VYPR

rpm package

opensuse/wireshark&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/wireshark&distro=openSUSE%20Tumbleweed

Vulnerabilities (540)

  • CVE-2013-1585Feb 3, 2013
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    epan/tvbuff.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly validate certain length values for the MS-MMC dissector, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.

  • CVE-2013-1584Feb 3, 2013
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    The dissect_version_5_and_6_primary_header function in epan/dissectors/packet-dtn.c in the DTN dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 accesses an inappropriate pointer, which allows remote attackers to cause a denial of service (application crash) via a

  • CVE-2013-1583Feb 3, 2013
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    The dissect_version_4_primary_header function in epan/dissectors/packet-dtn.c in the DTN dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 accesses an inappropriate pointer, which allows remote attackers to cause a denial of service (application crash) via a malfo

  • CVE-2013-1582Feb 3, 2013
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    The dissect_clnp function in epan/dissectors/packet-clnp.c in the CLNP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly manage an offset variable, which allows remote attackers to cause a denial of service (infinite loop or application crash) vi

  • CVE-2013-1581Feb 3, 2013
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    The dissect_pft_fec_detailed function in epan/dissectors/packet-dcp-etsi.c in the DCP-ETSI dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle fragment gaps, which allows remote attackers to cause a denial of service (loop) via a malformed p

  • CVE-2013-1580Feb 3, 2013
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    The dissect_cmstatus_tlv function in plugins/docsis/packet-cmstatus.c in the DOCSIS CM-STATUS dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 uses an incorrect data type for a position variable, which allows remote attackers to cause a denial of service (infinit

  • CVE-2013-1579Feb 3, 2013
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    The rtps_util_add_bitmap function in epan/dissectors/packet-rtps.c in the RTPS dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly implement certain nested loops for processing bitmap data, which allows remote attackers to cause a denial of service

  • CVE-2013-1578Feb 3, 2013
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    The dissect_pw_eth_heuristic function in epan/dissectors/packet-pw-eth.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle apparent Ethernet address values at the beginning of MPLS data, which allows remote attackers to cause a denial of service (lo

  • CVE-2013-1577Feb 3, 2013
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    The dissect_sip_p_charging_func_addresses function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle offset data associated with a quoted string, which allows remote attackers to cause a denial of

  • CVE-2013-1576Feb 3, 2013
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    The dissect_sdp_media_attribute function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly process crypto-suite parameters, which allows remote attackers to cause a denial of service (infinite loop) via

  • CVE-2013-1575Feb 3, 2013
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    The dissect_r3_cmd_alarmconfigure function in epan/dissectors/packet-assa_r3.c in the R3 dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle a certain alarm length, which allows remote attackers to cause a denial of service (infinite loop) v

  • CVE-2013-1574Feb 3, 2013
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    The dissect_bthci_eir_ad_data function in epan/dissectors/packet-bthci_cmd.c in the Bluetooth HCI dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 uses an incorrect data type for a counter variable, which allows remote attackers to cause a denial of service (infi

  • CVE-2013-1573Feb 3, 2013
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle a large number of padding bits, which allows remote attackers to cause a denial of service (infinite loop) via

  • CVE-2013-1572Feb 3, 2013
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    The dissect_oampdu_event_notification function in epan/dissectors/packet-slowprotocols.c in the IEEE 802.3 Slow Protocols dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle certain short lengths, which allows remote attackers to cause a den

  • CVE-2012-5240Oct 4, 2012
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    Buffer overflow in the dissect_tlv function in epan/dissectors/packet-ldp.c in the LDP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malformed packet.

  • CVE-2012-5238Oct 4, 2012
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.3 uses incorrect OUI data structures during the decoding of (1) PPP and (2) LCP data, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a malforme

  • CVE-2012-5237Oct 4, 2012
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    The dissect_hsrp function in epan/dissectors/packet-hsrp.c in the HSRP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.

  • CVE-2012-3548Aug 30, 2012
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    The dissect_drda function in epan/dissectors/packet-drda.c in Wireshark 1.6.x through 1.6.10 and 1.8.x through 1.8.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a small value for a certain length field in a capture file.

  • CVE-2012-4298Aug 16, 2012
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    Integer signedness error in the vwr_read_rec_data_ethernet function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.2 allows user-assisted remote attackers to execute arbitrary code via a crafted packet-trace file that triggers a buffer overflow.

  • CVE-2012-4297Aug 16, 2012
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    Buffer overflow in the dissect_gsm_rlcmac_downlink function in epan/dissectors/packet-gsm_rlcmac.c in the GSM RLC MAC dissector in Wireshark 1.6.x before 1.6.10 and 1.8.x before 1.8.2 allows remote attackers to execute arbitrary code via a malformed packet.

Page 24 of 27