Описание
Security update for wireshark
wireshark has been updated to version 1.10.11 to fix five security issues.
These security issues have been fixed:
This non-security issue has been fixed:
Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-1.10.11.html https://www.wireshark.org/docs/relnotes/wireshark-1.10.11.html
Security Issues:
Список пакетов
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3-TERADATA
SUSE Linux Enterprise Server for SAP Applications 11 SP3
SUSE Linux Enterprise Software Development Kit 11 SP3
Ссылки
- Link for SUSE-SU-2015:0426-1
- E-Mail link for SUSE-SU-2015:0426-1
- SUSE Security Ratings
- SUSE Bug 813217
- SUSE Bug 816517
- SUSE Bug 816887
- SUSE Bug 820973
- SUSE Bug 824900
- SUSE Bug 831718
- SUSE Bug 839607
- SUSE Bug 848738
- SUSE Bug 855980
- SUSE Bug 856495
- SUSE Bug 856496
- SUSE Bug 856498
- SUSE Bug 867485
- SUSE Bug 889854
- SUSE Bug 889899
- SUSE Bug 889900
- SUSE Bug 889901
Описание
The dissect_diagnosticrequest function in epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (infinite loop) via crafted integer values in a packet.
Затронутые продукты
Ссылки
- CVE-2013-2486
- SUSE Bug 807942
- SUSE Bug 820566
- SUSE Bug 820973
Описание
epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses incorrect integer data types, which allows remote attackers to cause a denial of service (infinite loop) via crafted integer values in a packet, related to the (1) dissect_icecandidates, (2) dissect_kinddata, (3) dissect_nodeid_list, (4) dissect_storeans, (5) dissect_storereq, (6) dissect_storeddataspecifier, (7) dissect_fetchreq, (8) dissect_findans, (9) dissect_diagnosticinfo, (10) dissect_diagnosticresponse, (11) dissect_reload_messagecontents, and (12) dissect_reload_message functions, a different vulnerability than CVE-2013-2486.
Затронутые продукты
Ссылки
- CVE-2013-2487
- SUSE Bug 807942
- SUSE Bug 820566
- SUSE Bug 820973
Описание
epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshark 1.8.x before 1.8.7 calls incorrect functions in certain contexts related to ciphers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
Затронутые продукты
Ссылки
- CVE-2013-3555
- SUSE Bug 820566
- SUSE Bug 820973
Описание
The fragment_add_seq_common function in epan/reassemble.c in the ASN.1 BER dissector in Wireshark before r48943 has an incorrect pointer dereference during a comparison, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
Затронутые продукты
Ссылки
- CVE-2013-3556
- SUSE Bug 820566
- SUSE Bug 820973
Описание
The dissect_ber_choice function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.6.x before 1.6.15 and 1.8.x before 1.8.7 does not properly initialize a certain variable, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
Затронутые продукты
Ссылки
- CVE-2013-3557
- SUSE Bug 820566
- SUSE Bug 820973
Описание
The dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c in the PPP CCP dissector in Wireshark 1.8.x before 1.8.7 does not terminate a bit-field list, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
Затронутые продукты
Ссылки
- CVE-2013-3558
- SUSE Bug 820566
- SUSE Bug 820973
Описание
epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.8.x before 1.8.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (integer overflow, and heap memory corruption or NULL pointer dereference, and application crash) via a malformed packet.
Затронутые продукты
Ссылки
- CVE-2013-3559
- SUSE Bug 820566
- SUSE Bug 820973
Описание
The dissect_dsmcc_un_download function in epan/dissectors/packet-mpeg-dsmcc.c in the MPEG DSM-CC dissector in Wireshark 1.8.x before 1.8.7 uses an incorrect format string, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
Затронутые продукты
Ссылки
- CVE-2013-3560
- SUSE Bug 820566
- SUSE Bug 820973
Описание
Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (loop or application crash) via a malformed packet, related to a crash of the Websocket dissector, an infinite loop in the MySQL dissector, and a large loop in the ETCH dissector.
Затронутые продукты
Ссылки
- CVE-2013-3561
- SUSE Bug 820566
- SUSE Bug 820973
Описание
Multiple integer signedness errors in the tvb_unmasked function in epan/dissectors/packet-websocket.c in the Websocket dissector in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (application crash) via a malformed packet.
Затронутые продукты
Ссылки
- CVE-2013-3562
- SUSE Bug 820566
- SUSE Bug 820973
Описание
The dissect_capwap_data function in epan/dissectors/packet-capwap.c in the CAPWAP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 incorrectly uses a -1 data value to represent an error condition, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
Затронутые продукты
Ссылки
- CVE-2013-4074
- SUSE Bug 824900
Описание
epan/dissectors/packet-gmr1_bcch.c in the GMR-1 BCCH dissector in Wireshark 1.8.x before 1.8.8 does not properly initialize memory, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
Затронутые продукты
Ссылки
- CVE-2013-4075
- SUSE Bug 824900
- SUSE Bug 836146
Описание
Buffer overflow in the dissect_iphc_crtp_fh function in epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (application crash) via a crafted packet.
Затронутые продукты
Ссылки
- CVE-2013-4076
- SUSE Bug 824900
Описание
Array index error in the NBAP dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to nbap.cnf and packet-nbap.c.
Затронутые продукты
Ссылки
- CVE-2013-4077
- SUSE Bug 824900
Описание
epan/dissectors/packet-rdp.c in the RDP dissector in Wireshark 1.8.x before 1.8.8 does not validate return values during checks for data availability, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
Затронутые продукты
Ссылки
- CVE-2013-4078
- SUSE Bug 824900
Описание
The dissect_schedule_message function in epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (infinite loop and application hang) via a crafted packet.
Затронутые продукты
Ссылки
- CVE-2013-4079
- SUSE Bug 824900
- SUSE Bug 836146
Описание
The dissect_r3_upstreamcommand_queryconfig function in epan/dissectors/packet-assa_r3.c in the Assa Abloy R3 dissector in Wireshark 1.8.x before 1.8.8 does not properly handle a zero-length item, which allows remote attackers to cause a denial of service (infinite loop, and CPU and memory consumption) via a crafted packet.
Затронутые продукты
Ссылки
- CVE-2013-4080
- SUSE Bug 824900
Описание
The http_payload_subdissector function in epan/dissectors/packet-http.c in the HTTP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 does not properly determine when to use a recursive approach, which allows remote attackers to cause a denial of service (stack consumption) via a crafted packet.
Затронутые продукты
Ссылки
- CVE-2013-4081
- SUSE Bug 824900
- SUSE Bug 836116
Описание
The vwr_read function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.8 does not validate the relationship between a record length and a trailer length, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) via a crafted packet.
Затронутые продукты
Ссылки
- CVE-2013-4082
- SUSE Bug 824900
Описание
The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.6.x before 1.6.16, 1.8.x before 1.8.8, and 1.10.0 does not validate a certain fragment length value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
Затронутые продукты
Ссылки
- CVE-2013-4083
- SUSE Bug 824900
- SUSE Bug 831718
Описание
The parseFields function in epan/dissectors/packet-dis-pdus.c in the DIS dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not terminate packet-data processing after finding zero remaining bytes, which allows remote attackers to cause a denial of service (loop) via a crafted packet.
Затронутые продукты
Ссылки
- CVE-2013-4929
- SUSE Bug 831718
Описание
The dissect_dvbci_tpdu_hdr function in epan/dissectors/packet-dvbci.c in the DVB-CI dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not validate a certain length value before decrementing it, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted packet.
Затронутые продукты
Ссылки
- CVE-2013-4930
- SUSE Bug 831718
Описание
epan/proto.c in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (loop) via a crafted packet that is not properly handled by the GSM RR dissector.
Затронутые продукты
Ссылки
- CVE-2013-4931
- SUSE Bug 831718
Описание
Multiple array index errors in epan/dissectors/packet-gsm_a_common.c in the GSM A Common dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allow remote attackers to cause a denial of service (application crash) via a crafted packet.
Затронутые продукты
Ссылки
- CVE-2013-4932
- SUSE Bug 831718
Описание
The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) via a crafted packet-trace file.
Затронутые продукты
Ссылки
- CVE-2013-4933
- SUSE Bug 831718
Описание
The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize certain structure members, which allows remote attackers to cause a denial of service (application crash) via a crafted packet-trace file.
Затронутые продукты
Ссылки
- CVE-2013-4934
- SUSE Bug 831718
Описание
The dissect_per_length_determinant function in epan/dissectors/packet-per.c in the ASN.1 PER dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize a length field in certain abnormal situations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
Затронутые продукты
Ссылки
- CVE-2013-4935
- SUSE Bug 831718
Описание
The ieee802154_map_rec function in epan/dissectors/packet-ieee802154.c in the IEEE 802.15.4 dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 uses an incorrect pointer chain, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
Затронутые продукты
Ссылки
- CVE-2013-6336
- SUSE Bug 848738
Описание
Unspecified vulnerability in the NBAP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet.
Затронутые продукты
Ссылки
- CVE-2013-6337
- SUSE Bug 848738
Описание
The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
Затронутые продукты
Ссылки
- CVE-2013-6338
- SUSE Bug 848738
Описание
The dissect_openwire_type function in epan/dissectors/packet-openwire.c in the OpenWire dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 allows remote attackers to cause a denial of service (loop) via a crafted packet.
Затронутые продукты
Ссылки
- CVE-2013-6339
- SUSE Bug 848738
Описание
epan/dissectors/packet-tcp.c in the TCP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 does not properly determine the amount of remaining data, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
Затронутые продукты
Ссылки
- CVE-2013-6340
- SUSE Bug 848738
Описание
The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 does not check for empty lines, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
Затронутые продукты
Ссылки
- CVE-2013-7112
- SUSE Bug 856498
Описание
epan/dissectors/packet-bssgp.c in the BSSGP dissector in Wireshark 1.10.x before 1.10.4 incorrectly relies on a global variable, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
Затронутые продукты
Ссылки
- CVE-2013-7113
- SUSE Bug 856495
Описание
Multiple buffer overflows in the create_ntlmssp_v2_key function in epan/dissectors/packet-ntlmssp.c in the NTLMSSP v2 dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 allow remote attackers to cause a denial of service (application crash) via a long domain name in a packet.
Затронутые продукты
Ссылки
- CVE-2013-7114
- SUSE Bug 856496
Описание
The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted NFS packet.
Затронутые продукты
Ссылки
- CVE-2014-2281
- SUSE Bug 867485
Описание
The dissect_protocol_data_parameter function in epan/dissectors/packet-m3ua.c in the M3UA dissector in Wireshark 1.10.x before 1.10.6 does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) via a crafted SS7 MTP3 packet.
Затронутые продукты
Ссылки
- CVE-2014-2282
- SUSE Bug 867485
Описание
epan/dissectors/packet-rlc in the RLC dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 uses inconsistent memory-management approaches, which allows remote attackers to cause a denial of service (use-after-free error and application crash) via a crafted UMTS Radio Link Control packet.
Затронутые продукты
Ссылки
- CVE-2014-2283
- SUSE Bug 867485
Описание
Buffer overflow in the mpeg_read function in wiretap/mpeg.c in the MPEG parser in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a large record in MPEG data.
Затронутые продукты
Ссылки
- CVE-2014-2299
- SUSE Bug 867485
Описание
Use-after-free vulnerability in the SDP dissector in Wireshark 1.10.x before 1.10.10 allows remote attackers to cause a denial of service (application crash) via a crafted packet that leverages split memory ownership between the SDP and RTP dissectors.
Затронутые продукты
Ссылки
- CVE-2014-6421
- SUSE Bug 897055
Описание
The SDP dissector in Wireshark 1.10.x before 1.10.10 creates duplicate hashtables for a media channel, which allows remote attackers to cause a denial of service (application crash) via a crafted packet to the RTP dissector.
Затронутые продукты
Ссылки
- CVE-2014-6422
- SUSE Bug 897055
Описание
The tvb_raw_text_add function in epan/dissectors/packet-megaco.c in the MEGACO dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service (infinite loop) via an empty line.
Затронутые продукты
Ссылки
- CVE-2014-6423
- SUSE Bug 897055
Описание
The dissect_v9_v10_pdu_data function in epan/dissectors/packet-netflow.c in the Netflow dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 refers to incorrect offset and start variables, which allows remote attackers to cause a denial of service (uninitialized memory read and application crash) via a crafted packet.
Затронутые продукты
Ссылки
- CVE-2014-6424
- SUSE Bug 897055
Описание
Off-by-one error in the is_rtsp_request_or_reply function in epan/dissectors/packet-rtsp.c in the RTSP dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet that triggers parsing of a token located one position beyond the current position.
Затронутые продукты
Ссылки
- CVE-2014-6427
- SUSE Bug 897055
Описание
The dissect_spdu function in epan/dissectors/packet-ses.c in the SES dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not initialize a certain ID value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
Затронутые продукты
Ссылки
- CVE-2014-6428
- SUSE Bug 897055
Описание
The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not properly handle empty input data, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
Затронутые продукты
Ссылки
- CVE-2014-6429
- SUSE Bug 897055
Описание
The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not validate bitmask data, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
Затронутые продукты
Ссылки
- CVE-2014-6430
- SUSE Bug 897055
Описание
Buffer overflow in the SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service (application crash) via a crafted file that triggers writes of uncompressed bytes beyond the end of the output buffer.
Затронутые продукты
Ссылки
- CVE-2014-6431
- SUSE Bug 897055
Описание
The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not prevent data overwrites during copy operations, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
Затронутые продукты
Ссылки
- CVE-2014-6432
- SUSE Bug 897055
Описание
The decompress_sigcomp_message function in epan/sigcomp-udvm.c in the SigComp UDVM dissector in Wireshark 1.10.x before 1.10.11 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet.
Затронутые продукты
Ссылки
- CVE-2014-8710
- SUSE Bug 905246
Описание
Multiple integer overflows in epan/dissectors/packet-amqp.c in the AMQP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 allow remote attackers to cause a denial of service (application crash) via a crafted amqp_0_10 PDU in a packet.
Затронутые продукты
Ссылки
- CVE-2014-8711
- SUSE Bug 905245
Описание
The build_expert_data function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
Затронутые продукты
Ссылки
- CVE-2014-8712
- SUSE Bug 905248
Описание
Stack-based buffer overflow in the build_expert_data function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet.
Затронутые продукты
Ссылки
- CVE-2014-8713
- SUSE Bug 905248
Описание
The dissect_write_structured_field function in epan/dissectors/packet-tn5250.c in the TN5250 dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
Затронутые продукты
Ссылки
- CVE-2014-8714
- SUSE Bug 905247
Описание
Multiple use-after-free vulnerabilities in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allow remote attackers to cause a denial of service (application crash) via a crafted packet, related to the use of packet-scope memory instead of pinfo-scope memory.
Затронутые продукты
Ссылки
- CVE-2015-0559
- SUSE Bug 912365
Описание
The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not initialize certain data structures, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
Затронутые продукты
Ссылки
- CVE-2015-0560
- SUSE Bug 912365
Описание
asn1/lpp/lpp.cnf in the LPP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not validate a certain index value, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.
Затронутые продукты
Ссылки
- CVE-2015-0561
- SUSE Bug 912368
Описание
Multiple use-after-free vulnerabilities in epan/dissectors/packet-dec-dnart.c in the DEC DNA Routing Protocol dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allow remote attackers to cause a denial of service (application crash) via a crafted packet, related to the use of packet-scope memory instead of pinfo-scope memory.
Затронутые продукты
Ссылки
- CVE-2015-0562
- SUSE Bug 912369
Описание
epan/dissectors/packet-smtp.c in the SMTP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 uses an incorrect length value for certain string-append operations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
Затронутые продукты
Ссылки
- CVE-2015-0563
- SUSE Bug 912370
Описание
Buffer underflow in the ssl_decrypt_record function in epan/dissectors/packet-ssl-utils.c in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet that is improperly handled during decryption of an SSL session.
Затронутые продукты
Ссылки
- CVE-2015-0564
- SUSE Bug 912372
Описание
epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet that is improperly handled during decompression.
Затронутые продукты
Ссылки
- CVE-2015-2188
- SUSE Bug 920696
Описание
Off-by-one error in the pcapng_read function in wiretap/pcapng.c in the pcapng file parser in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via an invalid Interface Statistics Block (ISB) interface ID in a crafted packet.
Затронутые продукты
Ссылки
- CVE-2015-2189
- SUSE Bug 920697
Описание
Integer overflow in the dissect_tnef function in epan/dissectors/packet-tnef.c in the TNEF dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted length field in a packet.
Затронутые продукты
Ссылки
- CVE-2015-2191
- SUSE Bug 920699
Описание
epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 improperly refers to previously processed bytes, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, a different vulnerability than CVE-2015-2188.
Затронутые продукты
Ссылки
- CVE-2015-3811
- SUSE Bug 930689
- SUSE Bug 930691
Описание
Multiple memory leaks in the x11_init_protocol function in epan/dissectors/packet-x11.c in the X11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 allow remote attackers to cause a denial of service (memory consumption) via a crafted packet.
Затронутые продукты
Ссылки
- CVE-2015-3812
- SUSE Bug 930689
- SUSE Bug 930691
Описание
The (1) dissect_tfs_request and (2) dissect_tfs_response functions in epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 interpret a zero value as a length rather than an error condition, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
Затронутые продукты
Ссылки
- CVE-2015-3814
- SUSE Bug 930689
- SUSE Bug 930691