rpm package
opensuse/wireshark&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/wireshark&distro=openSUSE%20Tumbleweed
Vulnerabilities (540)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2013-1585 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Feb 3, 2013 | epan/tvbuff.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly validate certain length values for the MS-MMC dissector, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. | ||
| CVE-2013-1584 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Feb 3, 2013 | The dissect_version_5_and_6_primary_header function in epan/dissectors/packet-dtn.c in the DTN dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 accesses an inappropriate pointer, which allows remote attackers to cause a denial of service (application crash) via a | ||
| CVE-2013-1583 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Feb 3, 2013 | The dissect_version_4_primary_header function in epan/dissectors/packet-dtn.c in the DTN dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 accesses an inappropriate pointer, which allows remote attackers to cause a denial of service (application crash) via a malfo | ||
| CVE-2013-1582 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Feb 3, 2013 | The dissect_clnp function in epan/dissectors/packet-clnp.c in the CLNP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly manage an offset variable, which allows remote attackers to cause a denial of service (infinite loop or application crash) vi | ||
| CVE-2013-1581 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Feb 3, 2013 | The dissect_pft_fec_detailed function in epan/dissectors/packet-dcp-etsi.c in the DCP-ETSI dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle fragment gaps, which allows remote attackers to cause a denial of service (loop) via a malformed p | ||
| CVE-2013-1580 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Feb 3, 2013 | The dissect_cmstatus_tlv function in plugins/docsis/packet-cmstatus.c in the DOCSIS CM-STATUS dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 uses an incorrect data type for a position variable, which allows remote attackers to cause a denial of service (infinit | ||
| CVE-2013-1579 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Feb 3, 2013 | The rtps_util_add_bitmap function in epan/dissectors/packet-rtps.c in the RTPS dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly implement certain nested loops for processing bitmap data, which allows remote attackers to cause a denial of service | ||
| CVE-2013-1578 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Feb 3, 2013 | The dissect_pw_eth_heuristic function in epan/dissectors/packet-pw-eth.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle apparent Ethernet address values at the beginning of MPLS data, which allows remote attackers to cause a denial of service (lo | ||
| CVE-2013-1577 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Feb 3, 2013 | The dissect_sip_p_charging_func_addresses function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle offset data associated with a quoted string, which allows remote attackers to cause a denial of | ||
| CVE-2013-1576 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Feb 3, 2013 | The dissect_sdp_media_attribute function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly process crypto-suite parameters, which allows remote attackers to cause a denial of service (infinite loop) via | ||
| CVE-2013-1575 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Feb 3, 2013 | The dissect_r3_cmd_alarmconfigure function in epan/dissectors/packet-assa_r3.c in the R3 dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle a certain alarm length, which allows remote attackers to cause a denial of service (infinite loop) v | ||
| CVE-2013-1574 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Feb 3, 2013 | The dissect_bthci_eir_ad_data function in epan/dissectors/packet-bthci_cmd.c in the Bluetooth HCI dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 uses an incorrect data type for a counter variable, which allows remote attackers to cause a denial of service (infi | ||
| CVE-2013-1573 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Feb 3, 2013 | The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle a large number of padding bits, which allows remote attackers to cause a denial of service (infinite loop) via | ||
| CVE-2013-1572 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Feb 3, 2013 | The dissect_oampdu_event_notification function in epan/dissectors/packet-slowprotocols.c in the IEEE 802.3 Slow Protocols dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle certain short lengths, which allows remote attackers to cause a den | ||
| CVE-2012-5240 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Oct 4, 2012 | Buffer overflow in the dissect_tlv function in epan/dissectors/packet-ldp.c in the LDP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malformed packet. | ||
| CVE-2012-5238 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Oct 4, 2012 | epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.3 uses incorrect OUI data structures during the decoding of (1) PPP and (2) LCP data, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a malforme | ||
| CVE-2012-5237 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Oct 4, 2012 | The dissect_hsrp function in epan/dissectors/packet-hsrp.c in the HSRP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. | ||
| CVE-2012-3548 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Aug 30, 2012 | The dissect_drda function in epan/dissectors/packet-drda.c in Wireshark 1.6.x through 1.6.10 and 1.8.x through 1.8.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a small value for a certain length field in a capture file. | ||
| CVE-2012-4298 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Aug 16, 2012 | Integer signedness error in the vwr_read_rec_data_ethernet function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.2 allows user-assisted remote attackers to execute arbitrary code via a crafted packet-trace file that triggers a buffer overflow. | ||
| CVE-2012-4297 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Aug 16, 2012 | Buffer overflow in the dissect_gsm_rlcmac_downlink function in epan/dissectors/packet-gsm_rlcmac.c in the GSM RLC MAC dissector in Wireshark 1.6.x before 1.6.10 and 1.8.x before 1.8.2 allows remote attackers to execute arbitrary code via a malformed packet. |
- CVE-2013-1585Feb 3, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
epan/tvbuff.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly validate certain length values for the MS-MMC dissector, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
- CVE-2013-1584Feb 3, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
The dissect_version_5_and_6_primary_header function in epan/dissectors/packet-dtn.c in the DTN dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 accesses an inappropriate pointer, which allows remote attackers to cause a denial of service (application crash) via a
- CVE-2013-1583Feb 3, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
The dissect_version_4_primary_header function in epan/dissectors/packet-dtn.c in the DTN dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 accesses an inappropriate pointer, which allows remote attackers to cause a denial of service (application crash) via a malfo
- CVE-2013-1582Feb 3, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
The dissect_clnp function in epan/dissectors/packet-clnp.c in the CLNP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly manage an offset variable, which allows remote attackers to cause a denial of service (infinite loop or application crash) vi
- CVE-2013-1581Feb 3, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
The dissect_pft_fec_detailed function in epan/dissectors/packet-dcp-etsi.c in the DCP-ETSI dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle fragment gaps, which allows remote attackers to cause a denial of service (loop) via a malformed p
- CVE-2013-1580Feb 3, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
The dissect_cmstatus_tlv function in plugins/docsis/packet-cmstatus.c in the DOCSIS CM-STATUS dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 uses an incorrect data type for a position variable, which allows remote attackers to cause a denial of service (infinit
- CVE-2013-1579Feb 3, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
The rtps_util_add_bitmap function in epan/dissectors/packet-rtps.c in the RTPS dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly implement certain nested loops for processing bitmap data, which allows remote attackers to cause a denial of service
- CVE-2013-1578Feb 3, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
The dissect_pw_eth_heuristic function in epan/dissectors/packet-pw-eth.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle apparent Ethernet address values at the beginning of MPLS data, which allows remote attackers to cause a denial of service (lo
- CVE-2013-1577Feb 3, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
The dissect_sip_p_charging_func_addresses function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle offset data associated with a quoted string, which allows remote attackers to cause a denial of
- CVE-2013-1576Feb 3, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
The dissect_sdp_media_attribute function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly process crypto-suite parameters, which allows remote attackers to cause a denial of service (infinite loop) via
- CVE-2013-1575Feb 3, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
The dissect_r3_cmd_alarmconfigure function in epan/dissectors/packet-assa_r3.c in the R3 dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle a certain alarm length, which allows remote attackers to cause a denial of service (infinite loop) v
- CVE-2013-1574Feb 3, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
The dissect_bthci_eir_ad_data function in epan/dissectors/packet-bthci_cmd.c in the Bluetooth HCI dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 uses an incorrect data type for a counter variable, which allows remote attackers to cause a denial of service (infi
- CVE-2013-1573Feb 3, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle a large number of padding bits, which allows remote attackers to cause a denial of service (infinite loop) via
- CVE-2013-1572Feb 3, 2013affected < 2.2.2-1.1fixed 2.2.2-1.1
The dissect_oampdu_event_notification function in epan/dissectors/packet-slowprotocols.c in the IEEE 802.3 Slow Protocols dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle certain short lengths, which allows remote attackers to cause a den
- CVE-2012-5240Oct 4, 2012affected < 2.2.2-1.1fixed 2.2.2-1.1
Buffer overflow in the dissect_tlv function in epan/dissectors/packet-ldp.c in the LDP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malformed packet.
- CVE-2012-5238Oct 4, 2012affected < 2.2.2-1.1fixed 2.2.2-1.1
epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.3 uses incorrect OUI data structures during the decoding of (1) PPP and (2) LCP data, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a malforme
- CVE-2012-5237Oct 4, 2012affected < 2.2.2-1.1fixed 2.2.2-1.1
The dissect_hsrp function in epan/dissectors/packet-hsrp.c in the HSRP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
- CVE-2012-3548Aug 30, 2012affected < 2.2.2-1.1fixed 2.2.2-1.1
The dissect_drda function in epan/dissectors/packet-drda.c in Wireshark 1.6.x through 1.6.10 and 1.8.x through 1.8.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a small value for a certain length field in a capture file.
- CVE-2012-4298Aug 16, 2012affected < 2.2.2-1.1fixed 2.2.2-1.1
Integer signedness error in the vwr_read_rec_data_ethernet function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.2 allows user-assisted remote attackers to execute arbitrary code via a crafted packet-trace file that triggers a buffer overflow.
- CVE-2012-4297Aug 16, 2012affected < 2.2.2-1.1fixed 2.2.2-1.1
Buffer overflow in the dissect_gsm_rlcmac_downlink function in epan/dissectors/packet-gsm_rlcmac.c in the GSM RLC MAC dissector in Wireshark 1.6.x before 1.6.10 and 1.8.x before 1.8.2 allows remote attackers to execute arbitrary code via a malformed packet.
Page 24 of 27