wireshark-cli

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description a free network protocol analyzer for Unix/Linux and Windows - CLI version
Version 2.6.1-1 [community]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-708 2.6.0-1 2.6.1-1 Critical Fixed
AVG-440 2.4.1-1 2.4.2-1 Medium Fixed
AVG-356 2.2.7-1 2.2.8-1 Low Fixed
AVG-287 2.2.6-1 2.2.7-1 Low Fixed
AVG-225 2.2.3-1 2.2.4-1 Medium Fixed
AVG-78 2.2.1-1 2.2.2-1 High Fixed
AVG-3 2.0.5-1 2.2.0-2 Medium Fixed
Issue Group Severity Remote Type Description
CVE-2018-11362 AVG-708 Medium Yes Information disclosure
An out-of-bounds read has been found in the LDSS dissector of Wireshark <= 2.6.0.
CVE-2018-11361 AVG-708 Low Yes Denial of service
A heap-based out-of-bounds read has been found in the IEEE 802.11 dissector of Wireshark <= 2.6.0.
CVE-2018-11360 AVG-708 Critical Yes Arbitrary code execution
A heap-based off-by-one write has been found in the GSM A DTAP dissector of Wireshark <= 2.6.0.
CVE-2018-11359 AVG-708 Low Yes Denial of service
A null-pointer dereference has been found in several dissectors of Wireshark <= 2.6.0.
CVE-2018-11358 AVG-708 Critical Yes Arbitrary code execution
A heap-based use-after-free has been found in the Q.931 dissector of Wireshark <= 2.6.0.
CVE-2018-11357 AVG-708 Low Yes Denial of service
An integer overflow leading to excessive memory allocation has been found in several dissectors of Wireshark <= 2.6.0.
CVE-2018-11356 AVG-708 Low Yes Denial of service
A null-pointer dereference has been found in the DNS dissector of Wireshark <= 2.6.0.
CVE-2018-11355 AVG-708 Critical Yes Arbitrary code execution
A heap-based buffer overflow has been found in the RTCP dissector of Wireshark <= 2.6.0.
CVE-2018-11354 AVG-708 Medium Yes Information disclosure
An out-of-bounds read has been found in the IEEE 1905.1a dissector of Wireshark <= 2.6.0.
CVE-2017-9354 AVG-287 Low Yes Denial of service
An issue has been found in the RGMP dissector of Wireshark < 2.2.7, where a NULL pointer dereference can be triggered by injecting a malicious packet into...
CVE-2017-9353 AVG-287 Low Yes Denial of service
An issue has been found in the IPv6 dissector of Wireshark < 2.2.7, where a NULL pointer dereference can be triggered by injecting a malicious packet into...
CVE-2017-9352 AVG-287 Low Yes Denial of service
An issue has been found in the bazaar dissector of Wireshark < 2.2.7, where an infinite loop can be triggered by injecting a malicious packet into the wire...
CVE-2017-9351 AVG-287 Low Yes Denial of service
An issue has been found in the DHCP dissector of Wireshark < 2.2.7, where a heap-based out-of-bounds read can be triggered by injecting a malicious packet...
CVE-2017-9350 AVG-287 Low Yes Denial of service
An issue has been found in the openSAFETY dissector of Wireshark < 2.2.7, where an over-sized memory allocation can be triggered by injecting a malicious...
CVE-2017-9349 AVG-287 Low Yes Denial of service
An issue has been found in the DICOM dissector of Wireshark < 2.2.7, where an infinite loop can be triggered by injecting a malicious packet into the wire...
CVE-2017-9348 AVG-287 Low Yes Denial of service
An issue has been found in the DOF dissector of Wireshark < 2.2.7, where a heap-based out-of-bounds read can be triggered by injecting a malicious packet...
CVE-2017-9347 AVG-287 Low Yes Denial of service
An issue has been found in the ROS dissector of Wireshark < 2.2.7, where an NULL pointer dereference can be triggered by injecting a malicious packet into...
CVE-2017-9346 AVG-287 Low Yes Denial of service
An issue has been found in the SoulSeek dissector of Wireshark < 2.2.7, where an infinite loop can be triggered by injecting a malicious packet into the...
CVE-2017-9345 AVG-287 Low Yes Denial of service
An issue has been found in the DNS dissector of Wireshark < 2.2.7, where an infinite loop can be triggered by injecting a malicious packet into the wire or...
CVE-2017-9344 AVG-287 Low Yes Denial of service
An issue has been found in the BT L2CAP dissector of Wireshark < 2.2.7, where a division by zero can be triggered by injecting a malicious packet into the...
CVE-2017-9343 AVG-287 Low Yes Denial of service
An issue has been found in the MSNIP dissector of Wireshark < 2.2.7, where NULL pointer dereference can be triggered by injecting a malicious packet into...
CVE-2017-7702 AVG-356 Low Yes Denial of service
A security issue has been found in the WBXML dissector of wireshark <= 2.2.7. It is possible to make Wireshark consume excessive CPU resources by injecting...
CVE-2017-5596 AVG-225 Medium Yes Denial of service
In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the ASTERIX dissector could go into an infinite loop, triggered by packet injection or a malformed capture...
CVE-2017-15193 AVG-440 Medium Yes Denial of service
A flaw has been discovered in wireshark before 2.4.2 in the MBIM dissector when pre sizing wmem arrays leading to resource consumption and application crash...
CVE-2017-15192 AVG-440 Medium Yes Denial of service
A flaw has been discovered in wireshark before 2.4.2 in the BT ATT dissector leading to application crash by injecting a malformed packet onto the wire or...
CVE-2017-15191 AVG-440 Medium Yes Denial of service
A length check flaw has been discovered in wireshark before 2.4.2 in the BT ATT dissector when 7bit strings were decoded leading to application crash by...
CVE-2017-15190 AVG-440 Medium Yes Denial of service
A stack pointer use after scope flaw has been discovered in wireshark before 2.4.2 in the RTSP dissector leading to application crash by injecting a...
CVE-2017-15189 AVG-440 Medium Yes Denial of service
An infinite loop flaw has been discovered in wireshark before 2.4.2 in the DOCSIS dissector leading to excessive consumption of CPU resources by injecting a...
CVE-2017-11411 AVG-356 Low Yes Denial of service
A security issue has been found in the openSAFETY dissector of wireshark <= 2.2.7. A crafted packet could make wireshark allocate a huge amount of memory,...
CVE-2017-11410 AVG-356 Low Yes Denial of service
A security issue has been found in the WBXML dissector of wireshark <= 2.2.7. A crafted packet could make wireshark go into an infinite loop, causing a...
CVE-2017-11408 AVG-356 Low Yes Denial of service
A security issue has been found in the AMQP dissector of wireshark <= 2.2.7. A crafted packet could make wireshark overflow the stack by getting into a...
CVE-2017-11407 AVG-356 Low Yes Denial of service
A security issue has been found in the MQ dissector of wireshark <= 2.2.7. A crafted packet could make wireshark try to allocate a huge amount of memory,...
CVE-2017-11406 AVG-356 Low Yes Denial of service
A security issue has been found in the DOCSIS dissector of wireshark <= 2.2.7. A crafted packet could make wireshark go into an infinite loop, causing a...
CVE-2016-9376 AVG-78 Medium Yes Denial of service
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the OpenFlow dissector could crash with memory exhaustion, triggered by network traffic or a capture file....
CVE-2016-9375 AVG-78 Medium Yes Denial of service
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DTN dissector could go into an infinite loop, triggered by network traffic or a capture file. This was...
CVE-2016-9374 AVG-78 Medium Yes Denial of service
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the AllJoyn dissector could crash with a buffer over-read, triggered by network traffic or a capture file....
CVE-2016-9373 AVG-78 High Yes Arbitrary code execution
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DCERPC dissector could crash with a use-after-free, triggered by network traffic or a capture file. This...
CVE-2016-7180 AVG-3 Medium Yes Denial of service
It may be possible to make Wireshark crash via the IPMI Trace dissector by injecting a malformed packet onto the wire or by convincing someone to read a...
CVE-2016-7179 AVG-3 Medium Yes Denial of service
It may be possible to make Wireshark crash via the Catapult DCT2000 dissector by injecting a malformed packet onto the wire or by convincing someone to read...
CVE-2016-7178 AVG-3 Medium Yes Denial of service
It may be possible to make Wireshark crash via the UMTS FP dissector by injecting a malformed packet onto the wire or by convincing someone to read a...
CVE-2016-7177 AVG-3 Medium Yes Denial of service
It may be possible to make Wireshark crash via the Catapult DCT2000 dissector by injecting a malformed packet onto the wire or by convincing someone to read...
CVE-2016-7176 AVG-3 Medium Yes Denial of service
It may be possible to make Wireshark crash via the H.225 dissector by injecting a malformed packet onto the wire or by convincing someone to read a...
CVE-2016-7175 AVG-3 Medium Yes Denial of service
It may be possible to make Wireshark crash via the QNX6 QNET dissector by injecting a malformed packet onto the wire or by convincing someone to read a...

Advisories

Date Advisory Group Severity Description
25 May 2018 ASA-201805-25 AVG-708 Critical multiple issues
12 Oct 2017 ASA-201710-14 AVG-440 Medium denial of service
26 Jul 2017 ASA-201707-28 AVG-356 Low denial of service
12 Jun 2017 ASA-201706-9 AVG-287 Low denial of service
24 Nov 2016 ASA-201611-25 AVG-78 High multiple issues
26 Sep 2016 ASA-201609-27 AVG-3 Medium denial of service