CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-7333
https://notcve.org/view.php?id=CVE-2018-7333
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-rpcrdma.c had an infinite loop that was addressed by validating a chunk size. En Wireshark 2.4.0 a 2.4.4 y 2.2.0 a 2.2.12, epan/dissectors/packet-rpcrdma.c tenía un bucle infinito que se abordó validando un tamaño de fragmento. • http://www.securityfocus.com/bid/103158 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14449 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=bd6313181317bfe83842b27650b65f3c2b8d5dc9 https://www.wireshark.org/security/wnpa-sec-2018-06.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-7418 – wireshark: SIGCOMP dissector crash in packet-sigcomp.c
https://notcve.org/view.php?id=CVE-2018-7418
In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the SIGCOMP dissector could crash. This was addressed in epan/dissectors/packet-sigcomp.c by correcting the extraction of the length value. En Wireshark 2.2.0 a 2.2.12 y 2.4.0 a 2.4.4, el disector SIGCOMP podría cerrarse inesperadamente. Esto se trató en epan/dissectors/packet-sigcomp.c corrigiendo la extracción del valor de longitud. A denial of service flaw was found in the SIGCOMP dissector in Wireshark. • http://www.securityfocus.com/bid/103157 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14410 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=29d920b8309905dda11ad397596fe8aafc9b4bf7 https://lists.debian.org/debian-lts-announce/2018/04/msg00018.html https://lists.debian.org/debian-lts-announce/2019/01/msg00010.html https://www.wireshark.org/security/wnpa-sec-2018-13.html https://access.redhat.com/security/cve/CVE-2018-7418 https://bugzilla.redhat.com/show_bug.cgi& • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-7329
https://notcve.org/view.php?id=CVE-2018-7329
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-s7comm.c had an infinite loop that was addressed by correcting off-by-one errors. En Wireshark 2.4.0 a 2.4.4 y 2.2.0 a 2.2.12, epan/dissectors/packet-s7comm.c tenía un bucle infinito que se abordó corrigiendo los errores por un paso. • http://www.securityfocus.com/bid/103158 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14423 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=d8a0cbc4f2979e0b1cadbe79f0b8b4ecb92477be https://www.wireshark.org/security/wnpa-sec-2018-06.html • CWE-193: Off-by-one Error CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2018-7331
https://notcve.org/view.php?id=CVE-2018-7331
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-ber.c had an infinite loop that was addressed by validating a length. En Wireshark 2.4.0 a 2.4.4 y 2.2.0 a 2.2.12, epan/dissectors/packet-ber.c tenía un bucle infinito que se abordó validando una longitud. • http://www.securityfocus.com/bid/103158 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14444 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=157712b2f5f89b19ef2497ea89c5938eb29529da https://lists.debian.org/debian-lts-announce/2019/01/msg00010.html https://www.wireshark.org/security/wnpa-sec-2018-06.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-6836
https://notcve.org/view.php?id=CVE-2018-6836
The netmonrec_comment_destroy function in wiretap/netmon.c in Wireshark through 2.4.4 performs a free operation on an uninitialized memory address, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. La función netmonrec_comment_destroy en wiretap/netmon.c en Wireshark, hasta la versión 2.4.4, realiza una operación de liberación en una dirección de memoria no inicializada, lo que permite que atacantes remotos provoquen una denegación de servicio (cierre inesperado de la aplicación) u otro tipo de impacto sin especificar. • https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14397 https://code.wireshark.org/review/#/c/25660 https://code.wireshark.org/review/#/c/25660/2/wiretap/netmon.c https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=28960d79cca262ac6b974f339697b299a1e28fef • CWE-763: Release of Invalid Pointer or Reference •