CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2018-9256
https://notcve.org/view.php?id=CVE-2018-9256
04 Apr 2018 — In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the LWAPP dissector could crash. This was addressed in epan/dissectors/packet-lwapp.c by limiting the encapsulation levels to restrict the recursion depth. En Wireshark 2.4.0 a 2.4.5 y 2.2.0 a 2.2.13, el disector LWAPP podría cerrarse inesperadamente. Esto se abordó en epan/dissectors/packet-lwapp.c limitando los niveles de encapsulamiento para restringir la profundidad de recursión. • https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14467 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2018-9259
https://notcve.org/view.php?id=CVE-2018-9259
04 Apr 2018 — In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the MP4 dissector could crash. This was addressed in epan/dissectors/file-mp4.c by restricting the box recursion depth. En Wireshark 2.4.0 a 2.4.5 y 2.2.0 a 2.2.13, el disector MP4 podría cerrarse inesperadamente. Esto se abordó en epan/dissectors/file-mp4.c al restringir la profundidad de recursión de cuadro. • https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13777 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2018-9260
https://notcve.org/view.php?id=CVE-2018-9260
04 Apr 2018 — In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the IEEE 802.15.4 dissector could crash. This was addressed in epan/dissectors/packet-ieee802154.c by ensuring that an allocation step occurs. En Wireshark 2.4.0 a 2.4.5 y 2.2.0 a 2.2.13, el disector IEEE 802.15.4 podría cerrarse inesperadamente. Esto se abordó en epan/dissectors/packet-ieee802154.c garantizando que ocurre un paso de asignación. • https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14468 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-9261 – Debian Security Advisory 4217-1
https://notcve.org/view.php?id=CVE-2018-9261
04 Apr 2018 — In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the NBAP dissector could crash with a large loop that ends with a heap-based buffer overflow. This was addressed in epan/dissectors/packet-nbap.c by prohibiting the self-linking of DCH-IDs. En Wireshark 2.4.0 a 2.4.5 y 2.2.0 a 2.2.13, el disector NBAP podría cerrarse inesperadamente con un gran bucle que termina con un desbordamiento de búfer basado en memoria dinámica (heap). Esto se trató en epan/dissectors/packet-nbap.c c prohibiendo el autoenlazado de DCH... • https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14471 • CWE-834: Excessive Iteration •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2018-9262
https://notcve.org/view.php?id=CVE-2018-9262
04 Apr 2018 — In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the VLAN dissector could crash. This was addressed in epan/dissectors/packet-vlan.c by limiting VLAN tag nesting to restrict the recursion depth. En Wireshark 2.4.0 a 2.4.5 y 2.2.0 a 2.2.13, el disector VLAN podría cerrarse inesperadamente. Esto se abordó en epan/dissectors/packet-lwapp.c limitando la anidación de etiquetas VLAN para restringir la profundidad de recursión. • https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14469 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2018-9263
https://notcve.org/view.php?id=CVE-2018-9263
04 Apr 2018 — In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the Kerberos dissector could crash. This was addressed in epan/dissectors/packet-kerberos.c by ensuring a nonzero key length. En Wireshark 2.4.0 a 2.4.5 y 2.2.0 a 2.2.13, el disector Kerberos podría cerrarse inesperadamente. Esto se trató en epan/dissectors/packet-kerberos.c garantizando una longitud de clave que no sea cero. • https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14576 •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2018-9264 – Debian Security Advisory 4217-1
https://notcve.org/view.php?id=CVE-2018-9264
04 Apr 2018 — In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the ADB dissector could crash with a heap-based buffer overflow. This was addressed in epan/dissectors/packet-adb.c by checking for a length inconsistency. En Wireshark 2.4.0 a 2.4.5 y 2.2.0 a 2.2.13, el disector ADB podría cerrarse inesperadamente con un desbordamiento de búfer basado en memoria dinámica (heap). Esto se trató en epan/dissectors/packet-adb.c buscando una inconsistencia de longitud. It was discovered that Wireshark, a network protocol analyzer... • https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14460 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2018-9265
https://notcve.org/view.php?id=CVE-2018-9265
04 Apr 2018 — In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-tn3270.c has a memory leak. En Wireshark 2.4.0 a 2.4.5 y 2.2.0 a 2.2.13, epan/dissectors/packet-tn3270.c tiene una fuga de memoria. • https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14480 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2018-9266
https://notcve.org/view.php?id=CVE-2018-9266
04 Apr 2018 — In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-isup.c has a memory leak. En Wireshark 2.4.0 a 2.4.5 y 2.2.0 a 2.2.13, epan/dissectors/packet-isup.c tiene una fuga de memoria. • https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14481 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2018-9267
https://notcve.org/view.php?id=CVE-2018-9267
04 Apr 2018 — In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-lapd.c has a memory leak. En Wireshark 2.4.0 a 2.4.5 y 2.2.0 a 2.2.13, epan/dissectors/packet-lapd.c tiene una fuga de memoria. • https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14482 • CWE-772: Missing Release of Resource after Effective Lifetime •