CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-7336
https://notcve.org/view.php?id=CVE-2018-7336
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the FCP protocol dissector could crash. This was addressed in epan/dissectors/packet-fcp.c by checking for a NULL pointer. En Wireshark 2.4.0 a 2.4.4 y 2.2.0 a 02/02/2012, el disector FCP podría cerrarse inesperadamente. Esto se trató en epan/dissectors/packet-fcp.c buscando un puntero NULL. • http://www.securityfocus.com/bid/103166 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14374 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=b56f598f1bc04f5d00f13b38c713763928cedb7c https://lists.debian.org/debian-lts-announce/2018/04/msg00018.html https://lists.debian.org/debian-lts-announce/2019/01/msg00010.html https://www.wireshark.org/security/wnpa-sec-2018-09.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2018-7326
https://notcve.org/view.php?id=CVE-2018-7326
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-lltd.c had an infinite loop that was addressed by using a correct integer data type. En Wireshark 2.4.0 a 2.4.4 y 2.2.0 a 2.2.12, epan/dissectors/packet-lltd.c tenía un bucle infinito que se abordó empleando un tipo de datos de enteros correcto. • http://www.securityfocus.com/bid/103158 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14419 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=293b999425e998d6cde0d9149648e421ea7687d0 https://www.wireshark.org/security/wnpa-sec-2018-06.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-7328
https://notcve.org/view.php?id=CVE-2018-7328
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-usb.c had an infinite loop that was addressed by rejecting short frame header lengths. En Wireshark 2.4.0 a 2.4.4 y 2.2.0 a 2.2.12, epan/dissectors/packet-usb.c tenía un bucle infinito que se abordó rechazando las longitudes de cabecera de trama cortas. • http://www.securityfocus.com/bid/103158 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14421 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=69d09028c956f6e049145485ce9b3e2858789b2b https://www.wireshark.org/security/wnpa-sec-2018-06.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-7333
https://notcve.org/view.php?id=CVE-2018-7333
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-rpcrdma.c had an infinite loop that was addressed by validating a chunk size. En Wireshark 2.4.0 a 2.4.4 y 2.2.0 a 2.2.12, epan/dissectors/packet-rpcrdma.c tenía un bucle infinito que se abordó validando un tamaño de fragmento. • http://www.securityfocus.com/bid/103158 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14449 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=bd6313181317bfe83842b27650b65f3c2b8d5dc9 https://www.wireshark.org/security/wnpa-sec-2018-06.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-6836
https://notcve.org/view.php?id=CVE-2018-6836
The netmonrec_comment_destroy function in wiretap/netmon.c in Wireshark through 2.4.4 performs a free operation on an uninitialized memory address, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. La función netmonrec_comment_destroy en wiretap/netmon.c en Wireshark, hasta la versión 2.4.4, realiza una operación de liberación en una dirección de memoria no inicializada, lo que permite que atacantes remotos provoquen una denegación de servicio (cierre inesperado de la aplicación) u otro tipo de impacto sin especificar. • https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14397 https://code.wireshark.org/review/#/c/25660 https://code.wireshark.org/review/#/c/25660/2/wiretap/netmon.c https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=28960d79cca262ac6b974f339697b299a1e28fef • CWE-763: Release of Invalid Pointer or Reference •