VYPR

rpm package

suse/wireshark&distro=SUSE Linux Enterprise Desktop 12 SP1

pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1

Vulnerabilities (70)

  • CVE-2015-8719MedJan 4, 2016
    affected < 1.12.9-22.1fixed 1.12.9-22.1

    The dissect_dns_answer function in epan/dissectors/packet-dns.c in the DNS dissector in Wireshark 1.12.x before 1.12.9 mishandles the EDNS0 Client Subnet option, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

  • CVE-2015-8718MedJan 4, 2016
    affected < 1.12.9-22.1fixed 1.12.9-22.1

    Double free vulnerability in epan/dissectors/packet-nlm.c in the NLM dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1, when the "Match MSG/RES packets for async NLM" option is enabled, allows remote attackers to cause a denial of service (application crash) via

  • CVE-2015-8717MedJan 4, 2016
    affected < 1.12.9-22.1fixed 1.12.9-22.1

    The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.12.x before 1.12.9 does not prevent use of a negative media count, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

  • CVE-2015-8716MedJan 4, 2016
    affected < 1.12.9-22.1fixed 1.12.9-22.1

    The init_t38_info_conv function in epan/dissectors/packet-t38.c in the T.38 dissector in Wireshark 1.12.x before 1.12.9 does not ensure that a conversation exists, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

  • CVE-2015-8715MedJan 4, 2016
    affected < 1.12.9-22.1fixed 1.12.9-22.1

    epan/dissectors/packet-alljoyn.c in the AllJoyn dissector in Wireshark 1.12.x before 1.12.9 does not check for empty arguments, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.

  • CVE-2015-8714MedJan 4, 2016
    affected < 1.12.9-22.1fixed 1.12.9-22.1

    The dissect_dcom_OBJREF function in epan/dissectors/packet-dcom.c in the DCOM dissector in Wireshark 1.12.x before 1.12.9 does not initialize a certain IPv4 data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

  • CVE-2015-8713MedJan 4, 2016
    affected < 1.12.9-22.1fixed 1.12.9-22.1

    epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not properly reserve memory for channel ID mappings, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packe

  • CVE-2015-8712MedJan 4, 2016
    affected < 1.12.9-22.1fixed 1.12.9-22.1

    The dissect_hsdsch_channel_info function in epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not validate the number of PDUs, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

  • CVE-2015-8711MedJan 4, 2016
    affected < 1.12.9-22.1fixed 1.12.9-22.1

    epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate conversation data, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.

  • CVE-2015-7830Nov 15, 2015
    affected < 1.12.9-22.1fixed 1.12.9-22.1

    The pcapng_read_if_descr_block function in wiretap/pcapng.c in the pcapng parser in Wireshark 1.12.x before 1.12.8 uses too many levels of pointer indirection, which allows remote attackers to cause a denial of service (incorrect free and application crash) via a crafted packet t

Page 4 of 4