Wireshark
wireshark
736 CVEs • 1 product
Products (1)
Click to collapseToggle
Products (1)
Click to collapse
CVEs (736)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
2Debian Wireshark2Debian Linux WiresharkNov 21, 2024 Jul 19, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ASN.1 BER dissector could crash. This was addressed in epan/dissectors/packet-ber.c by ensuring that length values do not exceed the maximum signed in...Show more |
2Debian Wireshark2Debian Linux WiresharkNov 21, 2024 Jul 19, 2018 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the BGP protocol dissector could go into a large loop. This was addressed in epan/dissectors/packet-bgp.c by validating Path Attribute lengths. |
2Debian Wireshark2Debian Linux WiresharkNov 21, 2024 Jul 19, 2018 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the DICOM dissector could go into a large or infinite loop. This was addressed in epan/dissectors/packet-dcm.c by preventing an offset overflow. |
2Debian Wireshark2Debian Linux WiresharkNov 21, 2024 Jul 19, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, dissectors that support zlib decompression could crash. This was addressed in epan/tvbuff_zlib.c by rejecting negative lengths to avoid a buffer over-read...Show more |
2Debian Wireshark2Debian Linux WiresharkNov 21, 2024 Jul 19, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the MMSE dissector could go into an infinite loop. This was addressed in epan/proto.c by adding offset and length validation. |
2Debian Wireshark2Debian Linux WiresharkNov 21, 2024 May 22, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by avoiding a buffer over-read upon encountering a missing '\0' character. |
In Wireshark 2.6.0, the IEEE 802.11 protocol dissector could crash. This was addressed in epan/crypt/dot11decrypt.c by avoiding a buffer overflow during FTE processing in Dot11DecryptTDLSDeriveKey. |
2Debian Wireshark2Debian Linux WiresharkNov 21, 2024 May 22, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the GSM A DTAP dissector could crash. This was addressed in epan/dissectors/packet-gsm_a_dtap.c by fixing an off-by-one error that caused a buffer overflow. |
2Debian Wireshark2Debian Linux WiresharkNov 21, 2024 May 22, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the RRC dissector and other dissectors could crash. This was addressed in epan/proto.c by avoiding a NULL pointer dereference. |
2Debian Wireshark2Debian Linux WiresharkNov 21, 2024 May 22, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 dissector could crash. This was addressed in epan/dissectors/packet-q931.c by avoiding a use-after-free after a malformed packet prevented certain cleanu...Show more |
2Debian Wireshark2Debian Linux WiresharkNov 21, 2024 May 22, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP dissector and other dissectors could consume excessive memory. This was addressed in epan/tvbuff.c by rejecting negative lengths. |
2Debian Wireshark2Debian Linux WiresharkNov 21, 2024 May 22, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS dissector could crash. This was addressed in epan/dissectors/packet-dns.c by avoiding a NULL pointer dereference for an empty name in an SRV record. |
In Wireshark 2.6.0, the RTCP dissector could crash. This was addressed in epan/dissectors/packet-rtcp.c by avoiding a buffer overflow for packet status chunks. |
In Wireshark 2.6.0, the IEEE 1905.1a dissector could crash. This was addressed in epan/dissectors/packet-ieee1905.c by making a certain correction to string handling. |
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, ui/failure_message.c has a memory leak. |
2Debian Wireshark2Debian Linux WiresharkNov 21, 2024 Apr 4, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-pcp.c has a memory leak. |
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-h223.c has a memory leak. |
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-multipart.c has a memory leak. |
2Debian Wireshark2Debian Linux WiresharkNov 21, 2024 Apr 4, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/oids.c has a memory leak. |
2Debian Wireshark2Debian Linux WiresharkNov 21, 2024 Apr 4, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-giop.c has a memory leak. |