AVG-287

Package wireshark-cli
Status Fixed
Severity Low
Type denial of service
Affected 2.2.6-1
Fixed 2.2.7-1
Current 2.6.1-1 [community]
Ticket None
Created Fri Jun 2 09:13:57 2017
Issue Severity Remote Type Description
CVE-2017-9354 Low Yes Denial of service
An issue has been found in the RGMP dissector of Wireshark < 2.2.7, where a NULL pointer dereference can be triggered by injecting a malicious packet into...
CVE-2017-9353 Low Yes Denial of service
An issue has been found in the IPv6 dissector of Wireshark < 2.2.7, where a NULL pointer dereference can be triggered by injecting a malicious packet into...
CVE-2017-9352 Low Yes Denial of service
An issue has been found in the bazaar dissector of Wireshark < 2.2.7, where an infinite loop can be triggered by injecting a malicious packet into the wire...
CVE-2017-9351 Low Yes Denial of service
An issue has been found in the DHCP dissector of Wireshark < 2.2.7, where a heap-based out-of-bounds read can be triggered by injecting a malicious packet...
CVE-2017-9350 Low Yes Denial of service
An issue has been found in the openSAFETY dissector of Wireshark < 2.2.7, where an over-sized memory allocation can be triggered by injecting a malicious...
CVE-2017-9349 Low Yes Denial of service
An issue has been found in the DICOM dissector of Wireshark < 2.2.7, where an infinite loop can be triggered by injecting a malicious packet into the wire...
CVE-2017-9348 Low Yes Denial of service
An issue has been found in the DOF dissector of Wireshark < 2.2.7, where a heap-based out-of-bounds read can be triggered by injecting a malicious packet...
CVE-2017-9347 Low Yes Denial of service
An issue has been found in the ROS dissector of Wireshark < 2.2.7, where an NULL pointer dereference can be triggered by injecting a malicious packet into...
CVE-2017-9346 Low Yes Denial of service
An issue has been found in the SoulSeek dissector of Wireshark < 2.2.7, where an infinite loop can be triggered by injecting a malicious packet into the...
CVE-2017-9345 Low Yes Denial of service
An issue has been found in the DNS dissector of Wireshark < 2.2.7, where an infinite loop can be triggered by injecting a malicious packet into the wire or...
CVE-2017-9344 Low Yes Denial of service
An issue has been found in the BT L2CAP dissector of Wireshark < 2.2.7, where a division by zero can be triggered by injecting a malicious packet into the...
CVE-2017-9343 Low Yes Denial of service
An issue has been found in the MSNIP dissector of Wireshark < 2.2.7, where NULL pointer dereference can be triggered by injecting a malicious packet into...
Date Advisory Package Description
12 Jun 2017 ASA-201706-9 wireshark-cli denial of service
References
https://www.wireshark.org/docs/relnotes/wireshark-2.2.7.html