Wireshark
wireshark
736 CVEs • 1 product
Products (1)
Click to collapseToggle
Products (1)
Click to collapse
CVEs (736)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
2Debian Wireshark2Debian Linux WiresharkNov 21, 2024 Jan 8, 2019 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 In Wireshark 2.6.0 to 2.6.5, the 6LoWPAN dissector could crash. This was addressed in epan/dissectors/packet-6lowpan.c by avoiding use of a TVB before its creation. |
2Debian Wireshark2Debian Linux WiresharkNov 21, 2024 Nov 29, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.6.0 to 2.6.4, the ZigBee ZCL dissector could crash. This was addressed in epan/dissectors/packet-zbee-zcl-lighting.c by preventing a divide-by-zero error. |
2Debian Wireshark2Debian Linux WiresharkNov 21, 2024 Nov 29, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the IxVeriWave file parser could crash. This was addressed in wiretap/vwr.c by adjusting a buffer boundary. |
2Debian Wireshark2Debian Linux WiresharkNov 21, 2024 Nov 29, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the DCOM dissector could crash. This was addressed in epan/dissectors/packet-dcom.c by adding '\0' termination. |
2Debian Wireshark2Debian Linux WiresharkNov 21, 2024 Nov 29, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the dissection engine could crash. This was addressed in epan/tvbuff_composite.c by preventing a heap-based buffer over-read. |
2Debian Wireshark2Debian Linux WiresharkNov 21, 2024 Nov 29, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the PVFS dissector could crash. This was addressed in epan/dissectors/packet-pvfs2.c by preventing a NULL pointer dereference. |
2Debian Wireshark2Debian Linux WiresharkNov 21, 2024 Nov 29, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the LBMPDM dissector could crash. In addition, a remote attacker could write arbitrary data to any memory locations before the packet-scoped memory. This was addressed in...Show more |
2Debian Wireshark2Debian Linux WiresharkNov 21, 2024 Nov 29, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-mmse.c by preventing length overflows. |
2Debian Wireshark2Debian Linux WiresharkNov 21, 2024 Oct 12, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.6.0 to 2.6.3 and 2.4.0 to 2.4.9, the MS-WSP protocol dissector could crash. This was addressed in epan/dissectors/packet-mswsp.c by properly handling NULL return values. |
2Debian Wireshark2Debian Linux WiresharkNov 21, 2024 Oct 12, 2018 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 In Wireshark 2.6.0 to 2.6.3, the Steam IHS Discovery dissector could consume system memory. This was addressed in epan/dissectors/packet-steam-ihs-discovery.c by changing the memory-management approach. |
3Debian OpensuseWireshark3Debian Linux LeapWiresharkNov 21, 2024 Oct 12, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.6.0 to 2.6.3, the CoAP dissector could crash. This was addressed in epan/dissectors/packet-coap.c by ensuring that the piv length is correctly computed. |
2Debian Wireshark2Debian Linux WiresharkNov 21, 2024 Aug 30, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth AVDTP dissector could crash. This was addressed in epan/dissectors/packet-btavdtp.c by properly initializing a data structure. |
2Debian Wireshark2Debian Linux WiresharkNov 21, 2024 Aug 30, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Radiotap dissector could crash. This was addressed in epan/dissectors/packet-ieee80211-radiotap-iter.c by validating iterator operations. |
2Debian Wireshark2Debian Linux WiresharkNov 21, 2024 Aug 30, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth Attribute Protocol dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by verifying that a dissector for a specific...Show more |
In Wireshark through 2.6.2, the create_app_running_mutex function in wsutil/file_util.c calls SetSecurityDescriptorDacl to set a NULL DACL, which allows attackers to modify the access control arbitrarily. |
In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the IEEE 802.11 protocol dissector could crash. This was addressed in epan/crypt/airpdcap.c via bounds checking that prevents a buffer over-read. |
2Debian Wireshark2Debian Linux WiresharkNov 21, 2024 Jul 19, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the HTTP2 dissector could crash. This was addressed in epan/dissectors/packet-http2.c by verifying that header data was found before proceeding to header...Show more |
2Debian Wireshark2Debian Linux WiresharkNov 21, 2024 Jul 19, 2018 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the Bazaar protocol dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by properly handling items that are too l...Show more |
In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the CoAP protocol dissector could crash. This was addressed in epan/dissectors/packet-coap.c by properly checking for a NULL condition. |
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ISMP dissector could crash. This was addressed in epan/dissectors/packet-ismp.c by validating the IPX address length to avoid a buffer over-read. |