Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2019:0138-1

Опубликовано: 21 янв. 2019
Источник: suse-cvrf

Описание

Security update for wireshark

This update for wireshark to version 2.4.12 fixes the following issues:

Security issues fixed:

  • CVE-2019-5717: Fixed a denial of service in the P_MUL dissector (bsc#1121232)
  • CVE-2019-5718: Fixed a denial of service in the RTSE dissector and other dissectors (bsc#1121233)
  • CVE-2019-5719: Fixed a denial of service in the ISAKMP dissector (bsc#1121234)
  • CVE-2019-5721: Fixed a denial of service in the ISAKMP dissector (bsc#1121235)

Список пакетов

Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
libwireshark9-2.4.12-48.39.1
libwiretap7-2.4.12-48.39.1
libwscodecs1-2.4.12-48.39.1
libwsutil8-2.4.12-48.39.1
wireshark-2.4.12-48.39.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
libwireshark9-2.4.12-48.39.1
libwiretap7-2.4.12-48.39.1
libwscodecs1-2.4.12-48.39.1
libwsutil8-2.4.12-48.39.1
wireshark-2.4.12-48.39.1
SUSE Linux Enterprise Desktop 12 SP3
libwireshark9-2.4.12-48.39.1
libwiretap7-2.4.12-48.39.1
libwscodecs1-2.4.12-48.39.1
libwsutil8-2.4.12-48.39.1
wireshark-2.4.12-48.39.1
wireshark-gtk-2.4.12-48.39.1
SUSE Linux Enterprise Desktop 12 SP4
libwireshark9-2.4.12-48.39.1
libwiretap7-2.4.12-48.39.1
libwscodecs1-2.4.12-48.39.1
libwsutil8-2.4.12-48.39.1
wireshark-2.4.12-48.39.1
wireshark-gtk-2.4.12-48.39.1
SUSE Linux Enterprise Server 12 SP3
libwireshark9-2.4.12-48.39.1
libwiretap7-2.4.12-48.39.1
libwscodecs1-2.4.12-48.39.1
libwsutil8-2.4.12-48.39.1
wireshark-2.4.12-48.39.1
wireshark-gtk-2.4.12-48.39.1
SUSE Linux Enterprise Server 12 SP4
libwireshark9-2.4.12-48.39.1
libwiretap7-2.4.12-48.39.1
libwscodecs1-2.4.12-48.39.1
libwsutil8-2.4.12-48.39.1
wireshark-2.4.12-48.39.1
wireshark-gtk-2.4.12-48.39.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
libwireshark9-2.4.12-48.39.1
libwiretap7-2.4.12-48.39.1
libwscodecs1-2.4.12-48.39.1
libwsutil8-2.4.12-48.39.1
wireshark-2.4.12-48.39.1
wireshark-gtk-2.4.12-48.39.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
libwireshark9-2.4.12-48.39.1
libwiretap7-2.4.12-48.39.1
libwscodecs1-2.4.12-48.39.1
libwsutil8-2.4.12-48.39.1
wireshark-2.4.12-48.39.1
wireshark-gtk-2.4.12-48.39.1
SUSE Linux Enterprise Software Development Kit 12 SP3
wireshark-devel-2.4.12-48.39.1
SUSE Linux Enterprise Software Development Kit 12 SP4
wireshark-devel-2.4.12-48.39.1

Ссылки

Описание

In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the P_MUL dissector could crash. This was addressed in epan/dissectors/packet-p_mul.c by rejecting the invalid sequence number of zero.

Затронутые продукты
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:libwireshark9-2.4.12-48.39.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:libwiretap7-2.4.12-48.39.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:libwscodecs1-2.4.12-48.39.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:libwsutil8-2.4.12-48.39.1
Ссылки

Описание

In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the RTSE dissector and other ASN.1 dissectors could crash. This was addressed in epan/charsets.c by adding a get_t61_string length check.

Затронутые продукты
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:libwireshark9-2.4.12-48.39.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:libwiretap7-2.4.12-48.39.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:libwscodecs1-2.4.12-48.39.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:libwsutil8-2.4.12-48.39.1
Ссылки

Описание

In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the ISAKMP dissector could crash. This was addressed in epan/dissectors/packet-isakmp.c by properly handling the case of a missing decryption data block.

Затронутые продукты
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:libwireshark9-2.4.12-48.39.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:libwiretap7-2.4.12-48.39.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:libwscodecs1-2.4.12-48.39.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:libwsutil8-2.4.12-48.39.1
Ссылки

Описание

In Wireshark 2.4.0 to 2.4.11, the ENIP dissector could crash. This was addressed in epan/dissectors/packet-enip.c by changing the memory-management approach so that a use-after-free is avoided.

Затронутые продукты
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:libwireshark9-2.4.12-48.39.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:libwiretap7-2.4.12-48.39.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:libwscodecs1-2.4.12-48.39.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:libwsutil8-2.4.12-48.39.1
Ссылки
Уязвимость SUSE-SU-2019:0138-1