VYPR

rpm package

suse/wireshark&distro=SUSE Linux Enterprise Server 12 SP1-LTSS

pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS

Vulnerabilities (24)

  • CVE-2018-11357HigMay 22, 2018
    affected < 2.4.9-48.29.1fixed 2.4.9-48.29.1

    In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP dissector and other dissectors could consume excessive memory. This was addressed in epan/tvbuff.c by rejecting negative lengths.

  • CVE-2018-11356HigMay 22, 2018
    affected < 2.4.9-48.29.1fixed 2.4.9-48.29.1

    In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS dissector could crash. This was addressed in epan/dissectors/packet-dns.c by avoiding a NULL pointer dereference for an empty name in an SRV record.

  • CVE-2018-11355HigMay 22, 2018
    affected < 2.4.9-48.29.1fixed 2.4.9-48.29.1

    In Wireshark 2.6.0, the RTCP dissector could crash. This was addressed in epan/dissectors/packet-rtcp.c by avoiding a buffer overflow for packet status chunks.

  • CVE-2018-11354HigMay 22, 2018
    affected < 2.4.9-48.29.1fixed 2.4.9-48.29.1

    In Wireshark 2.6.0, the IEEE 1905.1a dissector could crash. This was addressed in epan/dissectors/packet-ieee1905.c by making a certain correction to string handling.

Page 2 of 2