Download
| Alert*
oval:org.secpod.oval:def:89002189
This update for wireshark fixes the following issues: - Update to wireshark 2.2.14, fix such issues: * bsc#1088200 VUL-0: wireshark: multiple vulnerabilities fixed in 2.2.14, 2.4.6 * CVE-2018-9256: LWAPP dissector crash * CVE-2018-9260: IEEE 802.15.4 dissector crash * CVE-2018-9261: NBAP dissector c ... oval:org.secpod.oval:def:89002481 This update for wireshark fixes the following issues: - Update to wireshark 2.2.14, fix such issues: * bsc#1088200 VUL-0: wireshark: multiple vulnerabilities fixed in 2.2.14, 2.4.6 * CVE-2018-9256: LWAPP dissector crash * CVE-2018-9260: IEEE 802.15.4 dissector crash * CVE-2018-9261: NBAP dissector c ... oval:org.secpod.oval:def:2102038 In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the LWAPP dissector could crash. This was addressed in epan/dissectors/packet-lwapp.c by limiting the encapsulation levels to restrict the recursion depth. oval:org.secpod.oval:def:1800975 CVE-2018-9256: LWAPP dissector crash Affected versions: 2.4.0 to 2.4.5, 2.2.0 to 2.2.13 Fixed versions: 2.4.6, 2.2.14 oval:org.secpod.oval:def:1800976 CVE-2018-9256: LWAPP dissector crash Affected versions: 2.4.0 to 2.4.5, 2.2.0 to 2.2.13 Fixed versions: 2.4.6, 2.2.14 oval:org.secpod.oval:def:44874 The host is installed with Wireshark 2.4.0 to 2.4.5 or 2.2.0 to 2.2.13 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the NBAP dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:44893 The host is installed with Wireshark 2.4.0 to 2.4.5 or 2.2.0 to 2.2.13 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle the NBAP dissector issue. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:603417 It was discovered that Wireshark, a network protocol analyzer, contained several vulnerabilities in the dissectors for PCP, ADB, NBAP, UMTS MAC, IEEE 802.11, SIGCOMP, LDSS, GSM A DTAP and Q.931, which result in denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:53343 It was discovered that Wireshark, a network protocol analyzer, contained several vulnerabilities in the dissectors for PCP, ADB, NBAP, UMTS MAC, IEEE 802.11, SIGCOMP, LDSS, GSM A DTAP and Q.931, which result in denial of service or the execution of arbitrary code. |