denial of service (infinite loop). oval:org.secpod.oval:def:9982 The host is installed with Wireshark 1.6.x before 1.6.14 or 1.8.x before 1.8.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a malformed packet. Successful exploitation allows remote attackers to cause the application to crash. oval:org.secpod.oval:def:9983 The host is installed with 1.6.x before 1.6.14 or 1.8.x before 1.8.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a malformed packet. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:9984 The host is installed with Wireshark 1.8.x before 1.8.6 or 1.6.x before 1.6.14 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle an invalid count value in ACN_DMP_ADT_D_RE DMP data. Successful exploitation allows attackers to cause a denial ... oval:org.secpod.oval:def:9985 The host is installed with Wireshark 1.8.x before 1.8.6 or 1.6.x before 1.6.14 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a malformed packet. Successful exploitation allows attackers to cause a denial of service (infinite loop). oval:org.secpod.oval:def:9986 The host is installed with Wireshark 1.8.x before 1.8.6 or 1.6.x before 1.6.14 and is prone to Integer signedness error vulnerability. A flaw is present in the application, which fails to handle a negative length value. Successful exploitation allows attackers to cause a denial of service (applicati ... oval:org.secpod.oval:def:9987 The host is installed with Wireshark 1.8.x before 1.8.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a malformed packet. Successful exploitation allows remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:9988 The host is installed with Wireshark 1.8.x before 1.8.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle invalid Sub-tlv data. Successful exploitation allows attackers to cause denial of service (infinite loop). oval:org.secpod.oval:def:9989 The host is installed with Wireshark 1.8.x before 1.8.6 or 1.6.x before 1.6.14 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly manage string lengths. Successful exploitation allows remote attackers to cause a denial of service (applicati ... oval:org.secpod.oval:def:9990 The host is installed with Wireshark 1.8.x before 1.8.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly manage function pointers. Successful exploitation allows remote attackers to cause a denial of service (application crash) via a malf ... oval:org.secpod.oval:def:9991 The host is installed with Wireshark 1.8.x before 1.8.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a packet with a header that is too short. Successful exploitation allows remote attackers to cause a denial of service (infinite loop). oval:org.secpod.oval:def:9992 The host is installed with Wireshark 1.8.x before 1.8.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a malformed packet. Successful exploitation allows remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:600711 Laurent Butti discovered a buffer underflow in the LANalyzer dissector of the Wireshark network traffic analyzer, which could lead to the execution of arbitrary code This update also addresses several bugs, which can lead to crashes of Wireshark. These are not treated as security issues, but are fi ... oval:org.secpod.oval:def:5179 The host is installed with Wireshark 1.4.x before 1.4.12 or 1.6.x before 1.6.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the pcap_process_pseudo_header function in wiretap/pcap-common.c. Successful exploitation could allow remote att ... oval:org.secpod.oval:def:5176 The host is installed with Wireshark 1.4.x before 1.4.11 or 1.6.x before 1.6.5 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the lanalyzer_read function in wiretap/lanalyzer.c. Successful exploitation could allow remote attackers to caus ... oval:org.secpod.oval:def:5171 The host is installed with Wireshark 1.4.x before 1.4.11 or 1.6.x before 1.6.5 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the dissect_packet function in epan/packet.c file. Successful exploitation could allow remote attackers to cause ... oval:org.secpod.oval:def:5175 The host is installed with Wireshark 1.4.x before 1.4.11 or 1.6.x before 1.6.5 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle wiretap/iptrace.c file. Successful exploitation could allow remote attackers to cause denial of service or appli ... oval:org.secpod.oval:def:5174 The host is installed with Wireshark 1.4.x before 1.4.11 or 1.6.x before 1.6.5 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a long packet in a Accellent 5Views (aka .5vw) file or I4B trace file or NETMON 2 capture file. Successful explo ... oval:org.secpod.oval:def:5173 The host is installed with Wireshark 1.4.x before 1.4.11 or 1.6.x before 1.6.5 and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to handle reassemble_message function in epan/dissectors/packet-rlc.c in the RLC dissector. Successful exploitation could al ... oval:org.secpod.oval:def:5172 The host is installed with Wireshark 1.4.x before 1.4.11 or 1.6.x before 1.6.5 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly perform certain string conversions. Successful exploitation could allow remote attackers to cause denial of se ... oval:org.secpod.oval:def:5189 The host is installed with Wireshark 1.4.x before 1.4.12 or 1.6.x before 1.6.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the pcap_process_pseudo_header function in wiretap/pcap-common.c. Successful exploitation could allow remote att ... oval:org.secpod.oval:def:5182 The host is installed with Wireshark 1.4.x before 1.4.11 or 1.6.x before 1.6.5 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly perform certain string conversions. Successful exploitation could allow remote attackers to cause denial of se ... oval:org.secpod.oval:def:5181 The host is installed with Wireshark 1.4.x before 1.4.11 or 1.6.x before 1.6.5 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the dissect_packet function in epan/packet.c file. Successful exploitation could allow remote attackers to cause ... oval:org.secpod.oval:def:5186 The host is installed with Wireshark 1.4.x before 1.4.11 or 1.6.x before 1.6.5 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the lanalyzer_read function in wiretap/lanalyzer.c. Successful exploitation could allow remote attackers to caus ... oval:org.secpod.oval:def:5185 The host is installed with Wireshark 1.4.x before 1.4.11 or 1.6.x before 1.6.5 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle wiretap/iptrace.c file. Successful exploitation could allow remote attackers to cause denial of service or appli ... oval:org.secpod.oval:def:5184 The host is installed with Wireshark 1.4.x before 1.4.11 or 1.6.x before 1.6.5 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a long packet in a Accellent 5Views (aka .5vw) file or I4B trace file or NETMON 2 capture file. Successful explo ... oval:org.secpod.oval:def:5183 The host is installed with Wireshark 1.4.x before 1.4.11 or 1.6.x before 1.6.5 and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to handle reassemble_message function in epan/dissectors/packet-rlc.c in the RLC dissector. Successful exploitation could al ... oval:org.secpod.oval:def:40840 The host is installed Wireshark 1.2.x before 1.2.17 or 1.4.x before 1.4.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle crafted Diameter dictionary file. Successful exploitation allows remote attackers to cause a denial of ser ... oval:org.secpod.oval:def:40843 The host is installed Wireshark 1.2.x before 1.2.17 or 1.4.x before 1.4.7 and is prone to an integer underflow vulnerability. A flaw is present in the application, which fails to properly handle a malformed Visual Networks file. Successful exploitation allows remote attackers to cause a denial of se ... oval:org.secpod.oval:def:40841 The host is installed Wireshark 1.2.x before 1.2.17 or 1.4.x before 1.4.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle certain virtualizable buffers. Successful exploitation allows remote attackers to cause a denial of servic ... oval:org.secpod.oval:def:600584 Huzaifa Sidhpurwala, David Maciejak and others discovered several vulnerabilities in the X.509if and DICOM dissectors and in the code to process various capture and dictionary files, which could lead to denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:500936 Wireshark, previously known as Ethereal, is a network protocol analyzer. It is used to capture and browse the traffic running on a computer network. A heap-based buffer overflow flaw was found in the way Wireshark handled Endace ERF capture files. If Wireshark opened a specially-crafted ERF capture ... oval:org.secpod.oval:def:2999 The host is installed with Wireshark 1.4.0 through 1.4.9 or 1.6.x before 1.6.3 and is prone to heap-based buffer overflow vulnerability. A flaw is present in the application, which is caused due to an error in ERF file parser when processing certain malformed file. Successful exploitation allows rem ... oval:org.secpod.oval:def:202528 Wireshark, previously known as Ethereal, is a network protocol analyzer. It is used to capture and browse the traffic running on a computer network. A heap-based buffer overflow flaw was found in the way Wireshark handled Endace ERF capture files. If Wireshark opened a specially-crafted ERF capture ... oval:org.secpod.oval:def:1500080 Updated wireshark packages that fix several security issues, three bugs,and add one enhancement are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderatesecurity impact. Common Vulnerability Scoring System base scores,which give de ... oval:org.secpod.oval:def:1261 The host is installed with Wireshark and is prone to NULL pointer dereference vulnerability. A flaw is present in the application which is due to an error in the handling of corrupted Diameter dictionary file. Successful exploitation allows remote attacker to cause denial of service condition. oval:org.secpod.oval:def:1262 The host is installed with Wireshark and is prone to denial of service vulnerability. A flaw is present in the application which fails in the handling of corrupted snoop files. Successful exploitation allows remote attacker to cause application crash. oval:org.secpod.oval:def:1264 The host is installed with Wireshark and is prone to denial of service vulnerability. A flaw is present in the application, which is caused due an integer overflow in the visual_read function in wiretap/visual.c. Successful exploitation could allow an attacker to create denial of service conditions ... oval:org.secpod.oval:def:6907 The host is installed with Wireshark 1.8.x before 1.8.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the epan/dissectors/packet-mongo.c in the MongoDB dissector. Successful exploitation allows remote attackers to cause a denial of servi ... oval:org.secpod.oval:def:6906 The host is installed with Wireshark 1.4.x before 1.4.15 or 1.6.x before 1.6.10 or 1.8.x before 1.8.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector. ... oval:org.secpod.oval:def:6910 The host is installed with Wireshark 1.4.x before 1.4.15 or 1.6.x before 1.6.10 or 1.8.x before 1.8.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the CTDB dissector. Successful exploitation allows remote attackers to cause a denial of ... oval:org.secpod.oval:def:6913 The host is installed with Wireshark 1.4.x before 1.4.15 or 1.6.x before 1.6.10 or 1.8.x before 1.8.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle certain integer fields. Successful exploitation allows remote attackers to cause ... oval:org.secpod.oval:def:6911 The host is installed with Wireshark 1.4.x before 1.4.15 or 1.6.x before 1.6.10 or 1.8.x before 1.8.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the CIP dissector. Successful exploitation allows remote attackers to cause a denial of s ... oval:org.secpod.oval:def:6917 The host is installed with Wireshark 1.6.x before 1.6.10 or 1.8.x before 1.8.2 and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to handle the dissect_gsm_rlcmac_downlink function in epan/dissectors/packet-gsm_rlcmac.c in the GSM RLC MAC dissector. Succ ... oval:org.secpod.oval:def:6916 The host is installed with Wireshark 1.4.x before 1.4.15 or 1.6.x before 1.6.10 or 1.8.x before 1.8.2 and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to handle the epan/dissectors/packet-rtps2.c in the RTPS2 dissector. Successful exploitation allows r ... oval:org.secpod.oval:def:6909 The host is installed with Wireshark 1.4.x before 1.4.15 or 1.6.x before 1.6.10 or 1.8.x before 1.8.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the epan/dissectors/packet-afp.c in the AFP dissector. Successful exploitation allows rem ... oval:org.secpod.oval:def:2185 The host is installed with Wireshark 1.4.x before 1.4.8 or 1.6.x before 1.6.1 and is prone to a denial of service vulnerability. A flaw is present in an application, which fails to handle an invalid packet. Successful exploitation could allow attackers to crash the application. oval:org.secpod.oval:def:2187 The host is installed with Wireshark 1.4.x before 1.4.8 or 1.6.x before 1.6.1 and is prone to a denial of service vulnerability. A flaw is present in an application, which fails to handle an invalid packet. Successful exploitation could allow attackers to crash the application. oval:org.secpod.oval:def:6780 The host is installed with Wireshark 1.6.x before 1.6.10 or 1.8.x before 1.8.2 and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to handle the dissect_gsm_rlcmac_downlink function in epan/dissectors/packet-gsm_rlcmac.c in the GSM RLC MAC dissector. Succ ... oval:org.secpod.oval:def:6768 The host is installed with Wireshark 1.4.x before 1.4.15 or 1.6.x before 1.6.10 or 1.8.x before 1.8.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector. ... oval:org.secpod.oval:def:6774 The host is installed with Wireshark 1.4.x before 1.4.15 or 1.6.x before 1.6.10 or 1.8.x before 1.8.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the CIP dissector. Successful exploitation allows remote attackers to cause a denial of s ... oval:org.secpod.oval:def:6773 The host is installed with Wireshark 1.4.x before 1.4.15 or 1.6.x before 1.6.10 or 1.8.x before 1.8.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the CTDB dissector. Successful exploitation allows remote attackers to cause a denial of ... oval:org.secpod.oval:def:6772 The host is installed with Wireshark 1.4.x before 1.4.15 or 1.6.x before 1.6.10 or 1.8.x before 1.8.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a large number of ACL entries. Successful exploitation allows remote attackers to cause a ... oval:org.secpod.oval:def:6776 The host is installed with Wireshark 1.4.x before 1.4.15 or 1.6.x before 1.6.10 or 1.8.x before 1.8.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle certain integer fields. Successful exploitation allows remote attackers to cause ... oval:org.secpod.oval:def:6779 The host is installed with Wireshark 1.4.x before 1.4.15 or 1.6.x before 1.6.10 or 1.8.x before 1.8.2 and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to handle the epan/dissectors/packet-rtps2.c in the RTPS2 dissector. Successful exploitation allows r ... oval:org.secpod.oval:def:6770 The host is installed with Wireshark 1.8.x before 1.8.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the epan/dissectors/packet-mongo.c in the MongoDB dissector. Successful exploitation allows remote attackers to cause a denial of servi ... oval:org.secpod.oval:def:3004 The host is installed with Wireshark 1.4.0 through 1.4.9 or 1.6.x before 1.6.3 and is prone to heap-based buffer overflow vulnerability. A flaw is present in the application, which is caused due to an error in ERF file parser when processing certain malformed file. Successful exploitation allows rem ... oval:org.secpod.oval:def:600685 Huzaifa Sidhpurwala discovered a buffer overflow in Wireshark"s ERF dissector, which could lead to the execution of arbitrary code. oval:org.secpod.oval:def:501147 Wireshark, previously known as Ethereal, is a network protocol analyzer. It is used to capture and browse the traffic running on a computer network. Two flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, exe ... oval:org.secpod.oval:def:601809 Multiple vulnerabilities were discovered in the dissectors/parsers for RTP, MEGACO, Netflow, RTSP, SES and Sniffer, which could result in denial of service. oval:org.secpod.oval:def:106509 Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. oval:org.secpod.oval:def:105882 Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. oval:org.secpod.oval:def:106526 Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. oval:org.secpod.oval:def:1600294 Two flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding ... oval:org.secpod.oval:def:105875 Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. oval:org.secpod.oval:def:1500433 Updated wireshark packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are avai ... oval:org.secpod.oval:def:1500432 Updated wireshark packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are avai ... oval:org.secpod.oval:def:14117 The host is installed with Wireshark 1.6.x before 1.6.16 or 1.8.x before 1.8.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly determine when to use a recursive approach. Successful exploitation allows attackers to cause denial of servic ... oval:org.secpod.oval:def:14115 The host is installed with Wireshark 1.6.x before 1.6.16, 1.8.x before 1.8.8 or 1.10.0 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to validate a certain fragment length value. Successful exploitation allows attackers to cause an application cras ... oval:org.secpod.oval:def:14127 The host is installed with Wireshark 1.6.x before 1.6.16 or 1.8.x before 1.8.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly determine when to use a recursive approach. Successful exploitation allows attackers to cause denial of servic ... oval:org.secpod.oval:def:14125 The host is installed with Wireshark 1.6.x before 1.6.16, 1.8.x before 1.8.8 or 1.10.0 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to validate a certain fragment length value. Successful exploitation allows attackers to cause an application cras ... oval:org.secpod.oval:def:203233 Wireshark is a network protocol analyzer. It is used to capture and browse the traffic running on a computer network. Multiple flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the ... oval:org.secpod.oval:def:203231 Wireshark is a network protocol analyzer. It is used to capture and browse the traffic running on a computer network. Two flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user ... oval:org.secpod.oval:def:1500299 Updated wireshark packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, wh ... oval:org.secpod.oval:def:203467 Wireshark is a network protocol analyzer. It is used to capture and browse the traffic running on a computer network. Multiple flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the ... oval:org.secpod.oval:def:203466 Wireshark is a network protocol analyzer. It is used to capture and browse the traffic running on a computer network. Multiple flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the ... oval:org.secpod.oval:def:40856 The host is installed Wireshark 1.8.x before 1.8.9 or 1.10.x before 1.10.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly determine whether there is remaining packet data to process. Successful exploitation allows remote attackers to ... oval:org.secpod.oval:def:40861 The host is installed Wireshark 1.8.x before 1.8.9 or 1.10.x before 1.10.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly determine whether there is remaining packet data to process. Successful exploitation allows remote attackers to ... oval:org.secpod.oval:def:601226 Multiple vulnerabilities were discovered in Wireshark: CVE-2014-2281 Moshe Kaplan discovered that the NFS dissector could be crashed, resulting in denial of service. CVE-2014-2283 It was discovered that the RLC dissector could be crashed, resulting in denial of service. CVE-2014-2299 Wesley Neelen d ... oval:org.secpod.oval:def:40862 The host is installed Wireshark 1.8.x before 1.8.9 or 1.10.x before 1.10.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted packet-trace file. Successful exploitation allows remote attackers to cause a denial of service ... oval:org.secpod.oval:def:40860 The host is installed Wireshark 1.8.x before 1.8.9 or 1.10.x before 1.10.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly determine whether there is remaining packet data to process. Successful exploitation allows remote attackers to ... oval:org.secpod.oval:def:40863 The host is installed Wireshark 1.8.x before 1.8.9 or 1.10.x before 1.10.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted packet-trace file. Successful exploitation allows remote attackers to cause a denial of service ... oval:org.secpod.oval:def:40864 The host is installed Wireshark 1.8.x before 1.8.9 or 1.10.x before 1.10.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly initialize a length field in certain abnormal situations. Successful exploitation allows remote attackers to cau ... oval:org.secpod.oval:def:14850 The host is installed with Wireshark 1.8.x before 1.8.9 or 1.10.x before 1.10.1 and is prone to multiple array index error vulnerabilities. The flaws are present in the application, which fails to handle a crafted packet. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:13761 The host is installed with Wireshark 1.8.x before 1.8.7 and is prone to denial of service vulnerability. A flaw is present in the application, which uses incorrect integer data types. Successful exploitation allows attackers to cause heap memory corruption or NULL pointer dereference or application ... oval:org.secpod.oval:def:13760 The host is installed with Wireshark 1.8.x before 1.8.7 and is prone to denial of service vulnerability. A flaw is present in the application, which uses an incorrect format string. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:13763 The host is installed with Wireshark 1.6.x before 1.6.15 or 1.8.x before 1.8.7 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly initialize a certain variable. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:13762 The host is installed with Wireshark 1.8.x before 1.8.7 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to terminate a bit-field list. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:13765 The host is installed with Wireshark 1.8.x before 1.8.7 and is prone to multiple integer signedness error vulnerabilities. The flaws are present in the application, which fails to handle a malformed packet. Successful exploitation allows attackers to cause a denial of service. oval:org.secpod.oval:def:14851 The host is installed with Wireshark 1.8.x before 1.8.9 or 1.10.x before 1.10.1 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted packet. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:13764 The host is installed with Wireshark 1.8.x before 1.8.7 and is prone to denial of service vulnerability. A flaw is present in the application, which calls incorrect functions in certain contexts related to ciphers. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:14847 The host is installed with Wireshark 1.8.x before 1.8.9 or 1.10.x before 1.10.1 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to initialize a length field in certain abnormal situations. Successful exploitation allows attackers to cause an applica ... oval:org.secpod.oval:def:13758 The host is installed with Wireshark 1.8.x before 1.8.7 and is prone to multiple integer signedness error vulnerabilities. The flaws are present in the application, which fails to handle a malformed packet. Successful exploitation allows attackers to cause a denial of service. oval:org.secpod.oval:def:13759 The host is installed with Wireshark 1.8.x before 1.8.7 and is prone to multiple integer overflow vulnerabilities. The flaws are present in the application, which fails to properly handle a malformed packet. Successful exploitation allows attackers to cause a denial of service. oval:org.secpod.oval:def:14848 The host is installed with Wireshark 1.8.x before 1.8.9 or 1.10.x before 1.10.1 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to initialize certain structure members. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:14849 The host is installed with Wireshark 1.8.x before 1.8.9 or 1.10.x before 1.10.1 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly allocate memory. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:13770 The host is installed with Wireshark 1.6.x before 1.6.15 or 1.8.x before 1.8.7 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly initialize a certain variable. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:13771 The host is installed with Wireshark 1.8.x before 1.8.7 and is prone to denial of service vulnerability. A flaw is present in the application, which calls incorrect functions in certain contexts related to ciphers. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:501435 Wireshark is a network protocol analyzer. It is used to capture and browse the traffic running on a computer network. Multiple flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the ... oval:org.secpod.oval:def:501434 Wireshark is a network protocol analyzer. It is used to capture and browse the traffic running on a computer network. Multiple flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the ... oval:org.secpod.oval:def:13767 The host is installed with Wireshark 1.8.x before 1.8.7 and is prone to denial of service vulnerability. A flaw is present in the application, which uses an incorrect format string. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:13766 The host is installed with Wireshark 1.8.x before 1.8.7 and is prone to multiple integer overflow vulnerabilities. The flaws are present in the application, which fails to properly handle a malformed packet. Successful exploitation allows attackers to cause a denial of service. oval:org.secpod.oval:def:13769 The host is installed with Wireshark 1.8.x before 1.8.7 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to terminate a bit-field list. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:13768 The host is installed with Wireshark 1.8.x before 1.8.7 and is prone to denial of service vulnerability. A flaw is present in the application, which uses incorrect integer data types. Successful exploitation allows attackers to cause heap memory corruption or NULL pointer dereference or application ... oval:org.secpod.oval:def:21198 The host is installed with Wireshark 1.12.x before 1.12.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a CUPS packet that lacks a trailing '\0' character. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:21199 The host is installed with Wireshark 1.12.x before 1.12.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a NULL tree. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:21196 The host is installed with Wireshark 1.10.x before 1.10.10 or 1.12.x before 1.12.1 and is prone to a denial of service vulnerability. A flaw is present in the MEGACO dissector in Wireshark, which fails to handle an empty line. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:21197 The host is installed with Wireshark 1.10.x before 1.10.10 or 1.12.x before 1.12.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which refers to incorrect offset and start variables. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:21194 The host is installed with Wireshark 1.10.x before 1.10.10 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to handle a crafted packet. Successful exploitation could allow attackers to split memory ownership between the SDP and RTP dissectors. oval:org.secpod.oval:def:21195 The host is installed with Wireshark 1.10.x before 1.10.10 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted packet to the RTP dissector. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:107489 Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. oval:org.secpod.oval:def:6299 The host is installed with Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 and is prone to multiple integer overflow vulnerabilities. The flaws are present in the application, which fails to handle vectors related to the BACapp and Bluetooth HCI dissectors. Successful exploitation allows remote ... oval:org.secpod.oval:def:6297 The host is installed with Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle vectors related to the ANSI MAP, ASF, IEEE 802.11, IEEE 802.3 and LTP dissectors. Successful exploitation allow ... oval:org.secpod.oval:def:6295 The host is installed with Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 and is prone to multiple integer overflow vulnerabilities. The flaws are present in the application, which fails to handle vectors related to the BACapp and Bluetooth HCI dissectors. Successful exploitation allows remote ... oval:org.secpod.oval:def:17063 The host is installed with Wireshark 1.10.0 before 1.10.6 or 1.8.0 before 1.8.13 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet trace file. Successful exploitation could allow attackers to make Wireshark cras ... oval:org.secpod.oval:def:17060 The host is installed with Wireshark 1.10.0 before 1.10.6 or 1.8.0 before 1.8.13 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet trace file. Successful exploitation could allow attackers to execute malicious cod ... oval:org.secpod.oval:def:17052 The host is installed with Wireshark 1.10.0 before 1.10.6 or 1.8.0 before 1.8.13 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet trace file. Successful exploitation could allow attackers to execute malicious cod ... oval:org.secpod.oval:def:17055 The host is installed with Wireshark 1.10.0 before 1.10.6 or 1.8.0 before 1.8.13 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a malformed packet trace file. Successful exploitation could allow attackers to make Wireshark cras ... oval:org.secpod.oval:def:6912 The host is installed with Wireshark 1.4.x before 1.4.15 or 1.6.x before 1.6.10 or 1.8.x before 1.8.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the dissect_stun_message function in epan/dissectors/packet-stun.c in the STUN dissector. ... oval:org.secpod.oval:def:6908 The host is installed with Wireshark 1.4.x before 1.4.15 or 1.6.x before 1.6.10 or 1.8.x before 1.8.2 and is prone to integer overflow vulnerability. A flaw is present in the application, which fails to handle the dissect_xtp_ecntl function in epan/dissectors/packet-xtp.c in the XTP dissector. Succe ... oval:org.secpod.oval:def:501217 Wireshark is a network protocol analyzer. It is used to capture and browse the traffic running on a computer network. Two flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user ... oval:org.secpod.oval:def:501218 Wireshark is a network protocol analyzer. It is used to capture and browse the traffic running on a computer network. Multiple flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the ... oval:org.secpod.oval:def:6301 The host is installed with Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle vectors related to the ANSI MAP, ASF, IEEE 802.11, IEEE 802.3 and LTP dissectors. Successful exploitation allow ... oval:org.secpod.oval:def:17100 The host is installed with Wireshark 1.8.x before 1.8.9 or 1.10.x before 1.10.1 and is prone to integer signedness error vulnerability. A flaw is present in the get_type_length function in epan/dissectors/packet-btsdp.c in the Bluetooth SDP dissector in Wireshark, which fails to properly handle a cr ... oval:org.secpod.oval:def:204285 Wireshark is a network protocol analyzer. It is used to capture and browse the traffic running on a computer network. Multiple flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the ... oval:org.secpod.oval:def:6771 The host is installed with Wireshark 1.4.x before 1.4.15 or 1.6.x before 1.6.10 or 1.8.x before 1.8.2 and is prone to integer overflow vulnerability. A flaw is present in the application, which fails to handle the dissect_xtp_ecntl function in epan/dissectors/packet-xtp.c in the XTP dissector. Succe ... oval:org.secpod.oval:def:1600170 Multiple flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Several denial of service flaws were found in Wireshark. Wireshark could crash or stop respon ... oval:org.secpod.oval:def:6775 The host is installed with Wireshark 1.4.x before 1.4.15 or 1.6.x before 1.6.10 or 1.8.x before 1.8.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the dissect_stun_message function in epan/dissectors/packet-stun.c in the STUN dissector. ... oval:org.secpod.oval:def:105970 Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package. oval:org.secpod.oval:def:1500778 Updated wireshark packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are availabl ... oval:org.secpod.oval:def:1500783 Updated wireshark packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available for ... oval:org.secpod.oval:def:1500782 Updated wireshark packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are availabl ... oval:org.secpod.oval:def:1300292 Multiple vulnerabilities was found and corrected in Wireshark: * The NFS dissector could crash. Discovered by Moshe Kaplan . * The RLC dissector could crash . * The MPEG file parser could overflow a buffer. Discovered by Wesley Neelen . This advisory provides the latest version of Wireshark which i ... oval:org.secpod.oval:def:16433 The host is installed with Wireshark 1.8.x before 1.8.12 or 1.10.x before 1.10.4 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to check for empty lines. Successful exploitation allows attackers to cause infinite loop via a crafted packet. oval:org.secpod.oval:def:16436 The host is installed with Wireshark 1.8.x before 1.8.12 or 1.10.x before 1.10.4 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to check for empty lines. Successful exploitation allows attackers to cause infinite loop via a crafted packet. oval:org.secpod.oval:def:15596 The host is installed with Wireshark 1.8.x before 1.8.10 or 1.10.x before 1.10.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly determine when to enter a certain loop. Successful exploitation allows attackers to cause application crash. oval:org.secpod.oval:def:15590 The host is installed with Wireshark Wireshark 1.8.x before 1.8.10 or 1.10.x before 1.10.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly determine when to enter a certain loop. Successful exploitation allows attackers to cause applicat ... oval:org.secpod.oval:def:8164 The host is installed with Wireshark 1.6.x before 1.6.12 or 1.8.x before 1.8.4 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the dissect_rtcp_app function in epan/dissectors/packet-rtcp.c in the RTCP dissector. Successful exploitation al ... oval:org.secpod.oval:def:8165 The host is installed with Wireshark 1.6.x before 1.6.12 or 1.8.x before 1.8.4 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the dissect_wtp_common function in epan/dissectors/packet-wtp.c in the WTP dissector. Successful exploitation al ... oval:org.secpod.oval:def:8166 The host is installed with Wireshark 1.6.x before 1.6.12 or 1.8.x before 1.8.4 and is prone to integer overflow vulnerability. A flaw is present in the application, which fails to handle the dissect_iscsi_pdu function in epan/dissectors/packet-iscsi.c in the iSCSI dissector. Successful exploitation ... oval:org.secpod.oval:def:8170 The host is installed with Wireshark 1.8.x before 1.8.4 and is prone to integer overflow vulnerability. A flaw is present in the application, which fails to handle the dissect_sack_chunk function in epan/dissectors/packet-sctp.c in the SCTP dissector. Successful exploitation allows remote attackers ... oval:org.secpod.oval:def:8159 The host is installed with Wireshark 1.8.x before 1.8.4 and is prone to integer overflow vulnerability. A flaw is present in the application, which fails to handle the dissect_sack_chunk function in epan/dissectors/packet-sctp.c in the SCTP dissector. Successful exploitation allows remote attackers ... oval:org.secpod.oval:def:8153 The host is installed with Wireshark 1.6.x before 1.6.12 or 1.8.x before 1.8.4 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the dissect_rtcp_app function in epan/dissectors/packet-rtcp.c in the RTCP dissector. Successful exploitation al ... oval:org.secpod.oval:def:8154 The host is installed with Wireshark 1.6.x before 1.6.12 or 1.8.x before 1.8.4 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the dissect_wtp_common function in epan/dissectors/packet-wtp.c in the WTP dissector. Successful exploitation al ... oval:org.secpod.oval:def:8155 The host is installed with Wireshark 1.6.x before 1.6.12 or 1.8.x before 1.8.4 and is prone to integer overflow vulnerability. A flaw is present in the application, which fails to handle the dissect_iscsi_pdu function in epan/dissectors/packet-iscsi.c in the iSCSI dissector. Successful exploitation ... oval:org.secpod.oval:def:601047 Multiple vulnerabilities were discovered in the dissectors for GTPv2, ASN.1 BER, PPP CCP, DCP ETSI, MPEG DSM-CC and Websocket, which could result in denial of service or the execution of arbitrary code. The oldstable distribution is not affected. oval:org.secpod.oval:def:601055 Multiple vulnerabilities were discovered in the dissectors for CAPWAP, GMR-1 BCCH, PPP, NBAP, RDP, HTTP, DCP ETSI and in the Ixia IxVeriWave file parser, which could result in denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:21208 The host is installed with Wireshark 1.10.x before 1.10.10 or 1.12.x before 1.12.1 and is prone to a denial of service vulnerability. A flaw is present in the MEGACO dissector in Wireshark, which fails to handle an empty line. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:21209 The host is installed with Wireshark 1.10.x before 1.10.10 or 1.12.x before 1.12.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which refers to incorrect offset and start variables. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:21206 The host is installed with Wireshark 1.10.x before 1.10.10 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to handle a crafted packet. Successful exploitation could allow attackers to split memory ownership between the SDP and RTP dissectors. oval:org.secpod.oval:def:21207 The host is installed with Wireshark 1.10.x before 1.10.10 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted packet to the RTP dissector. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:21204 The host is installed with Wireshark 1.10.x before 1.10.10 or 1.12.x before 1.12.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted file that triggers writes of uncompressed bytes beyond the end of the output buffer. Su ... oval:org.secpod.oval:def:21205 The host is installed with Wireshark 1.10.x before 1.10.10 or 1.12.x before 1.12.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to prevent data overwrites during copy operations. Successful exploitation could allow attackers to crash the servic ... oval:org.secpod.oval:def:21202 The host is installed with Wireshark 1.10.x before 1.10.10 or 1.12.x before 1.12.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle empty input data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:21203 The host is installed with Wireshark 1.10.x before 1.10.10 or 1.12.x before 1.12.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly validate bitmask data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:21211 The host is installed with Wireshark 1.12.x before 1.12.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a NULL tree. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:21212 The host is installed with Wireshark 1.10.x before 1.10.10 or 1.12.x before 1.12.1 and is prone to an off-by-one error vulnerability. A flaw is present in the application, which fails to properly handle a crafted packet that triggers parsing of a token located one position beyond the current positio ... oval:org.secpod.oval:def:21210 The host is installed with Wireshark 1.12.x before 1.12.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a CUPS packet that lacks a trailing '\0' character. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:601082 Multiple vulnerabilities were discovered in the dissectors for DVB-CI, GSM A Common and ASN.1 PER and in the Netmon file parser. oval:org.secpod.oval:def:21200 The host is installed with Wireshark 1.10.x before 1.10.10 or 1.12.x before 1.12.1 and is prone to an off-by-one error vulnerability. A flaw is present in the application, which fails to properly handle a crafted packet that triggers parsing of a token located one position beyond the current positio ... oval:org.secpod.oval:def:21201 The host is installed with Wireshark 1.10.x before 1.10.10 or 1.12.x before 1.12.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly initialize a certain ID value. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:21217 The host is installed with Wireshark 1.10.x before 1.10.10 or 1.12.x before 1.12.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to prevent data overwrites during copy operations. Successful exploitation could allow attackers to crash the servic ... oval:org.secpod.oval:def:1600131 Two flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding ... oval:org.secpod.oval:def:21215 The host is installed with Wireshark 1.10.x before 1.10.10 or 1.12.x before 1.12.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly validate bitmask data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:21216 The host is installed with Wireshark 1.10.x before 1.10.10 or 1.12.x before 1.12.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted file that triggers writes of uncompressed bytes beyond the end of the output buffer. Su ... oval:org.secpod.oval:def:21213 The host is installed with Wireshark 1.10.x before 1.10.10 or 1.12.x before 1.12.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly initialize a certain ID value. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:21214 The host is installed with Wireshark 1.10.x before 1.10.10 or 1.12.x before 1.12.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle empty input data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:1701816 LISP dissector large loop in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file oval:org.secpod.oval:def:1901816 In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the SRVLOC dissector could crash. This was addressed in epan/dissectors/packet-srvloc.c by preventing a heap-based buffer under-read. oval:org.secpod.oval:def:603834 It was discovered that Wireshark, a network traffic analyzer, contained several vulnerabilities in the dissectors for 6LoWPAN, P_MUL, RTSE, ISAKMP, TCAP, ASN.1 BER and RPCAP, which could result in denial of service. oval:org.secpod.oval:def:1901822 In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by handling file digests properly. oval:org.secpod.oval:def:1901817 In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DCERPC SPOOLSS dissector could crash. This was addressed in epan/dissectors/packet-dcerpc-spoolss.c by adding a boundary check. oval:org.secpod.oval:def:2005316 In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the NetScaler file parser could crash. This was addressed in wiretap/netscaler.c by improving data validation. oval:org.secpod.oval:def:2005313 In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the SRVLOC dissector could crash. This was addressed in epan/dissectors/packet-srvloc.c by preventing a heap-based buffer under-read. oval:org.secpod.oval:def:2005315 In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This was addressed in epan/dissectors/packet-gssapi.c by ensuring that a valid dissector is called. oval:org.secpod.oval:def:2005314 In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DOF dissector could crash. This was addressed in epan/dissectors/packet-dof.c by properly handling generated IID and OID bytes. oval:org.secpod.oval:def:2005302 In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by handling file digests properly. oval:org.secpod.oval:def:2005304 In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DCERPC SPOOLSS dissector could crash. This was addressed in epan/dissectors/packet-dcerpc-spoolss.c by adding a boundary check. oval:org.secpod.oval:def:53062 The host is installed with Wireshark 2.6.0 to 2.6.6 or 2.4.0 to 2.4.12 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the RPCAP dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:53064 The host is installed with Wireshark 2.6.0 to 2.6.6 or 2.4.0 to 2.4.12 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the TCAP dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:53063 The host is installed with Wireshark 2.6.0 to 2.6.6 or 2.4.0 to 2.4.12 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the ASN.1 BER dissector issue. Successful exploitation could cause buffer overflow associated with excessive ... oval:org.secpod.oval:def:53075 The host is installed with Wireshark 2.6.0 to 2.6.6 or 2.4.0 to 2.4.12 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the RPCAP dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:53077 The host is installed with Wireshark 2.6.0 to 2.6.6 or 2.4.0 to 2.4.12 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the TCAP dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:53076 The host is installed with Wireshark 2.6.0 to 2.6.6 or 2.4.0 to 2.4.12 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the ASN.1 BER dissector issue. Successful exploitation could cause buffer overflow associated with excessive ... oval:org.secpod.oval:def:704952 wireshark: network traffic analyzer Wireshark could be made to crash if it received specially crafted network traffic or input files. oval:org.secpod.oval:def:705176 wireshark: network traffic analyzer Wireshark could be made to crash if it received specially crafted network traffic or input files. oval:org.secpod.oval:def:58881 wireshark: network traffic analyzer Wireshark could be made to crash if it received specially crafted network traffic or input files. oval:org.secpod.oval:def:1503764 Updated wireshark packages that fix several security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are avail ... oval:org.secpod.oval:def:201677 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A heap-based buffer overflow flaw was found in Wireshark. If Wireshark opened a specially-crafted capture file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Sever ... oval:org.secpod.oval:def:500786 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Several flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wiresh ... oval:org.secpod.oval:def:202326 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Several flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wiresh ... oval:org.secpod.oval:def:200538 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A heap-based buffer overflow flaw was found in Wireshark. If Wireshark opened a specially-crafted capture file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Sever ... oval:org.secpod.oval:def:1601333 Several flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark.Several denial of service flaws were found in Wireshark. Wireshark could crash or stop respondi ... oval:org.secpod.oval:def:500148 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A heap-based buffer overflow flaw was found in the Wireshark MAC-LTE dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute ... oval:org.secpod.oval:def:17114 The host is installed with Wireshark 1.2.0 through 1.2.14 or 1.4.0 through 1.4.3, and is prone to heap-based buffer overflow vulnerability. A flaw is present in the wiretap/dct3trace.c, which fails to handle a long record in a Nokia DCT3 trace file. Successful exploitation allows attackers to cause ... oval:org.secpod.oval:def:17113 The host is installed with Wireshark before 1.4.4 and is prone to denial of service vulnerability. A flaw is present in the NTLMSSP dissector, which fails to handle a crafted .pcap file. Successful exploitation allows attackers to cause a denial of service (NULL pointer dereference and application c ... oval:org.secpod.oval:def:500191 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A heap-based buffer overflow flaw was found in Wireshark. If Wireshark opened a specially-crafted capture file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Sever ... oval:org.secpod.oval:def:190 The host is installed with Wireshark 1.5.0 or before 1.4.3 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to handle a specially-crafted .pcap file. Successful exploitation could allow remote attackers to corrupt memory by executing arbitrary code o ... oval:org.secpod.oval:def:390 The host is installed with Wireshark and is prone to memory corruption vulnerability. A flaw is present in the application where large LDAP Filter strings consumes excessive amount of memory. Successful exploitation allows remote attackers to cause denial of service condition. oval:org.secpod.oval:def:392 The host is installed with Wireshark and is prone to multiple stack consumption vulnerabilities. The flaws are present in the application which fails to handle infinite recursion due to large packet length. Successful exploitation allow remote attackers to cause a denial of service. oval:org.secpod.oval:def:391 The host is installed with Wireshark and is prone to stack consumption vulnerability. A flaw is present in the application while handling ASN description with a recursive definition of a CHOICE. Successful exploitation allow remote attackers to cause a denial of service condition. oval:org.secpod.oval:def:393 The host is installed with Wireshark and is prone to denial of service vulnerability. A flaw is present in the application which fails to properly handle large packet lengths. Successful exploitation allow remote attackers to cause application to crash. oval:org.secpod.oval:def:1503465 Updated wireshark packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are avai ... oval:org.secpod.oval:def:40829 The host is installed Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3 or 1.5.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a malformed file. Successful exploitation allows remote attackers to cause a denial of service (m ... oval:org.secpod.oval:def:40832 The host is installed Wireshark 1.0.x, 1.2.0 through 1.2.14 or 1.4.0 through 1.4.3 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted SMB or CLDAP packet. Successful exploitation allows remote attackers to cause a denial ... oval:org.secpod.oval:def:40833 The host is installed Wireshark 1.0.x, 1.2.0 through 1.2.14 or 1.4.0 through 1.4.3 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle long LDAP filter string. Successful exploitation allows remote attackers to cause a denial of ser ... oval:org.secpod.oval:def:40830 The host is installed Wireshark 1.2.0 through 1.2.14 or 1.4.0 through 1.4.3 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a long record in a Nokia DCT3 trace file. Successful exploitation allows remote attackers to ca ... oval:org.secpod.oval:def:40831 The host is installed Wireshark 1.2.0 through 1.2.14 or 1.4.0 through 1.4.3 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a pcap-ng file. Successful exploitation allows remote attackers to cause a denial of service (applicatio ... oval:org.secpod.oval:def:40834 The host is installed Wireshark 1.2.x through 1.2.15 or 1.4.x through 1.4.4 and is prone to a stack consumption vulnerability. A flaw is present in the application, which fails to properly handle vectors involving self-referential ASN.1 CHOICE values. Successful exploitation allows remote attackers ... oval:org.secpod.oval:def:40835 The host is installed Wireshark before 1.4.4 and is prone to a denial of service vulnerability. A flaw is present in the NTLMSSP dissector, which fails to properly handle crafted .pcap file. Successful exploitation allows remote attackers to cause a denial of service (NULL pointer dereference and ap ... oval:org.secpod.oval:def:19500063 ISO 15765 and ISO 10681 dissector crash in Wireshark 4.0.0 to 4.0.3 and 3.6.0 to 3.6.11 allows denial of service via packet injection or crafted capture file oval:org.secpod.oval:def:89049247 This update for wireshark fixes the following issues: Update to Wireshark 3.6.15: \- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.6.15.html Security fixes: \- CVE-2023-0667: Fixed failure to validate MS-MMS packet length . ... oval:org.secpod.oval:def:89049004 This update for wireshark fixes the following issues: Updated to version 3.6.14: * CVE-2023-2855: Fixed a crash in the Candump log file parser . * CVE-2023-2856: Fixed a crash in the VMS TCPIPtrace file parser . * CVE-2023-2857: Fixed a crash in the BLF file parser . * CVE-2023-2858: Fixed a crash i ... oval:org.secpod.oval:def:2501258 The wireshark packages contain a network protocol analyzer used to capture and browse the traffic running on a computer network. oval:org.secpod.oval:def:2600372 The wireshark packages contain a network protocol analyzer used to capture and browse the traffic running on a computer network. oval:org.secpod.oval:def:89048535 This update for wireshark fixes the following issues: * CVE-2023-1161: Fixed crash in ISO 15765 and ISO 10681 dissector . Update to 3.6.12: * https://www.wireshark.org/docs/relnotes/wireshark-3.6.12.html oval:org.secpod.oval:def:19500225 Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark version between 4.0.0 to 4.0.5, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process runningWireshark.NOTE: https://www.wireshark.org/securi ... oval:org.secpod.oval:def:3300286 SUSE Security Update: Security update for wireshark oval:org.secpod.oval:def:125468 Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful features including a rich ... oval:org.secpod.oval:def:19500220 Memory exhaustion in the Kafka protocol dissector in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9 allows denial of service via packet injection or crafted capture file Infinite loops in the BPv6, OpenFlow, and Kafka protocol dissectors in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9 allows denial of s ... oval:org.secpod.oval:def:125342 Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful features including a rich ... oval:org.secpod.oval:def:125337 Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful features including a rich ... oval:org.secpod.oval:def:19500170 Memory exhaustion in the Kafka protocol dissector in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9 allows denial of service via packet injection or crafted capture file Infinite loops in the BPv6, OpenFlow, and Kafka protocol dissectors in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9 allows denial of s ... oval:org.secpod.oval:def:89048742 This update for wireshark fixes the following issues: * CVE-2023-1992: Fixed RPCoRDMA dissector crash . * CVE-2023-1993: Fixed LISP dissector large loop . * CVE-2023-1994: Fixed GQUIC dissector crash . Update to 3.6.13: * Further features, bug fixes and updated protocol support as listed in: https:/ ... oval:org.secpod.oval:def:19500332 Kafka dissector crash in Wireshark 4.0.0 to 4.0.6 and 3.6.0 to 3.6.14 allows denial of service via packet injection or crafted capture file iSCSI dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file oval:org.secpod.oval:def:96297 Wireshark (64 bit) 4.2.x series is installed oval:org.secpod.oval:def:205499 The wireshark packages contain a network protocol analyzer used to capture and browse the traffic running on a computer network. Security Fix: * wireshark: Out-of-bounds read in packet-ldss.c * wireshark: Multiple dissectors could crash * wireshark: DICOM dissector infinite loop * wireshark: Ba ... oval:org.secpod.oval:def:115653 Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful features including a rich ... oval:org.secpod.oval:def:115650 Metapackage with installs wireshark-cli and wireshark-qt. oval:org.secpod.oval:def:49239 The host is installed with Wireshark 2.6.0 to 2.6.4 or 2.4.0 to 2.4.10 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-mmse.c file. Successful exploitation allows attackers to crash the MMSE dissector. oval:org.secpod.oval:def:115877 Metapackage with installs wireshark-cli and wireshark-qt. oval:org.secpod.oval:def:49242 The host is installed with Wireshark 2.6.0 to 2.6.4 or 2.4.0 to 2.4.10 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the epan/tvbuff_composite.c file. Successful exploitation allows attackers to trigger a heap-based buffer ove ... oval:org.secpod.oval:def:49243 The host is installed with Wireshark 2.6.0 to 2.6.4 or 2.4.0 to 2.4.10 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-dcom.c file. Successful exploitation allows attackers to crash the DCOM dissector. oval:org.secpod.oval:def:49240 The host is installed with Wireshark 2.6.0 to 2.6.4 or 2.4.0 to 2.4.10 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-lbmpdm.c file. Successful exploitation allows attackers to write arbitrary data to ... oval:org.secpod.oval:def:49241 The host is installed with Wireshark 2.6.0 to 2.6.4 or 2.4.0 to 2.4.10 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-pvfs2.c file. Successful exploitation allows attackers to cause a null pointer der ... oval:org.secpod.oval:def:49248 The host is installed with Wireshark 2.6.0 to 2.6.4 or 2.4.0 to 2.4.10 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-pvfs2.c file. Successful exploitation allows attackers to cause a null pointer der ... oval:org.secpod.oval:def:49249 The host is installed with Wireshark 2.6.0 to 2.6.4 or 2.4.0 to 2.4.10 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the epan/tvbuff_composite.c file. Successful exploitation allows attackers to trigger a heap-based buffer ove ... oval:org.secpod.oval:def:49246 The host is installed with Wireshark 2.6.0 to 2.6.4 or 2.4.0 to 2.4.10 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-mmse.c file. Successful exploitation allows attackers to crash the MMSE dissector. oval:org.secpod.oval:def:49247 The host is installed with Wireshark 2.6.0 to 2.6.4 or 2.4.0 to 2.4.10 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-lbmpdm.c file. Successful exploitation allows attackers to write arbitrary data to ... oval:org.secpod.oval:def:49244 The host is installed with Wireshark 2.6.0 to 2.6.4 or 2.4.0 to 2.4.10 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the wiretap/vwr.c file. Successful exploitation allows attackers to crash the IxVeriWave file parser. oval:org.secpod.oval:def:49245 The host is installed with Wireshark 2.6.0 to 2.6.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-zbee-zcl-lighting.c file. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:49251 The host is installed with Wireshark 2.6.0 to 2.6.4 or 2.4.0 to 2.4.10 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the wiretap/vwr.c file. Successful exploitation allows attackers to crash the IxVeriWave file parser. oval:org.secpod.oval:def:49252 The host is installed with Wireshark 2.6.0 to 2.6.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-zbee-zcl-lighting.c file. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:49250 The host is installed with Wireshark 2.6.0 to 2.6.4 or 2.4.0 to 2.4.10 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the epan/dissectors/packet-dcom.c file. Successful exploitation allows attackers to crash the DCOM dissector. oval:org.secpod.oval:def:1801267 CVE-2018-19622: MMSE dissector infinite loop¶ Affected versions: 2.6.0 to 2.6.4, 2.4.0 to 2.4.10 Fixed versions: 2.6.5, 2.4.11 oval:org.secpod.oval:def:603595 Multiple vulnerabilities have been discovered in Wireshark, a network protocol analyzer, which could result in denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:89049779 This update for wireshark fixes the following issues: Update to Wireshark 2.4.11 . Security issues fixed: - CVE-2018-19625: The Wireshark dissection engine could crash - CVE-2018-19626: The DCOM dissector could crash - CVE-2018-19623: The LBMPDM dissector could crash - CVE-2018-19622: The MMSE di ... oval:org.secpod.oval:def:47997 The host is installed with Wireshark 2.6.0 to 2.6.3 or 2.4.0 to 2.4.9 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the MS-WSP dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:503626 The wireshark packages contain a network protocol analyzer used to capture and browse the traffic running on a computer network. Security Fix: * wireshark: Out-of-bounds read in packet-ldss.c * wireshark: Multiple dissectors could crash * wireshark: DICOM dissector infinite loop * wireshark: Ba ... oval:org.secpod.oval:def:89049734 This update for wireshark fixes the following issues: Wireshark was updated to 2.4.10 . Following security issues were fixed: - CVE-2018-18227: MS-WSP dissector crash - CVE-2018-12086: OpcUA dissector crash Further bug fixes and updated protocol support that were done are listed in: https://www.wi ... oval:org.secpod.oval:def:1700343 In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Radiotap dissector could crash. This was addressed in epan/dissectors/packet-ieee80211-radiotap-iter.c by validating iterator operations. In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinit ... oval:org.secpod.oval:def:48003 The host is installed with Wireshark 2.6.0 to 2.6.3 or 2.4.0 to 2.4.9 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the MS-WSP dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:60889 The host is missing a security update according to Wireshark Advisory. The update is required to fix a denial-of-service vulnerability. A flaw is present in the application, which fails to properly handle issues in epan/dissectors/packet-wassp.c file. Successful exploitation allows attackers to cras ... oval:org.secpod.oval:def:60897 The host is installed with Wireshark 3.2.x before 3.2.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle issues in epan/dissectors/packet-wassp.c file. Successful exploitation allows attackers to crash the WASSP dissector. oval:org.secpod.oval:def:60893 The host is missing a security update according to Wireshark Advisory. The update is required to fix a denial-of-service vulnerability. A flaw is present in the application, which fails to properly handle issues in epan/dissectors/packet-wassp.c file. Successful exploitation allows attackers to cras ... oval:org.secpod.oval:def:60891 The host is installed with Wireshark 3.2.x before 3.2.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle issues in epan/dissectors/packet-wassp.c file. Successful exploitation allows attackers to crash the WASSP dissector. oval:org.secpod.oval:def:2005301 In Wireshark 3.0.0 to 3.0.6 and 2.6.0 to 2.6.12, the CMS dissector could crash. This was addressed in epan/dissectors/asn1/cms/packet-cms-template.c by ensuring that an object identifier is set to NULL after a ContentInfo dissection. oval:org.secpod.oval:def:89002307 This update for wireshark fixes the following issues: Update to Wireshark 2.4.11 . Security issues fixed: - CVE-2018-19625: The Wireshark dissection engine could crash - CVE-2018-19626: The DCOM dissector could crash - CVE-2018-19623: The LBMPDM dissector could crash - CVE-2018-19622: The MMSE di ... oval:org.secpod.oval:def:89002132 This update for wireshark fixes the following issues: Wireshark was updated to 2.4.10 . Following security issues were fixed: - CVE-2018-18227: MS-WSP dissector crash - CVE-2018-12086: OpcUA dissector crash Further bug fixes and updated protocol support that were done are listed in: https://www.wi ... oval:org.secpod.oval:def:53482 Multiple vulnerabilities have been discovered in Wireshark, a network protocol analyzer, which could result in denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:89000191 This update for wireshark and libmaxminddb fixes the following issues: Update wireshark to new major version 3.2.2 and introduce libmaxminddb for GeoIP support . New features include: - Added support for 111 new protocols, including WireGuard, LoRaWAN, TPM 2.0, 802.11ax and QUIC - Improved support f ... oval:org.secpod.oval:def:89051286 This update for wireshark fixes the following issues: Update to 3.6.19: * CVE-2023-6175: NetScreen file parser crash . oval:org.secpod.oval:def:1701964 A heap based buffer overflow in Wireshark's NetScreen file parser may lead to a local arbitrary code execution via a crafted capture file oval:org.secpod.oval:def:19500519 SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file A heap based buffer overflow in Wireshark's NetScreen file parser may lead to a local arbitrary code execution via a crafted capture file oval:org.secpod.oval:def:19500496 RTPS dissector memory leak in Wireshark 4.0.0 to 4.0.8 and 3.6.0 to 3.6.16 allows denial of service via packet injection or crafted capture file oval:org.secpod.oval:def:89050961 This update for wireshark fixes the following issues: Updated to version 3.6.17: * CVE-2023-5371: Fixed a memory leak issue in the RTPS dissector . oval:org.secpod.oval:def:1702104 IEEE 1609.2 dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file oval:org.secpod.oval:def:1702049 GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file oval:org.secpod.oval:def:89051340 This update for wireshark fixes the following issues: * Updated to Wireshark 3.6.20: * CVE-2024-0208: Fixed a crash in the GVCP dissector . * CVE-2024-0209: Fixed a crash in the IEEE 1609.2 dissector . oval:org.secpod.oval:def:89051338 This update for wireshark fixes the following issues: * Updated to Wireshark 3.6.20: * CVE-2024-0208: Fixed a crash in the GVCP dissector . * CVE-2024-0209: Fixed a crash in the IEEE 1609.2 dissector . oval:org.secpod.oval:def:3302199 Security update for wireshark oval:org.secpod.oval:def:19500587 GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file IEEE 1609.2 dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture fi ... oval:org.secpod.oval:def:127146 Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful features including a rich ... oval:org.secpod.oval:def:127121 Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful features including a rich ... oval:org.secpod.oval:def:126116 Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful features including a rich ... oval:org.secpod.oval:def:126122 Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful features including a rich ... oval:org.secpod.oval:def:19500406 Due to a failure in validating the length provided by an attacker-crafted CP2179 packet, Wireshark versions 2.0.0 through 4.0.7 is susceptible to a divide by zero allowing for a denial of service attack. BT SDP dissector infinite loop in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of ... oval:org.secpod.oval:def:1701822 BT SDP dissector infinite loop in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file BT SDP dissector memory leak in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file oval:org.secpod.oval:def:19500659 An issue in Wireshark team Wireshark before v.4.2.0 allows a remote attacker to cause a denial of service via the packet-bgp.c, dissect_bgp_open, optlen components oval:org.secpod.oval:def:89051782 This update for wireshark fixes the following issues: Security fixes: * CVE-2024-24476: Fixed a denial of service in ws_manuf_lookup_str Other fixes: * Wireshark 3.6.22: * Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.6.22 ... oval:org.secpod.oval:def:89051779 This update for wireshark fixes the following issues: * CVE-2024-24476: Fixed a denial of service in ws_manuf_lookup_str |