AVG-825

Package wireshark-cli
Status Fixed
Severity Critical
Type multiple issues
Affected 2.6.4-2
Fixed 2.6.5-1
Current 2.6.6-1 [community]
Ticket None
Created Sat Dec 8 18:30:12 2018
Issue Severity Remote Type Description
CVE-2018-19628 Low Yes Denial of service
A divide-by-zero error has been found in the ZigBee ZCL dissector of Wireshark versions prior to 2.6.5, which could be triggered by injecting a malformed...
CVE-2018-19627 Medium Yes Information disclosure
An out-of-bounds read has been found in the IxVeriWave file parser of Wireshark versions prior to 2.6.5, which could be triggered by injecting a malformed...
CVE-2018-19626 Medium Yes Information disclosure
An out-of-bounds read has been found in the DCOM dissector of Wireshark versions prior to 2.6.5, which could be triggered by injecting a malformed packet...
CVE-2018-19625 Medium Yes Information disclosure
An out-of-bounds read has been found in the dissection engine of Wireshark versions prior to 2.6.5, which could be triggered by injecting a malformed packet...
CVE-2018-19624 Low Yes Denial of service
A NULL-pointer dereference has been found in the PVFS dissector of Wireshark versions prior to 2.6.5, which could be triggered by injecting a malformed...
CVE-2018-19623 Critical Yes Arbitrary code execution
A heap-based out-of-bounds write has been found in the LBMPDM dissector of Wireshark versions prior to 2.6.5, which could be triggered by injecting a...
CVE-2018-19622 Low Yes Denial of service
A security issue has been found in the MMSE dissector of Wireshark versions prior to 2.6.5, which could be made to consume excessive CPU resources by...
Date Advisory Package Description
08 Dec 2018 ASA-201812-3 wireshark-cli multiple issues
References
https://www.wireshark.org/docs/relnotes/wireshark-2.6.5.html