VYPR

rpm package

opensuse/wireshark&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/wireshark&distro=openSUSE%20Tumbleweed

Vulnerabilities (540)

  • CVE-2011-2698Aug 23, 2011
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    Off-by-one error in the elem_cell_id_aux function in epan/dissectors/packet-ansi_a.c in the ANSI MAP dissector in Wireshark 1.4.x before 1.4.8 and 1.6.x before 1.6.1 allows remote attackers to cause a denial of service (infinite loop) via an invalid packet.

  • CVE-2011-2597Jul 7, 2011
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    The Lucent/Ascend file parser in Wireshark 1.2.x before 1.2.18, 1.4.x through 1.4.7, and 1.6.0 allows remote attackers to cause a denial of service (infinite loop) via malformed packets.

  • CVE-2011-2175Jun 6, 2011
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    Integer underflow in the visual_read function in wiretap/visual.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a malformed Visual Networks file that triggers a heap-based buffer over-read.

  • CVE-2011-2174Jun 6, 2011
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    Double free vulnerability in the tvb_uncompress function in epan/tvbuff.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a packet with malformed data that uses zlib compression.

  • CVE-2011-1959Jun 6, 2011
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    The snoop_read function in wiretap/snoop.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 does not properly handle certain virtualizable buffers, which allows remote attackers to cause a denial of service (application crash) via a large length value in a snoop file that

  • CVE-2011-1958Jun 6, 2011
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows user-assisted remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Diameter dictionary file.

  • CVE-2011-1957Jun 6, 2011
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    The dissect_dcm_main function in epan/dissectors/packet-dcm.c in the DICOM dissector in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (infinite loop) via an invalid PDU length.

  • CVE-2011-1592Apr 29, 2011
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    The NFS dissector in epan/dissectors/packet-nfs.c in Wireshark 1.4.x before 1.4.5 on Windows uses an incorrect integer data type during decoding of SETCLIENTID calls, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file.

  • CVE-2011-1591Apr 29, 2011
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    Stack-based buffer overflow in the DECT dissector in epan/dissectors/packet-dect.c in Wireshark 1.4.x before 1.4.5 allows remote attackers to execute arbitrary code via a crafted .pcap file.

  • CVE-2011-1590Apr 29, 2011
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 does not properly initialize certain global variables, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file.

  • CVE-2011-0024Mar 28, 2011
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    Heap-based buffer overflow in wiretap/pcapng.c in Wireshark before 1.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted capture file.

  • CVE-2011-1143Mar 3, 2011
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted .pcap file.

  • CVE-2011-1140Mar 3, 2011
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    Multiple stack consumption vulnerabilities in the dissect_ms_compressed_string and dissect_mscldap_string functions in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allow remote attackers to cause a denial of service (infinite recursion) via a crafted (1) SMB or

  • CVE-2011-1139Mar 3, 2011
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    wiretap/pcapng.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) via a pcap-ng file that contains a large packet-length field.

  • CVE-2011-1138Mar 3, 2011
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    Off-by-one error in the dissect_6lowpan_iphc function in packet-6lowpan.c in Wireshark 1.4.0 through 1.4.3 on 32-bit platforms allows remote attackers to cause a denial of service (application crash) via a malformed 6LoWPAN IPv6 packet.

  • CVE-2011-0713Mar 3, 2011
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    Heap-based buffer overflow in wiretap/dct3trace.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long record in a Nokia DCT3 trace file.

  • CVE-2011-0538Feb 8, 2011
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3, and 1.5.0 frees an uninitialized pointer during processing of a .pcap file in the pcap-ng format, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a ma

  • CVE-2010-4538Jan 7, 2011
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    Buffer overflow in the sect_enttec_dmx_da function in epan/dissectors/packet-enttec.c in Wireshark 1.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ENTTEC DMX packet with Run Length Encoding (RLE) comp

  • CVE-2010-4301Nov 26, 2010
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    epan/dissectors/packet-zbee-zcl.c in the ZigBee ZCL dissector in Wireshark 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted ZCL packet, related to Discover Attributes.

  • CVE-2010-4300Nov 26, 2010
    affected < 2.2.2-1.1fixed 2.2.2-1.1

    Heap-based buffer overflow in the dissect_ldss_transfer function (epan/dissectors/packet-ldss.c) in the LDSS dissector in Wireshark 1.2.0 through 1.2.12 and 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an

Page 26 of 27