Wireshark

Wireshark

685 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2017-9351

  • EPSS 0.77%
  • Veröffentlicht 02.06.2017 05:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DHCP dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-bootp.c by extracting the Vendor Class Identifier more carefully.

7.8

CVE-2017-9352

  • EPSS 0.49%
  • Veröffentlicht 02.06.2017 05:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bazaar dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by ensuring that backwards parsing cannot occur.

7.5

CVE-2017-9353

Exploit
  • EPSS 8%
  • Veröffentlicht 02.06.2017 05:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In Wireshark 2.2.0 to 2.2.6, the IPv6 dissector could crash. This was addressed in epan/dissectors/packet-ipv6.c by validating an IPv6 address.

7.5

CVE-2017-9354

  • EPSS 0.78%
  • Veröffentlicht 02.06.2017 05:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the RGMP dissector could crash. This was addressed in epan/dissectors/packet-rgmp.c by validating an IPv4 address.

7.1

CVE-2017-7700

  • EPSS 0.51%
  • Veröffentlicht 12.04.2017 23:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by ensuring a nonzero record size.

7.8

CVE-2017-7701

  • EPSS 0.53%
  • Veröffentlicht 12.04.2017 23:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the BGP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-bgp.c by using a different integer data type.

7.8

CVE-2017-7702

  • EPSS 0.53%
  • Veröffentlicht 12.04.2017 23:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding length validation.

7.5

CVE-2017-7703

  • EPSS 0.92%
  • Veröffentlicht 12.04.2017 23:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the IMAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-imap.c by calculating a line's end correctly.

7.8

CVE-2017-7704

  • EPSS 0.53%
  • Veröffentlicht 12.04.2017 23:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In Wireshark 2.2.0 to 2.2.5, the DOF dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dof.c by using a different integer data type and adjusting a return...

7.8

CVE-2017-7705

  • EPSS 0.53%
  • Veröffentlicht 12.04.2017 23:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the RPC over RDMA dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-rpcrdma.c by correctly checking for g...