Wireshark

Wireshark

748 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 3.12%
  • Veröffentlicht 06.10.2020 15:15:15
  • Zuletzt bearbeitet 21.11.2024 05:20:06

In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement.

Exploit
  • EPSS 2.89%
  • Veröffentlicht 13.08.2020 16:15:13
  • Zuletzt bearbeitet 21.11.2024 05:08:13

In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash. This was addressed in epan/dissectors/packet-kafka.c by avoiding a double free during LZ4 decompression.

  • EPSS 3.1%
  • Veröffentlicht 05.07.2020 11:15:09
  • Zuletzt bearbeitet 21.11.2024 05:05:33

In Wireshark 3.2.0 to 3.2.4, the GVCP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-gvcp.c by ensuring that an offset increases in all situations.

  • EPSS 3.22%
  • Veröffentlicht 19.05.2020 22:15:12
  • Zuletzt bearbeitet 21.11.2024 05:00:47

In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the NFS dissector could crash. This was addressed in epan/dissectors/packet-nfs.c by preventing excessive recursion, such as for a cycle in the directory graph on a filesystem.

  • EPSS 3.32%
  • Veröffentlicht 10.04.2020 21:15:11
  • Zuletzt bearbeitet 21.11.2024 04:58:19

In Wireshark 3.2.0 to 3.2.2, 3.0.0 to 3.0.9, and 2.6.0 to 2.6.15, the BACapp dissector could crash. This was addressed in epan/dissectors/packet-bacapp.c by limiting the amount of recursion.

Exploit
  • EPSS 2.71%
  • Veröffentlicht 27.02.2020 23:15:13
  • Zuletzt bearbeitet 21.11.2024 05:40:37

In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory. This was addressed in epan/dissectors/packet-lte-rrc.c by adjusting certain append operations.

Exploit
  • EPSS 3.11%
  • Veröffentlicht 27.02.2020 23:15:12
  • Zuletzt bearbeitet 21.11.2024 05:40:37

In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissector could crash. This was addressed in epan/dissectors/packet-eap.c by using more careful sscanf parsing.

  • EPSS 1.54%
  • Veröffentlicht 27.02.2020 23:15:12
  • Zuletzt bearbeitet 21.11.2024 05:40:37

In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash. This was addressed in epan/dissectors/packet-wireguard.c by handling the situation where a certain data structure intentionally has a NULL value.

Exploit
  • EPSS 2.81%
  • Veröffentlicht 27.02.2020 23:15:12
  • Zuletzt bearbeitet 21.11.2024 05:40:37

In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax DLMAP dissector could crash. This was addressed in plugins/epan/wimax/msg_dlmap.c by validating a length field.

Exploit
  • EPSS 3.24%
  • Veröffentlicht 16.01.2020 04:15:11
  • Zuletzt bearbeitet 21.11.2024 05:36:32

In Wireshark 3.2.x before 3.2.1, the WASSP dissector could crash. This was addressed in epan/dissectors/packet-wassp.c by using >= and <= to resolve off-by-one errors.