VYPR

rpm package

opensuse/wireshark&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/wireshark&distro=openSUSE%20Tumbleweed

Vulnerabilities (540)

  • CVE-2012-4296Aug 16, 2012
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    Buffer overflow in epan/dissectors/packet-rtps2.c in the RTPS2 dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (CPU consumption) via a malformed packet.

  • CVE-2012-4295Aug 16, 2012
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    Array index error in the channelised_fill_sdh_g707_format function in epan/dissectors/packet-erf.c in the ERF dissector in Wireshark 1.8.x before 1.8.2 might allow remote attackers to cause a denial of service (application crash) via a crafted speed (aka rate) value.

  • CVE-2012-4294Aug 16, 2012
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    Buffer overflow in the channelised_fill_sdh_g707_format function in epan/dissectors/packet-erf.c in the ERF dissector in Wireshark 1.8.x before 1.8.2 allows remote attackers to execute arbitrary code via a large speed (aka rate) value.

  • CVE-2012-4293Aug 16, 2012
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    plugins/ethercat/packet-ecatmb.c in the EtherCAT Mailbox dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly handle certain integer fields, which allows remote attackers to cause a denial of service (application exit) via a ma

  • CVE-2012-4292Aug 16, 2012
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    The dissect_stun_message function in epan/dissectors/packet-stun.c in the STUN dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly interact with key-destruction behavior in a certain tree library, which allows remote attackers

  • CVE-2012-4291Aug 16, 2012
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    The CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet.

  • CVE-2012-4290Aug 16, 2012
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    The CTDB dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a malformed packet.

  • CVE-2012-4289Aug 16, 2012
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    epan/dissectors/packet-afp.c in the AFP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a large number of ACL entries.

  • CVE-2012-4288Aug 16, 2012
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    Integer overflow in the dissect_xtp_ecntl function in epan/dissectors/packet-xtp.c in the XTP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop or application crash) via a large value

  • CVE-2012-4287Aug 16, 2012
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    epan/dissectors/packet-mongo.c in the MongoDB dissector in Wireshark 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a small value for a BSON document length.

  • CVE-2012-4286Aug 16, 2012
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    The pcapng_read_packet_block function in wiretap/pcapng.c in the pcap-ng file parser in Wireshark 1.8.x before 1.8.2 allows user-assisted remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted pcap-ng file.

  • CVE-2012-4285Aug 16, 2012
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a zero-lengt

  • CVE-2012-4049Jul 24, 2012
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before 1.6.9, and 1.8.x before 1.8.1 allows remote attackers to cause a denial of service (loop and CPU consumption) via a crafted packet.

  • CVE-2012-4048Jul 24, 2012
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    The PPP dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before 1.6.9, and 1.8.x before 1.8.1 allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) via a crafted packet, as demonstrated by a usbmon dump.

  • CVE-2012-2394Jun 30, 2012
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 on the SPARC and Itanium platforms does not properly perform data alignment for a certain structure member, which allows remote attackers to cause a denial of service (application crash) via a (1) ICMP or (2) ICMPv6 Echo Reques

  • CVE-2012-2393Jun 30, 2012
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 does not properly construct certain array data structures, which allows remote attackers to cause a denial of service (application crash) via a crafted packet that

  • CVE-2012-2392Jun 30, 2012
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allows remote attackers to cause a denial of service (infinite loop) via vectors related to the (1) ANSI MAP, (2) ASF, (3) IEEE 802.11, (4) IEEE 802.3, and (5) LTP dissectors.

  • CVE-2011-3483Sep 20, 2011
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    Wireshark 1.6.x before 1.6.2 allows remote attackers to cause a denial of service (application crash) via a malformed capture file that leads to an invalid root tvbuff, related to a "buffer exception handling vulnerability."

  • CVE-2011-3360Sep 20, 2011
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    Untrusted search path vulnerability in Wireshark 1.4.x before 1.4.9 and 1.6.x before 1.6.2 allows local users to gain privileges via a Trojan horse Lua script in an unspecified directory.

  • CVE-2011-3266Aug 24, 2011
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    The proto_tree_add_item function in Wireshark 1.6.0 through 1.6.1 and 1.4.0 through 1.4.8, when the IKEv1 protocol dissector is used, allows user-assisted remote attackers to cause a denial of service (infinite loop) via vectors involving a malformed IKE packet and many items in