VYPR

rpm package

suse/wireshark&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP2

pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2

Vulnerabilities (104)

  • CVE-2018-11357HigMay 22, 2018
    affected < 2.4.9-48.29.1fixed 2.4.9-48.29.1

    In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP dissector and other dissectors could consume excessive memory. This was addressed in epan/tvbuff.c by rejecting negative lengths.

  • CVE-2018-11356HigMay 22, 2018
    affected < 2.4.9-48.29.1fixed 2.4.9-48.29.1

    In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS dissector could crash. This was addressed in epan/dissectors/packet-dns.c by avoiding a NULL pointer dereference for an empty name in an SRV record.

  • CVE-2018-11355HigMay 22, 2018
    affected < 2.4.9-48.29.1fixed 2.4.9-48.29.1

    In Wireshark 2.6.0, the RTCP dissector could crash. This was addressed in epan/dissectors/packet-rtcp.c by avoiding a buffer overflow for packet status chunks.

  • CVE-2018-11354HigMay 22, 2018
    affected < 2.4.9-48.29.1fixed 2.4.9-48.29.1

    In Wireshark 2.6.0, the IEEE 1905.1a dissector could crash. This was addressed in epan/dissectors/packet-ieee1905.c by making a certain correction to string handling.

  • CVE-2018-7421HigFeb 23, 2018
    affected < 2.2.13-48.21.1fixed 2.2.13-48.21.1

    In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the DMP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-dmp.c by correctly supporting a bounded number of Security Categories for a DMP Security Classification.

  • CVE-2018-7420HigFeb 23, 2018
    affected < 2.2.13-48.21.1fixed 2.2.13-48.21.1

    In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the pcapng file parser could crash. This was addressed in wiretap/pcapng.c by adding a block-size check for sysdig event blocks.

  • CVE-2018-7419HigFeb 23, 2018
    affected < 2.2.13-48.21.1fixed 2.2.13-48.21.1

    In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the NBAP dissector could crash. This was addressed in epan/dissectors/asn1/nbap/nbap.cnf by ensuring DCH ID initialization.

  • CVE-2018-7418HigFeb 23, 2018
    affected < 2.2.13-48.21.1fixed 2.2.13-48.21.1

    In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the SIGCOMP dissector could crash. This was addressed in epan/dissectors/packet-sigcomp.c by correcting the extraction of the length value.

  • CVE-2018-7417HigFeb 23, 2018
    affected < 2.2.13-48.21.1fixed 2.2.13-48.21.1

    In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the IPMI dissector could crash. This was addressed in epan/dissectors/packet-ipmi-picmg.c by adding support for crafted packets that lack an IPMI header.

  • CVE-2018-7337HigFeb 23, 2018
    affected < 2.2.13-48.21.1fixed 2.2.13-48.21.1

    In Wireshark 2.4.0 to 2.4.4, the DOCSIS protocol dissector could crash. This was addressed in plugins/docsis/packet-docsis.c by removing the recursive algorithm that had been used for concatenated PDUs.

  • CVE-2018-7336HigFeb 23, 2018
    affected < 2.2.13-48.21.1fixed 2.2.13-48.21.1

    In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the FCP protocol dissector could crash. This was addressed in epan/dissectors/packet-fcp.c by checking for a NULL pointer.

  • CVE-2018-7335HigFeb 23, 2018
    affected < 2.2.13-48.21.1fixed 2.2.13-48.21.1

    In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the IEEE 802.11 dissector could crash. This was addressed in epan/crypt/airpdcap.c by rejecting lengths that are too small.

  • CVE-2018-7334HigFeb 23, 2018
    affected < 2.2.13-48.21.1fixed 2.2.13-48.21.1

    In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the UMTS MAC dissector could crash. This was addressed in epan/dissectors/packet-umts_mac.c by rejecting a certain reserved value.

  • CVE-2018-7333HigFeb 23, 2018
    affected < 2.2.13-48.21.1fixed 2.2.13-48.21.1

    In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-rpcrdma.c had an infinite loop that was addressed by validating a chunk size.

  • CVE-2018-7332HigFeb 23, 2018
    affected < 2.2.13-48.21.1fixed 2.2.13-48.21.1

    In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-reload.c had an infinite loop that was addressed by validating a length.

  • CVE-2018-7331HigFeb 23, 2018
    affected < 2.2.13-48.21.1fixed 2.2.13-48.21.1

    In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-ber.c had an infinite loop that was addressed by validating a length.

  • CVE-2018-7330HigFeb 23, 2018
    affected < 2.2.13-48.21.1fixed 2.2.13-48.21.1

    In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-thread.c had an infinite loop that was addressed by using a correct integer data type.

  • CVE-2018-7329HigFeb 23, 2018
    affected < 2.2.13-48.21.1fixed 2.2.13-48.21.1

    In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-s7comm.c had an infinite loop that was addressed by correcting off-by-one errors.

  • CVE-2018-7328HigFeb 23, 2018
    affected < 2.2.13-48.21.1fixed 2.2.13-48.21.1

    In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-usb.c had an infinite loop that was addressed by rejecting short frame header lengths.

  • CVE-2018-7327HigFeb 23, 2018
    affected < 2.2.13-48.21.1fixed 2.2.13-48.21.1

    In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-openflow_v6.c had an infinite loop that was addressed by validating property lengths.

Page 2 of 6