CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2019-5719 – Debian Security Advisory 4416-1
https://notcve.org/view.php?id=CVE-2019-5719
08 Jan 2019 — In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the ISAKMP dissector could crash. This was addressed in epan/dissectors/packet-isakmp.c by properly handling the case of a missing decryption data block. En Wireshark desde la versión 2.6.0 hasta la 2.6.5 y desde la 2.4.0 hasta la 2.4.11, el disector ISAKMP podría cerrarse inesperadamente. Esto se trató en epan/dissectors/packet-isakmp.c, gestionando el caso de un bloque de datos de descifrado de manera correcta. It was discovered that Wireshark, a network tr... • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-5721
https://notcve.org/view.php?id=CVE-2019-5721
08 Jan 2019 — In Wireshark 2.4.0 to 2.4.11, the ENIP dissector could crash. This was addressed in epan/dissectors/packet-enip.c by changing the memory-management approach so that a use-after-free is avoided. En Wireshark, desde la versión 2.4.0 hasta la 2.4.11, el disector ENIP podría cerrarse inesperadamente. Esto se trató en epan/dissectors/packet-enip.c, cambiando el enfoque de gestión de memoria para evitar el uso de memoria previamente liberada. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html • CWE-416: Use After Free •
CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 1CVE-2018-19622 – wireshark: Infinite loop in the MMSE dissector
https://notcve.org/view.php?id=CVE-2018-19622
29 Nov 2018 — In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-mmse.c by preventing length overflows. En Wireshark, de la versión 2.6.0 a la 2.6.4 y de la versión 2.4.0 a la 2.4.10, el disector MMSE podría entrar en un bucle infinito. Esto se trató en epan/dissectors/packet-mmse.c evitando desbordamientos de longitud. A vulnerability in MMSE dissector allows Wireshark to loop infinitely when parsing a specially crafted pcap fi... • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 2%CPEs: 4EXPL: 1CVE-2018-19623 – Debian Security Advisory 4359-1
https://notcve.org/view.php?id=CVE-2018-19623
29 Nov 2018 — In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the LBMPDM dissector could crash. In addition, a remote attacker could write arbitrary data to any memory locations before the packet-scoped memory. This was addressed in epan/dissectors/packet-lbmpdm.c by disallowing certain negative values. En Wireshark 2.6.0 a 2.6.4 y 2.4.0 a 2.4.10, el disector LBMPDM podría cerrarse inesperadamente. Además, un atacante remoto podría escribir datos arbitrarios a cualquier ubicación de memoria antes de la memoria en el alc... • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2018-19624 – Debian Security Advisory 4359-1
https://notcve.org/view.php?id=CVE-2018-19624
29 Nov 2018 — In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the PVFS dissector could crash. This was addressed in epan/dissectors/packet-pvfs2.c by preventing a NULL pointer dereference. En Wireshark 2.6.0 a 2.6.4 y 2.4.0 a 2.4.10, el disector PVFS podría cerrarse inesperadamente. Esto se abordó en epan/dissectors/packet-pvfs2.c evitando una desreferencia de puntero NULL. Multiple vulnerabilities have been discovered in Wireshark, a network protocol analyzer, which could result in denial of service or the execution of... • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2018-19625 – Debian Security Advisory 4359-1
https://notcve.org/view.php?id=CVE-2018-19625
29 Nov 2018 — In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the dissection engine could crash. This was addressed in epan/tvbuff_composite.c by preventing a heap-based buffer over-read. En Wireshark 2.6.0 a 2.6.4 y 2.4.0 a 2.4.10, el motor de disección podría cerrarse inesperadamente. Esto se abordó en epan/tvbuff_composite.c evitando una sobrelectura de búfer basada en memoria dinámica (heap). Multiple vulnerabilities have been discovered in Wireshark, a network protocol analyzer, which could result in denial of serv... • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2018-19626 – Debian Security Advisory 4359-1
https://notcve.org/view.php?id=CVE-2018-19626
29 Nov 2018 — In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the DCOM dissector could crash. This was addressed in epan/dissectors/packet-dcom.c by adding '\0' termination. En Wireshark 2.6.0 a 2.6.4 y 2.4.0 a 2.4.10, el disector DCOM podría cerrarse inesperadamente. Esto se trató en epan/dissectors/packet-dcom.c añadiendo la terminación "\0". Multiple vulnerabilities have been discovered in Wireshark, a network protocol analyzer, which could result in denial of service or the execution of arbitrary code. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html • CWE-125: Out-of-bounds Read CWE-908: Use of Uninitialized Resource •
CVSS: 7.5EPSS: 21%CPEs: 3EXPL: 3CVE-2018-19627 – Wireshark - 'find_signature' Heap Out-of-Bounds Read
https://notcve.org/view.php?id=CVE-2018-19627
29 Nov 2018 — In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the IxVeriWave file parser could crash. This was addressed in wiretap/vwr.c by adjusting a buffer boundary. En Wireshark 2.6.0 a 2.6.4 y 2.4.0 a 02/04/2010, el analizador IxVeriWave de archivos podría cerrarse inesperadamente. Esto se abordó en wiretap/vwr.c ajustando un límite de búfer. Multiple vulnerabilities have been discovered in Wireshark, a network protocol analyzer, which could result in denial of service or the execution of arbitrary code. • https://packetstorm.news/files/id/150627 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 1CVE-2018-19628 – Debian Security Advisory 4359-1
https://notcve.org/view.php?id=CVE-2018-19628
29 Nov 2018 — In Wireshark 2.6.0 to 2.6.4, the ZigBee ZCL dissector could crash. This was addressed in epan/dissectors/packet-zbee-zcl-lighting.c by preventing a divide-by-zero error. En Wireshark desde la versión 2.6.0 hasta la 2.6.4, el disector ZigBee ZCL podría cerrarse inesperadamente. Esto se abordó en epan/dissectors/packet-zbee-zcl-lighting.c evitando un error de división entre cero. Multiple vulnerabilities have been discovered in Wireshark, a network protocol analyzer, which could result in denial of service or... • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html • CWE-369: Divide By Zero •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0CVE-2018-18225 – Debian Security Advisory 4359-1
https://notcve.org/view.php?id=CVE-2018-18225
12 Oct 2018 — In Wireshark 2.6.0 to 2.6.3, the CoAP dissector could crash. This was addressed in epan/dissectors/packet-coap.c by ensuring that the piv length is correctly computed. En Wireshark desde la versión 2.6.0 hasta la 2.6.3, el disector CoAP podría cerrarse inesperadamente. Esto se trató en epan/dissectors/packet-coap.c garantizando que la longitud de piv se calcula correctamente. Multiple vulnerabilities have been discovered in Wireshark, a network protocol analyzer, which could result in denial of service or t... • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html • CWE-682: Incorrect Calculation •