CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-7320
https://notcve.org/view.php?id=CVE-2018-7320
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the SIGCOMP protocol dissector could crash. This was addressed in epan/dissectors/packet-sigcomp.c by validating operand offsets. En Wireshark 2.4.0 a 2.4.4 y 2.2.0 a 2.2.12, el disector del protocolo SIGCOMP podría cerrarse inesperadamente. Esto se trató en epan/dissectors/packet-sigcomp.c validando los desplazamientos de operandos. • http://www.securityfocus.com/bid/103160 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14398 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=015e3399390b8b5cfbfcfcda30589983ab6cc129 https://www.debian.org/security/2018/dsa-4217 https://www.wireshark.org/security/wnpa-sec-2018-10.html •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-7334
https://notcve.org/view.php?id=CVE-2018-7334
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the UMTS MAC dissector could crash. This was addressed in epan/dissectors/packet-umts_mac.c by rejecting a certain reserved value. En Wireshark 2.4.0 a 2.4.4 y 2.2.0 a 2.2.12, el disector UMTS MAC podría cerrarse inesperadamente. Esto se trató en epan/dissectors/packet-umts_mac.c rechazando cierto valor reservado. • http://www.securityfocus.com/bid/103162 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14339 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=8ed705e1227d3d582e3f0de435bba606d053d686 https://lists.debian.org/debian-lts-announce/2018/04/msg00018.html https://www.debian.org/security/2018/dsa-4217 https://www.wireshark.org/security/wnpa-sec-2018-07.html •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2018-7325
https://notcve.org/view.php?id=CVE-2018-7325
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-rpki-rtr.c had an infinite loop that was addressed by validating a length field. En Wireshark 2.4.0 a 2.4.4 y 2.2.0 a 2.2.12, epan/dissectors/packet-rpki-rtr.c tenía un bucle infinito que se abordó validando un campo length. • http://www.securityfocus.com/bid/103158 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14414 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=7be234d06ea39ab6a88115ae41d71060f1f15e3c https://lists.debian.org/debian-lts-announce/2019/01/msg00010.html https://www.wireshark.org/security/wnpa-sec-2018-06.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-7337
https://notcve.org/view.php?id=CVE-2018-7337
In Wireshark 2.4.0 to 2.4.4, the DOCSIS protocol dissector could crash. This was addressed in plugins/docsis/packet-docsis.c by removing the recursive algorithm that had been used for concatenated PDUs. En Wireshark desde la versión 2.4.0 hasta la 2.4.4, el disector de protocolo DOCSIS podría cerrarse inesperadamente. Esto se trató en plugins/docsis/packet-docsis.c eliminando el algoritmo recursivo que se había estado empleando para los PDU concatenados. • http://www.securityfocus.com/bid/103164 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14446 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=511a8b0b546d25413e289dc5a7d3a455a33994c2 https://lists.debian.org/debian-lts-announce/2018/04/msg00018.html https://www.wireshark.org/security/wnpa-sec-2018-08.html •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-7417
https://notcve.org/view.php?id=CVE-2018-7417
In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the IPMI dissector could crash. This was addressed in epan/dissectors/packet-ipmi-picmg.c by adding support for crafted packets that lack an IPMI header. En Wireshark 2.2.0 a 2.2.12 y 2.4.0 a 2.4.4, el disector IPMI podría cerrarse inesperadamente. Esto se trató en epan/dissectors/packet-ipmi-picmg.c añadiendo soporte a paquetes manipulados que carecen de cabecera IPMI. • http://www.securityfocus.com/bid/103156 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14409 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=81216a176b25dd8a616e11808a951e141a467009 https://lists.debian.org/debian-lts-announce/2018/04/msg00018.html https://lists.debian.org/debian-lts-announce/2019/01/msg00010.html https://www.wireshark.org/security/wnpa-sec-2018-12.html •