rpm package
opensuse/wireshark&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/wireshark&distro=openSUSE%20Tumbleweed
Vulnerabilities (540)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2014-2281 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Mar 11, 2014 | The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote attackers to cause a denial of service (memory corruption and applicat | ||
| CVE-2013-7114 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Dec 19, 2013 | Multiple buffer overflows in the create_ntlmssp_v2_key function in epan/dissectors/packet-ntlmssp.c in the NTLMSSP v2 dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 allow remote attackers to cause a denial of service (application crash) via a long domain name | ||
| CVE-2013-7113 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Dec 19, 2013 | epan/dissectors/packet-bssgp.c in the BSSGP dissector in Wireshark 1.10.x before 1.10.4 incorrectly relies on a global variable, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | ||
| CVE-2013-7112 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Dec 19, 2013 | The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 does not check for empty lines, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. | ||
| CVE-2013-6340 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Nov 4, 2013 | epan/dissectors/packet-tcp.c in the TCP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 does not properly determine the amount of remaining data, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | ||
| CVE-2013-6339 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Nov 4, 2013 | The dissect_openwire_type function in epan/dissectors/packet-openwire.c in the OpenWire dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 allows remote attackers to cause a denial of service (loop) via a crafted packet. | ||
| CVE-2013-6338 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Nov 4, 2013 | The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (application crash) via a craft | ||
| CVE-2013-6337 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Nov 4, 2013 | Unspecified vulnerability in the NBAP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet. | ||
| CVE-2013-6336 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Nov 4, 2013 | The ieee802154_map_rec function in epan/dissectors/packet-ieee802154.c in the IEEE 802.15.4 dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 uses an incorrect pointer chain, which allows remote attackers to cause a denial of service (application crash) via a cr | ||
| CVE-2013-5722 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Sep 16, 2013 | Unspecified vulnerability in the LDAP dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet. | ||
| CVE-2013-5721 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Sep 16, 2013 | The dissect_mq_rr function in epan/dissectors/packet-mq.c in the MQ dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 does not properly determine when to enter a certain loop, which allows remote attackers to cause a denial of service (application crash) via a c | ||
| CVE-2013-5720 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Sep 16, 2013 | Buffer overflow in the RTPS dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet. | ||
| CVE-2013-5719 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Sep 16, 2013 | epan/dissectors/packet-assa_r3.c in the ASSA R3 dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. | ||
| CVE-2013-5718 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Sep 16, 2013 | The dissect_nbap_T_dCH_ID function in epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 does not restrict the dch_id value, which allows remote attackers to cause a denial of service (application crash) via a crafted pac | ||
| CVE-2013-5717 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Sep 16, 2013 | The Bluetooth HCI ACL dissector in Wireshark 1.10.x before 1.10.2 does not properly maintain a certain free list, which allows remote attackers to cause a denial of service (application crash) via a crafted packet that is not properly handled by the wmem_block_alloc function in e | ||
| CVE-2013-4936 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Jul 30, 2013 | The IsDFP_Frame function in plugins/profinet/packet-pn-rt.c in the PROFINET Real-Time dissector in Wireshark 1.10.x before 1.10.1 does not validate MAC addresses, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a cra | ||
| CVE-2013-4935 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Jul 30, 2013 | The dissect_per_length_determinant function in epan/dissectors/packet-per.c in the ASN.1 PER dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize a length field in certain abnormal situations, which allows remote attackers to cause a denial of se | ||
| CVE-2013-4934 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Jul 30, 2013 | The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize certain structure members, which allows remote attackers to cause a denial of service (application crash) via a crafted packet-trace | ||
| CVE-2013-4933 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Jul 30, 2013 | The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) via a crafted packet-trace file. | ||
| CVE-2013-4932 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Jul 30, 2013 | Multiple array index errors in epan/dissectors/packet-gsm_a_common.c in the GSM A Common dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allow remote attackers to cause a denial of service (application crash) via a crafted packet. |
- CVE-2014-2281Mar 11, 2014affected < 2.2.2-1.1fixed 2.2.2-1.1
The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote attackers to cause a denial of service (memory corruption and applicat
- CVE-2013-7114Dec 19, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
Multiple buffer overflows in the create_ntlmssp_v2_key function in epan/dissectors/packet-ntlmssp.c in the NTLMSSP v2 dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 allow remote attackers to cause a denial of service (application crash) via a long domain name
- CVE-2013-7113Dec 19, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
epan/dissectors/packet-bssgp.c in the BSSGP dissector in Wireshark 1.10.x before 1.10.4 incorrectly relies on a global variable, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
- CVE-2013-7112Dec 19, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 does not check for empty lines, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
- CVE-2013-6340Nov 4, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
epan/dissectors/packet-tcp.c in the TCP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 does not properly determine the amount of remaining data, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
- CVE-2013-6339Nov 4, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
The dissect_openwire_type function in epan/dissectors/packet-openwire.c in the OpenWire dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 allows remote attackers to cause a denial of service (loop) via a crafted packet.
- CVE-2013-6338Nov 4, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (application crash) via a craft
- CVE-2013-6337Nov 4, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
Unspecified vulnerability in the NBAP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet.
- CVE-2013-6336Nov 4, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
The ieee802154_map_rec function in epan/dissectors/packet-ieee802154.c in the IEEE 802.15.4 dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 uses an incorrect pointer chain, which allows remote attackers to cause a denial of service (application crash) via a cr
- CVE-2013-5722Sep 16, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
Unspecified vulnerability in the LDAP dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet.
- CVE-2013-5721Sep 16, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
The dissect_mq_rr function in epan/dissectors/packet-mq.c in the MQ dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 does not properly determine when to enter a certain loop, which allows remote attackers to cause a denial of service (application crash) via a c
- CVE-2013-5720Sep 16, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
Buffer overflow in the RTPS dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet.
- CVE-2013-5719Sep 16, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
epan/dissectors/packet-assa_r3.c in the ASSA R3 dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
- CVE-2013-5718Sep 16, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
The dissect_nbap_T_dCH_ID function in epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 does not restrict the dch_id value, which allows remote attackers to cause a denial of service (application crash) via a crafted pac
- CVE-2013-5717Sep 16, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
The Bluetooth HCI ACL dissector in Wireshark 1.10.x before 1.10.2 does not properly maintain a certain free list, which allows remote attackers to cause a denial of service (application crash) via a crafted packet that is not properly handled by the wmem_block_alloc function in e
- CVE-2013-4936Jul 30, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
The IsDFP_Frame function in plugins/profinet/packet-pn-rt.c in the PROFINET Real-Time dissector in Wireshark 1.10.x before 1.10.1 does not validate MAC addresses, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a cra
- CVE-2013-4935Jul 30, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
The dissect_per_length_determinant function in epan/dissectors/packet-per.c in the ASN.1 PER dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize a length field in certain abnormal situations, which allows remote attackers to cause a denial of se
- CVE-2013-4934Jul 30, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize certain structure members, which allows remote attackers to cause a denial of service (application crash) via a crafted packet-trace
- CVE-2013-4933Jul 30, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) via a crafted packet-trace file.
- CVE-2013-4932Jul 30, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
Multiple array index errors in epan/dissectors/packet-gsm_a_common.c in the GSM A Common dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allow remote attackers to cause a denial of service (application crash) via a crafted packet.
Page 21 of 27