VYPR

rpm package

suse/wireshark&distro=SUSE Linux Enterprise Server 11 SP4

pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4

Vulnerabilities (175)

  • CVE-2018-11355HigMay 22, 2018
    affected < 2.2.16-40.28.1fixed 2.2.16-40.28.1

    In Wireshark 2.6.0, the RTCP dissector could crash. This was addressed in epan/dissectors/packet-rtcp.c by avoiding a buffer overflow for packet status chunks.

  • CVE-2018-11354HigMay 22, 2018
    affected < 2.2.16-40.28.1fixed 2.2.16-40.28.1

    In Wireshark 2.6.0, the IEEE 1905.1a dissector could crash. This was addressed in epan/dissectors/packet-ieee1905.c by making a certain correction to string handling.

  • CVE-2018-9274HigApr 4, 2018
    affected < 2.2.14-40.25.1fixed 2.2.14-40.25.1

    In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, ui/failure_message.c has a memory leak.

  • CVE-2018-9273HigApr 4, 2018
    affected < 2.2.14-40.25.1fixed 2.2.14-40.25.1

    In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-pcp.c has a memory leak.

  • CVE-2018-9272HigApr 4, 2018
    affected < 2.2.14-40.25.1fixed 2.2.14-40.25.1

    In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-h223.c has a memory leak.

  • CVE-2018-9271HigApr 4, 2018
    affected < 2.2.14-40.25.1fixed 2.2.14-40.25.1

    In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-multipart.c has a memory leak.

  • CVE-2018-9270HigApr 4, 2018
    affected < 2.2.14-40.25.1fixed 2.2.14-40.25.1

    In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/oids.c has a memory leak.

  • CVE-2018-9269HigApr 4, 2018
    affected < 2.2.14-40.25.1fixed 2.2.14-40.25.1

    In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-giop.c has a memory leak.

  • CVE-2018-9268HigApr 4, 2018
    affected < 2.2.14-40.25.1fixed 2.2.14-40.25.1

    In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-smb2.c has a memory leak.

  • CVE-2018-9267HigApr 4, 2018
    affected < 2.2.14-40.25.1fixed 2.2.14-40.25.1

    In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-lapd.c has a memory leak.

  • CVE-2018-9266HigApr 4, 2018
    affected < 2.2.14-40.25.1fixed 2.2.14-40.25.1

    In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-isup.c has a memory leak.

  • CVE-2018-9265HigApr 4, 2018
    affected < 2.2.14-40.25.1fixed 2.2.14-40.25.1

    In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-tn3270.c has a memory leak.

  • CVE-2018-9264HigApr 4, 2018
    affected < 2.2.14-40.25.1fixed 2.2.14-40.25.1

    In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the ADB dissector could crash with a heap-based buffer overflow. This was addressed in epan/dissectors/packet-adb.c by checking for a length inconsistency.

  • CVE-2018-9263HigApr 4, 2018
    affected < 2.2.14-40.25.1fixed 2.2.14-40.25.1

    In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the Kerberos dissector could crash. This was addressed in epan/dissectors/packet-kerberos.c by ensuring a nonzero key length.

  • CVE-2018-9262HigApr 4, 2018
    affected < 2.2.14-40.25.1fixed 2.2.14-40.25.1

    In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the VLAN dissector could crash. This was addressed in epan/dissectors/packet-vlan.c by limiting VLAN tag nesting to restrict the recursion depth.

  • CVE-2018-9261HigApr 4, 2018
    affected < 2.2.14-40.25.1fixed 2.2.14-40.25.1

    In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the NBAP dissector could crash with a large loop that ends with a heap-based buffer overflow. This was addressed in epan/dissectors/packet-nbap.c by prohibiting the self-linking of DCH-IDs.

  • CVE-2018-9260HigApr 4, 2018
    affected < 2.2.14-40.25.1fixed 2.2.14-40.25.1

    In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the IEEE 802.15.4 dissector could crash. This was addressed in epan/dissectors/packet-ieee802154.c by ensuring that an allocation step occurs.

  • CVE-2018-9259HigApr 4, 2018
    affected < 2.2.14-40.25.1fixed 2.2.14-40.25.1

    In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the MP4 dissector could crash. This was addressed in epan/dissectors/file-mp4.c by restricting the box recursion depth.

  • CVE-2018-9256HigApr 4, 2018
    affected < 2.2.14-40.25.1fixed 2.2.14-40.25.1

    In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the LWAPP dissector could crash. This was addressed in epan/dissectors/packet-lwapp.c by limiting the encapsulation levels to restrict the recursion depth.

  • CVE-2018-7421HigFeb 23, 2018
    affected < 2.2.13-40.22.1fixed 2.2.13-40.22.1

    In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the DMP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-dmp.c by correctly supporting a bounded number of Security Categories for a DMP Security Classification.

Page 2 of 9