Wireshark
wireshark
736 CVEs • 1 product
Products (1)
Click to collapseToggle
Products (1)
Click to collapse
CVEs (736)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
3Debian OpensuseWireshark3Debian Linux LeapWiresharkNov 21, 2024 Sep 15, 2019 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 In Wireshark 3.0.0 to 3.0.3 and 2.6.0 to 2.6.10, the Gryphon dissector could go into an infinite loop. This was addressed in plugins/epan/gryphon/packet-gryphon.c by checking for a message length of zero. |
5Canonical DebianFedoraproject+2 more5Debian Linux FedoraLeap+2 moreNov 21, 2024 Jul 17, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15, the ASN.1 BER dissector and related dissectors could crash. This was addressed in epan/asn1.c by properly restricting buffer increments. |
4Canonical DebianF5+1 more16Big Ip Access Policy Manager Big Ip Advanced Firewall ManagerBig Ip Analytics+13 moreNov 21, 2024 May 23, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14, the dissection engine could crash. This was addressed in epan/packet.c by restricting the number of layers and consequently limiting recursion. |
5Canonical DebianFedoraproject+2 more5Debian Linux FedoraLeap+2 moreNov 21, 2024 Apr 9, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DCERPC SPOOLSS dissector could crash. This was addressed in epan/dissectors/packet-dcerpc-spoolss.c by adding a boundary check. |
2Fedoraproject Wireshark2Fedora WiresharkNov 21, 2024 Apr 9, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 3.0.0, the TSDNS dissector could crash. This was addressed in epan/dissectors/packet-tsdns.c by splitting strings safely. |
5Canonical DebianFedoraproject+2 more5Debian Linux FedoraLeap+2 moreNov 21, 2024 Apr 9, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by handling file digests properly. |
2Fedoraproject Wireshark2Fedora WiresharkNov 21, 2024 Apr 9, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 3.0.0, the Rbm dissector could go into an infinite loop. This was addressed in epan/dissectors/file-rbm.c by handling unknown object types safely. |
5Canonical DebianFedoraproject+2 more5Debian Linux FedoraLeap+2 moreNov 21, 2024 Apr 9, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the SRVLOC dissector could crash. This was addressed in epan/dissectors/packet-srvloc.c by preventing a heap-based buffer under-read. |
2Fedoraproject Wireshark2Fedora WiresharkNov 21, 2024 Apr 9, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 3.0.0, the GSUP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-gsm_gsup.c by rejecting an invalid Information Element length. |
2Fedoraproject Wireshark2Fedora WiresharkNov 21, 2024 Apr 9, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 3.0.0, the IEEE 802.11 dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-ieee80211.c by detecting cases in which the bit offset does not advance. |
5Canonical DebianFedoraproject+2 more5Debian Linux FedoraLeap+2 moreNov 21, 2024 Apr 9, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DOF dissector could crash. This was addressed in epan/dissectors/packet-dof.c by properly handling generated IID and OID bytes. |
5Canonical DebianFedoraproject+2 more5Debian Linux FedoraLeap+2 moreNov 21, 2024 Apr 9, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the NetScaler file parser could crash. This was addressed in wiretap/netscaler.c by improving data validation. |
5Canonical DebianFedoraproject+2 more5Debian Linux FedoraLeap+2 moreNov 21, 2024 Apr 9, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This was addressed in epan/dissectors/packet-gssapi.c by ensuring that a valid dissector is called. |
2Debian Wireshark2Debian Linux WiresharkNov 21, 2024 Feb 28, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the RPCAP dissector could crash. This was addressed in epan/dissectors/packet-rpcap.c by avoiding an attempted dereference of a NULL conversation. |
4Canonical DebianOpensuse+1 more4Debian Linux LeapUbuntu Linux+1 moreNov 21, 2024 Feb 28, 2019 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and related dissectors could crash. This was addressed in epan/dissectors/packet-ber.c by preventing a buffer overflow associated with excessive digits in ti...Show more |
2Debian Wireshark2Debian Linux WiresharkNov 21, 2024 Feb 28, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the TCAP dissector could crash. This was addressed in epan/dissectors/asn1/tcap/tcap.cnf by avoiding NULL pointer dereferences. |
In Wireshark 2.4.0 to 2.4.11, the ENIP dissector could crash. This was addressed in epan/dissectors/packet-enip.c by changing the memory-management approach so that a use-after-free is avoided. |
2Debian Wireshark2Debian Linux WiresharkNov 21, 2024 Jan 8, 2019 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the ISAKMP dissector could crash. This was addressed in epan/dissectors/packet-isakmp.c by properly handling the case of a missing decryption data block. |
2Debian Wireshark2Debian Linux WiresharkNov 21, 2024 Jan 8, 2019 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the RTSE dissector and other ASN.1 dissectors could crash. This was addressed in epan/charsets.c by adding a get_t61_string length check. |
2Debian Wireshark2Debian Linux WiresharkNov 21, 2024 Jan 8, 2019 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the P_MUL dissector could crash. This was addressed in epan/dissectors/packet-p_mul.c by rejecting the invalid sequence number of zero. |