Wireshark

Wireshark

680 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2018-14340

Exploit
  • EPSS 0.86%
  • Published 19.07.2018 02:29:00
  • Last modified 21.11.2024 03:48:51

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, dissectors that support zlib decompression could crash. This was addressed in epan/tvbuff_zlib.c by rejecting negative lengths to avoid a buffer over-read.

7.8

CVE-2018-14341

  • EPSS 0.68%
  • Published 19.07.2018 02:29:00
  • Last modified 21.11.2024 03:48:51

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the DICOM dissector could go into a large or infinite loop. This was addressed in epan/dissectors/packet-dcm.c by preventing an offset overflow.

7.8

CVE-2018-14342

  • EPSS 0.68%
  • Published 19.07.2018 02:29:00
  • Last modified 21.11.2024 03:48:51

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the BGP protocol dissector could go into a large loop. This was addressed in epan/dissectors/packet-bgp.c by validating Path Attribute lengths.

7.5

CVE-2018-14343

  • EPSS 0.85%
  • Published 19.07.2018 02:29:00
  • Last modified 21.11.2024 03:48:52

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ASN.1 BER dissector could crash. This was addressed in epan/dissectors/packet-ber.c by ensuring that length values do not exceed the maximum signed integer.

7.5

CVE-2018-14344

  • EPSS 0.74%
  • Published 19.07.2018 02:29:00
  • Last modified 21.11.2024 03:48:52

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ISMP dissector could crash. This was addressed in epan/dissectors/packet-ismp.c by validating the IPX address length to avoid a buffer over-read.

7.5

CVE-2018-14367

  • EPSS 0.65%
  • Published 19.07.2018 02:29:00
  • Last modified 21.11.2024 03:48:56

In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the CoAP protocol dissector could crash. This was addressed in epan/dissectors/packet-coap.c by properly checking for a NULL condition.

7.8

CVE-2018-14368

Exploit
  • EPSS 0.69%
  • Published 19.07.2018 02:29:00
  • Last modified 21.11.2024 03:48:56

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the Bazaar protocol dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by properly handling items that are too long.

7.5

CVE-2018-14369

  • EPSS 1.15%
  • Published 19.07.2018 02:29:00
  • Last modified 21.11.2024 03:48:56

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the HTTP2 dissector could crash. This was addressed in epan/dissectors/packet-http2.c by verifying that header data was found before proceeding to header decompression.

7.5

CVE-2018-14370

Exploit
  • EPSS 0.65%
  • Published 19.07.2018 02:29:00
  • Last modified 21.11.2024 03:48:56

In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the IEEE 802.11 protocol dissector could crash. This was addressed in epan/crypt/airpdcap.c via bounds checking that prevents a buffer over-read.

7.5

CVE-2018-11354

  • EPSS 0.56%
  • Published 22.05.2018 21:29:00
  • Last modified 21.11.2024 03:43:12

In Wireshark 2.6.0, the IEEE 1905.1a dissector could crash. This was addressed in epan/dissectors/packet-ieee1905.c by making a certain correction to string handling.