wireshark-cli

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Network traffic and protocol analyzer/sniffer - CLI tools and data files
Version 4.2.3-1 [extra]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-2564 3.4.9-1 3.4.10-1 Low Fixed
AVG-2160 3.4.6-1 3.4.7-1 Low Fixed
AVG-2037 3.4.5-1 3.4.6-1 Low Fixed
AVG-1864 3.4.4-1 3.4.5-1 Low Fixed
AVG-1510 3.4.2-1 3.4.3-1 Low Fixed
AVG-1377 3.4.1-1 3.4.2-1 Medium Fixed
AVG-1352 3.4.0-1 3.4.1-1 Medium Fixed
AVG-1258 3.2.7-1 3.4.0-1 Low Fixed
AVG-1198 3.2.4-1 3.2.5-1 Low Fixed
AVG-1129 3.2.2-1 3.2.3-1 Critical Fixed
AVG-844 2.6.5-1 2.6.6-1 Medium Fixed
AVG-825 2.6.4-2 2.6.5-1 Critical Fixed
AVG-779 2.6.3-1 2.6.4-1 High Fixed
AVG-708 2.6.0-1 2.6.1-1 Critical Fixed
AVG-440 2.4.1-1 2.4.2-1 Medium Fixed
AVG-356 2.2.7-1 2.2.8-1 Low Fixed
AVG-287 2.2.6-1 2.2.7-1 Low Fixed
AVG-225 2.2.3-1 2.2.4-1 Medium Fixed
AVG-78 2.2.1-1 2.2.2-1 High Fixed
AVG-3 2.0.5-1 2.2.0-2 Medium Fixed
Issue Group Severity Remote Type Description
CVE-2021-39929 AVG-2564 Low Yes Denial of service
It may be possible to make Wireshark before version 3.4.10 crash by injecting a malformed Bluetooth DHT packet onto the wire or by convincing someone to...
CVE-2021-39928 AVG-2564 Low Yes Denial of service
It may be possible to make Wireshark before version 3.4.10 crash by injecting a malformed IEEE 802.11 packet onto the wire or by convincing someone to read...
CVE-2021-39926 AVG-2564 Low Yes Denial of service
It may be possible to make Wireshark before version 3.4.10 crash by injecting a malformed Bluetooth HCI_ISO packet onto the wire or by convincing someone to...
CVE-2021-39925 AVG-2564 Low Yes Denial of service
It may be possible to make Wireshark before version 3.4.10 crash by injecting a malformed Bluetooth SDP packet onto the wire or by convincing someone to...
CVE-2021-39924 AVG-2564 Low Yes Denial of service
It may be possible to make Wireshark before version 3.4.10 consume excessive CPU resources by injecting a malformed Bluetooth DHT packet onto the wire or by...
CVE-2021-39922 AVG-2564 Low Yes Denial of service
It may be possible to make Wireshark before version 3.4.10 crash by injecting a malformed C12.22 packet onto the wire or by convincing someone to read a...
CVE-2021-39921 AVG-2564 Low Yes Denial of service
It may be possible to make Wireshark before version 3.4.10 crash by injecting a malformed Modbuss packet onto the wire or by convincing someone to read a...
CVE-2021-39920 AVG-2564 Low Yes Denial of service
It may be possible to make Wireshark before version 3.4.10 crash by injecting a malformed IPPUSB packet onto the wire or by convincing someone to read a...
CVE-2021-22235 AVG-2160 Low Yes Denial of service
It may be possible to make Wireshark before version 3.4.7 crash by injecting a malformed DNP3 packet onto the wire or by convincing someone to read a...
CVE-2021-22222 AVG-2037 Low Yes Denial of service
An infinite loop in the DVB-S2-BB dissector in Wireshark 3.4.0 to 3.4.5 allows a denial of service via packet injection or a crafted capture file.
CVE-2021-22207 AVG-1864 Low Yes Denial of service
Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows denial of service via packet injection or a crafted...
CVE-2021-22174 AVG-1510 Low Yes Denial of service
A denial of service has been found in Wireshark before 3.4.3, in the USB HID dissector. It can be triggered by injecting a malformed packet onto the wire or...
CVE-2021-22173 AVG-1510 Low Yes Denial of service
A memory leak leading to denial of service has been found in Wireshark before 3.4.3, in the USB HID dissector. It can be triggered by injecting a malformed...
CVE-2020-28030 AVG-1258 Low Yes Denial of service
A resource exhaustion issue has been found in the GQUIC decoder of Wireshark before 3.2.8.
CVE-2020-26422 AVG-1377 Medium Yes Denial of service
A buffer overflow in the QUIC dissector in Wireshark 3.4.0 to 3.4.1 allows denial of service via packet injection or a crafted capture file.
CVE-2020-26421 AVG-1352 Medium Yes Denial of service
A crash in the USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection...
CVE-2020-26420 AVG-1352 Medium Yes Denial of service
A memory leak in the RTPS protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or a crafted capture file.
CVE-2020-26419 AVG-1352 Medium Yes Denial of service
A memory leak in the dissection engine in Wireshark 3.4.0 allows denial of service via packet injection or a crafted capture file.
CVE-2020-26418 AVG-1352 Medium Yes Denial of service
A memory leak in the Kafka protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or a crafted capture file.
CVE-2020-15466 AVG-1198 Low Yes Denial of service
An infinite loop has been found in the GVCP dissector of Wireshark before 3.2.5. It may be possible to make Wireshark consume excessive CPU resources by...
CVE-2020-11647 AVG-1129 Critical Yes Arbitrary code execution
A stack overflow has been found in the fAbstractSyntaxNType function of the BACApp dissector of Wireshark versions prior to 3.2.3, which could be triggered...
CVE-2019-5719 AVG-844 Low Yes Denial of service
A NULL-pointer dereference has been found in the ISAKMP dissector of Wireshark versions prior to 2.6.6, which could be triggered by injecting a malformed...
CVE-2019-5718 AVG-844 Medium Yes Information disclosure
An out-of-bounds read has been found in the RTSE dissector of Wireshark versions prior to 2.6.6, which could be triggered by injecting a malformed packet...
CVE-2019-5717 AVG-844 Low Yes Denial of service
A NULL-pointer dereference has been found in the P_MUL dissector of Wireshark versions prior to 2.6.6, which could be triggered by injecting a malformed...
CVE-2019-5716 AVG-844 Low Yes Denial of service
An assertion failure has been found in the 6LoWPAN dissector of Wireshark versions prior to 2.6.6, which could be triggered by injecting a malformed packet...
CVE-2018-19628 AVG-825 Low Yes Denial of service
A divide-by-zero error has been found in the ZigBee ZCL dissector of Wireshark versions prior to 2.6.5, which could be triggered by injecting a malformed...
CVE-2018-19627 AVG-825 Medium Yes Information disclosure
An out-of-bounds read has been found in the IxVeriWave file parser of Wireshark versions prior to 2.6.5, which could be triggered by injecting a malformed...
CVE-2018-19626 AVG-825 Medium Yes Information disclosure
An out-of-bounds read has been found in the DCOM dissector of Wireshark versions prior to 2.6.5, which could be triggered by injecting a malformed packet...
CVE-2018-19625 AVG-825 Medium Yes Information disclosure
An out-of-bounds read has been found in the dissection engine of Wireshark versions prior to 2.6.5, which could be triggered by injecting a malformed packet...
CVE-2018-19624 AVG-825 Low Yes Denial of service
A NULL-pointer dereference has been found in the PVFS dissector of Wireshark versions prior to 2.6.5, which could be triggered by injecting a malformed...
CVE-2018-19623 AVG-825 Critical Yes Arbitrary code execution
A heap-based out-of-bounds write has been found in the LBMPDM dissector of Wireshark versions prior to 2.6.5, which could be triggered by injecting a...
CVE-2018-19622 AVG-825 Low Yes Denial of service
A security issue has been found in the MMSE dissector of Wireshark versions prior to 2.6.5, which could be made to consume excessive CPU resources by...
CVE-2018-18227 AVG-779 Low Yes Denial of service
A flaw has been discovered in wireshark >= 2.6.0 and < 2.6.4 in the MS-WSP dissector where an invalid type could lead to an assertion failure. This could be...
CVE-2018-18226 AVG-779 Low Yes Denial of service
A flaw has been discovered in wireshark >= 2.6.0 and < 2.6.4 in the Steam IHS Discovery dissector where dynamically allocated memory was not properly freed...
CVE-2018-18225 AVG-779 Low Yes Denial of service
A flaw has been discovered in wireshark >= 2.6.0 and < 2.6.4 in the CoAP dissector where an invalid frame could lead to NULL-pointer dereference. This could...
CVE-2018-12086 AVG-779 High Yes Arbitrary code execution
A flaw has been discovered in wireshark >= 2.6.0 and < 2.6.4 in the OpcUa dissector where a specially crafted structured request could lead to stack...
CVE-2018-11362 AVG-708 Medium Yes Information disclosure
An out-of-bounds read has been found in the LDSS dissector of Wireshark <= 2.6.0.
CVE-2018-11361 AVG-708 Low Yes Denial of service
A heap-based out-of-bounds read has been found in the IEEE 802.11 dissector of Wireshark <= 2.6.0.
CVE-2018-11360 AVG-708 Critical Yes Arbitrary code execution
A heap-based off-by-one write has been found in the GSM A DTAP dissector of Wireshark <= 2.6.0.
CVE-2018-11359 AVG-708 Low Yes Denial of service
A null-pointer dereference has been found in several dissectors of Wireshark <= 2.6.0.
CVE-2018-11358 AVG-708 Critical Yes Arbitrary code execution
A heap-based use-after-free has been found in the Q.931 dissector of Wireshark <= 2.6.0.
CVE-2018-11357 AVG-708 Low Yes Denial of service
An integer overflow leading to excessive memory allocation has been found in several dissectors of Wireshark <= 2.6.0.
CVE-2018-11356 AVG-708 Low Yes Denial of service
A null-pointer dereference has been found in the DNS dissector of Wireshark <= 2.6.0.
CVE-2018-11355 AVG-708 Critical Yes Arbitrary code execution
A heap-based buffer overflow has been found in the RTCP dissector of Wireshark <= 2.6.0.
CVE-2018-11354 AVG-708 Medium Yes Information disclosure
An out-of-bounds read has been found in the IEEE 1905.1a dissector of Wireshark <= 2.6.0.
CVE-2017-15193 AVG-440 Medium Yes Denial of service
A flaw has been discovered in wireshark before 2.4.2 in the MBIM dissector when pre sizing wmem arrays leading to resource consumption and application crash...
CVE-2017-15192 AVG-440 Medium Yes Denial of service
A flaw has been discovered in wireshark before 2.4.2 in the BT ATT dissector leading to application crash by injecting a malformed packet onto the wire or...
CVE-2017-15191 AVG-440 Medium Yes Denial of service
A length check flaw has been discovered in wireshark before 2.4.2 in the BT ATT dissector when 7bit strings were decoded leading to application crash by...
CVE-2017-15190 AVG-440 Medium Yes Denial of service
A stack pointer use after scope flaw has been discovered in wireshark before 2.4.2 in the RTSP dissector leading to application crash by injecting a...
CVE-2017-15189 AVG-440 Medium Yes Denial of service
An infinite loop flaw has been discovered in wireshark before 2.4.2 in the DOCSIS dissector leading to excessive consumption of CPU resources by injecting a...
CVE-2017-11411 AVG-356 Low Yes Denial of service
A security issue has been found in the openSAFETY dissector of wireshark <= 2.2.7. A crafted packet could make wireshark allocate a huge amount of memory,...
CVE-2017-11410 AVG-356 Low Yes Denial of service
A security issue has been found in the WBXML dissector of wireshark <= 2.2.7. A crafted packet could make wireshark go into an infinite loop, causing a...
CVE-2017-11408 AVG-356 Low Yes Denial of service
A security issue has been found in the AMQP dissector of wireshark <= 2.2.7. A crafted packet could make wireshark overflow the stack by getting into a...
CVE-2017-11407 AVG-356 Low Yes Denial of service
A security issue has been found in the MQ dissector of wireshark <= 2.2.7. A crafted packet could make wireshark try to allocate a huge amount of memory,...
CVE-2017-11406 AVG-356 Low Yes Denial of service
A security issue has been found in the DOCSIS dissector of wireshark <= 2.2.7. A crafted packet could make wireshark go into an infinite loop, causing a...
CVE-2017-9354 AVG-287 Low Yes Denial of service
An issue has been found in the RGMP dissector of Wireshark < 2.2.7, where a NULL pointer dereference can be triggered by injecting a malicious packet into...
CVE-2017-9353 AVG-287 Low Yes Denial of service
An issue has been found in the IPv6 dissector of Wireshark < 2.2.7, where a NULL pointer dereference can be triggered by injecting a malicious packet into...
CVE-2017-9352 AVG-287 Low Yes Denial of service
An issue has been found in the bazaar dissector of Wireshark < 2.2.7, where an infinite loop can be triggered by injecting a malicious packet into the wire...
CVE-2017-9351 AVG-287 Low Yes Denial of service
An issue has been found in the DHCP dissector of Wireshark < 2.2.7, where a heap-based out-of-bounds read can be triggered by injecting a malicious packet...
CVE-2017-9350 AVG-287 Low Yes Denial of service
An issue has been found in the openSAFETY dissector of Wireshark < 2.2.7, where an over-sized memory allocation can be triggered by injecting a malicious...
CVE-2017-9349 AVG-287 Low Yes Denial of service
An issue has been found in the DICOM dissector of Wireshark < 2.2.7, where an infinite loop can be triggered by injecting a malicious packet into the wire...
CVE-2017-9348 AVG-287 Low Yes Denial of service
An issue has been found in the DOF dissector of Wireshark < 2.2.7, where a heap-based out-of-bounds read can be triggered by injecting a malicious packet...
CVE-2017-9347 AVG-287 Low Yes Denial of service
An issue has been found in the ROS dissector of Wireshark < 2.2.7, where an NULL pointer dereference can be triggered by injecting a malicious packet into...
CVE-2017-9346 AVG-287 Low Yes Denial of service
An issue has been found in the SoulSeek dissector of Wireshark < 2.2.7, where an infinite loop can be triggered by injecting a malicious packet into the...
CVE-2017-9345 AVG-287 Low Yes Denial of service
An issue has been found in the DNS dissector of Wireshark < 2.2.7, where an infinite loop can be triggered by injecting a malicious packet into the wire or...
CVE-2017-9344 AVG-287 Low Yes Denial of service
An issue has been found in the BT L2CAP dissector of Wireshark < 2.2.7, where a division by zero can be triggered by injecting a malicious packet into the...
CVE-2017-9343 AVG-287 Low Yes Denial of service
An issue has been found in the MSNIP dissector of Wireshark < 2.2.7, where NULL pointer dereference can be triggered by injecting a malicious packet into...
CVE-2017-7702 AVG-356 Low Yes Denial of service
A security issue has been found in the WBXML dissector of wireshark <= 2.2.7. It is possible to make Wireshark consume excessive CPU resources by injecting...
CVE-2017-5596 AVG-225 Medium Yes Denial of service
In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the ASTERIX dissector could go into an infinite loop, triggered by packet injection or a malformed capture...
CVE-2016-9376 AVG-78 Medium Yes Denial of service
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the OpenFlow dissector could crash with memory exhaustion, triggered by network traffic or a capture file....
CVE-2016-9375 AVG-78 Medium Yes Denial of service
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DTN dissector could go into an infinite loop, triggered by network traffic or a capture file. This was...
CVE-2016-9374 AVG-78 Medium Yes Denial of service
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the AllJoyn dissector could crash with a buffer over-read, triggered by network traffic or a capture file....
CVE-2016-9373 AVG-78 High Yes Arbitrary code execution
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DCERPC dissector could crash with a use-after-free, triggered by network traffic or a capture file. This...
CVE-2016-7180 AVG-3 Medium Yes Denial of service
It may be possible to make Wireshark crash via the IPMI Trace dissector by injecting a malformed packet onto the wire or by convincing someone to read a...
CVE-2016-7179 AVG-3 Medium Yes Denial of service
It may be possible to make Wireshark crash via the Catapult DCT2000 dissector by injecting a malformed packet onto the wire or by convincing someone to read...
CVE-2016-7178 AVG-3 Medium Yes Denial of service
It may be possible to make Wireshark crash via the UMTS FP dissector by injecting a malformed packet onto the wire or by convincing someone to read a...
CVE-2016-7177 AVG-3 Medium Yes Denial of service
It may be possible to make Wireshark crash via the Catapult DCT2000 dissector by injecting a malformed packet onto the wire or by convincing someone to read...
CVE-2016-7176 AVG-3 Medium Yes Denial of service
It may be possible to make Wireshark crash via the H.225 dissector by injecting a malformed packet onto the wire or by convincing someone to read a...
CVE-2016-7175 AVG-3 Medium Yes Denial of service
It may be possible to make Wireshark crash via the QNX6 QNET dissector by injecting a malformed packet onto the wire or by convincing someone to read a...

Advisories

Date Advisory Group Severity Type
20 Jul 2021 ASA-202107-44 AVG-2160 Low denial of service
09 Jun 2021 ASA-202106-30 AVG-2037 Low denial of service
06 Feb 2021 ASA-202102-3 AVG-1510 Low denial of service
17 Nov 2020 ASA-202011-13 AVG-1258 Low denial of service
18 Jul 2020 ASA-202007-2 AVG-1198 Low denial of service
09 Apr 2020 ASA-202004-10 AVG-1129 Critical arbitrary code execution
10 Jan 2019 ASA-201901-5 AVG-844 Medium multiple issues
08 Dec 2018 ASA-201812-3 AVG-825 Critical multiple issues
12 Oct 2018 ASA-201810-9 AVG-779 High multiple issues
25 May 2018 ASA-201805-25 AVG-708 Critical multiple issues
12 Oct 2017 ASA-201710-14 AVG-440 Medium denial of service
26 Jul 2017 ASA-201707-28 AVG-356 Low denial of service
12 Jun 2017 ASA-201706-9 AVG-287 Low denial of service
24 Nov 2016 ASA-201611-25 AVG-78 High multiple issues
26 Sep 2016 ASA-201609-27 AVG-3 Medium denial of service