CVE-2018-9265
https://notcve.org/view.php?id=CVE-2018-9265
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-tn3270.c has a memory leak. En Wireshark 2.4.0 a 2.4.5 y 2.2.0 a 2.2.13, epan/dissectors/packet-tn3270.c tiene una fuga de memoria. • https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14480 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=b12cc581cd4878d74b6116ca02c7dbe650c1f242 https://lists.debian.org/debian-lts-announce/2019/01/msg00010.html https://www.wireshark.org/security/wnpa-sec-2018-24.html • CWE-772: Missing Release of Resource after Effective Lifetime •
CVE-2018-9272
https://notcve.org/view.php?id=CVE-2018-9272
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-h223.c has a memory leak. En Wireshark 2.4.0 a 2.4.5 y 2.2.0 a 2.2.13, epan/dissectors/packet-h223.c tiene una fuga de memoria. • https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14487 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=6e3b90824a82724f445a0374e99f0b76e4cf5e8b https://www.wireshark.org/security/wnpa-sec-2018-24.html • CWE-772: Missing Release of Resource after Effective Lifetime •
CVE-2018-9274
https://notcve.org/view.php?id=CVE-2018-9274
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, ui/failure_message.c has a memory leak. En Wireshark 2.4.0 a 2.4.5 y 2.2.0 a 2.2.13, ui/failure_message.c tiene una fuga de memoria. • https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14489 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=211845aba4794720ae265c782cdffddae54a3e7a https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=f38e895dfc0d97bce64f73ce99df706911d9aa07 https://www.wireshark.org/security/wnpa-sec-2018-24.html • CWE-772: Missing Release of Resource after Effective Lifetime •
CVE-2018-9263
https://notcve.org/view.php?id=CVE-2018-9263
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the Kerberos dissector could crash. This was addressed in epan/dissectors/packet-kerberos.c by ensuring a nonzero key length. En Wireshark 2.4.0 a 2.4.5 y 2.2.0 a 2.2.13, el disector Kerberos podría cerrarse inesperadamente. Esto se trató en epan/dissectors/packet-kerberos.c garantizando una longitud de clave que no sea cero. • https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14576 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=4fe65168fd0de81306710330aa414f10f53cbdf0 https://lists.debian.org/debian-lts-announce/2018/05/msg00019.html https://lists.debian.org/debian-lts-announce/2019/01/msg00010.html https://www.wireshark.org/security/wnpa-sec-2018-23.html •
CVE-2018-9260
https://notcve.org/view.php?id=CVE-2018-9260
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the IEEE 802.15.4 dissector could crash. This was addressed in epan/dissectors/packet-ieee802154.c by ensuring that an allocation step occurs. En Wireshark 2.4.0 a 2.4.5 y 2.2.0 a 2.2.13, el disector IEEE 802.15.4 podría cerrarse inesperadamente. Esto se abordó en epan/dissectors/packet-ieee802154.c garantizando que ocurre un paso de asignación. • https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14468 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=14d6f717d8ea27688af48532edb1d29f502ea8f0 https://lists.debian.org/debian-lts-announce/2018/05/msg00019.html https://lists.debian.org/debian-lts-announce/2019/01/msg00010.html https://www.wireshark.org/security/wnpa-sec-2018-17.html • CWE-20: Improper Input Validation •