Debian Wireshark vulnerabilities

CVE-2014-8714 [MEDIUM] CVE-2014-8714: wireshark - The dissect_write_structured_field function in epan/dissectors/packet-tn5250.c i... The dissect_write_structured_field function in epan/dissectors/packet-tn5250.c in the TN5250 dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. Scope: local bookworm: resolved (fixed in 1.12.1+g01b65bf-2) bullseye: resolved (fixed in 1.12.1+g01b65bf-2) for

CVE-2014-5161 [MEDIUM] CVE-2014-5161: wireshark - The dissect_log function in plugins/irda/packet-irda.c in the IrDA dissector in ... The dissect_log function in plugins/irda/packet-irda.c in the IrDA dissector in Wireshark 1.10.x before 1.10.9 does not properly strip '\n' characters, which allows remote attackers to cause a denial of service (buffer underflow and application crash) via a crafted packet. Scope: local bookworm: resolved (fixed in 1.12.0+git+4fab41a1-1) bullseye: resolved (fixed i

CVE-2014-5162 [MEDIUM] CVE-2014-5162: wireshark - The read_new_line function in wiretap/catapult_dct2000.c in the Catapult DCT2000... The read_new_line function in wiretap/catapult_dct2000.c in the Catapult DCT2000 dissector in Wireshark 1.10.x before 1.10.9 does not properly strip '\n' and '\r' characters, which allows remote attackers to cause a denial of service (off-by-one buffer underflow and application crash) via a crafted packet. Scope: local bookworm: resolved (fixed in 1.12.0+git+4fab4

CVE-2014-8711 [MEDIUM] CVE-2014-8711: wireshark - Multiple integer overflows in epan/dissectors/packet-amqp.c in the AMQP dissecto... Multiple integer overflows in epan/dissectors/packet-amqp.c in the AMQP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 allow remote attackers to cause a denial of service (application crash) via a crafted amqp_0_10 PDU in a packet. Scope: local bookworm: resolved (fixed in 1.12.1+g01b65bf-2) bullseye: resolved (fixed in 1.12.1+g01b65bf-2) fo

CVE-2014-2283 [MEDIUM] CVE-2014-2283: wireshark - epan/dissectors/packet-rlc in the RLC dissector in Wireshark 1.8.x before 1.8.13... epan/dissectors/packet-rlc in the RLC dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 uses inconsistent memory-management approaches, which allows remote attackers to cause a denial of service (use-after-free error and application crash) via a crafted UMTS Radio Link Control packet. Scope: local bookworm: resolved (fixed in 1.10.6-1) bullseye:

CVE-2014-2281 [MEDIUM] CVE-2014-2281: wireshark - The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c in the NFS ... The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted NFS packet. Scope: local bookworm: resolved (fixed in 1.10.6-

CVE-2014-8712 [MEDIUM] CVE-2014-8712: wireshark - The build_expert_data function in epan/dissectors/packet-ncp2222.inc in the NCP ... The build_expert_data function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. Scope: local bookworm: resolved (fixed in 1.12.1+g01b65bf-2) bullsey

CVE-2014-6424 [MEDIUM] CVE-2014-6424: wireshark - The dissect_v9_v10_pdu_data function in epan/dissectors/packet-netflow.c in the ... The dissect_v9_v10_pdu_data function in epan/dissectors/packet-netflow.c in the Netflow dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 refers to incorrect offset and start variables, which allows remote attackers to cause a denial of service (uninitialized memory read and application crash) via a crafted packet. Scope: local bookworm: resolv

CVE-2014-6428 [MEDIUM] CVE-2014-6428: wireshark - The dissect_spdu function in epan/dissectors/packet-ses.c in the SES dissector i... The dissect_spdu function in epan/dissectors/packet-ses.c in the SES dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not initialize a certain ID value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. Scope: local bookworm: resolved (fixed in 1.12.1+g01b65bf-1) bullseye: resolved (fixed

CVE-2014-6432 [MEDIUM] CVE-2014-6432: wireshark - The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file pa... The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not prevent data overwrites during copy operations, which allows remote attackers to cause a denial of service (application crash) via a crafted file. Scope: local bookworm: resolved (fixed in 1.12.1+g01b65bf-1) bull

CVE-2014-6425 [MEDIUM] CVE-2014-6425: wireshark - The (1) get_quoted_string and (2) get_unquoted_string functions in epan/dissecto... The (1) get_quoted_string and (2) get_unquoted_string functions in epan/dissectors/packet-cups.c in the CUPS dissector in Wireshark 1.12.x before 1.12.1 allow remote attackers to cause a denial of service (buffer over-read and application crash) via a CUPS packet that lacks a trailing '\0' character. Scope: local bookworm: resolved (fixed in 1.12.1+g01b65bf-1) bul

CVE-2014-6423 [MEDIUM] CVE-2014-6423: wireshark - The tvb_raw_text_add function in epan/dissectors/packet-megaco.c in the MEGACO d... The tvb_raw_text_add function in epan/dissectors/packet-megaco.c in the MEGACO dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service (infinite loop) via an empty line. Scope: local bookworm: resolved (fixed in 1.12.1+g01b65bf-1) bullseye: resolved (fixed in 1.12.1+g01b65bf-1) forky: resolved (fix

CVE-2013-4935 [MEDIUM] CVE-2013-4935: wireshark - The dissect_per_length_determinant function in epan/dissectors/packet-per.c in t... The dissect_per_length_determinant function in epan/dissectors/packet-per.c in the ASN.1 PER dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize a length field in certain abnormal situations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. Scope: local bookworm: resolved (fixed

CVE-2013-4074 [MEDIUM] CVE-2013-4074: wireshark - The dissect_capwap_data function in epan/dissectors/packet-capwap.c in the CAPWA... The dissect_capwap_data function in epan/dissectors/packet-capwap.c in the CAPWAP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 incorrectly uses a -1 data value to represent an error condition, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. Scope: local bookworm: resolved (fixed in 1.10.0-1)

CVE-2013-4925 [MEDIUM] CVE-2013-4925: wireshark - Integer signedness error in epan/dissectors/packet-dcom-sysact.c in the DCOM ISy... Integer signedness error in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted packet. Scope: local bookworm: resolved (fixed in 1.10.1-1) bullseye: resolved (fixed in 1.10.1-1) forky: resolved (fixed in

CVE-2013-5722 [MEDIUM] CVE-2013-5722: wireshark - Unspecified vulnerability in the LDAP dissector in Wireshark 1.8.x before 1.8.10... Unspecified vulnerability in the LDAP dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet. Scope: local bookworm: resolved (fixed in 1.10.2-1) bullseye: resolved (fixed in 1.10.2-1) forky: resolved (fixed in 1.10.2-1) sid: resolved (fixed in 1.10.2-1) trix

CVE-2013-2488 [MEDIUM] CVE-2013-2488: wireshark - The DTLS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does ... The DTLS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not validate the fragment offset before invoking the reassembly state machine, which allows remote attackers to cause a denial of service (application crash) via a large offset value that triggers write access to an invalid memory location. Scope: local bookworm: resolved (fixed in 1.8

CVE-2013-4934 [MEDIUM] CVE-2013-4934: wireshark - The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wiresh... The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize certain structure members, which allows remote attackers to cause a denial of service (application crash) via a crafted packet-trace file. Scope: local bookworm: resolved (fixed in 1.10.1-1) bullseye: resolved (fixed i

CVE-2013-3559 [MEDIUM] CVE-2013-3559: wireshark - epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.8.x b... epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.8.x before 1.8.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (integer overflow, and heap memory corruption or NULL pointer dereference, and application crash) via a malformed packet. Scope: local bookworm: resolved (fixed in 1.8.7-1) bullsey

CVE-2013-4926 [MEDIUM] CVE-2013-4926: wireshark - epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in W... epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 does not properly determine whether there is remaining packet data to process, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. Scope: local bookworm: resolved (fixed in 1.10.1-1) bullseye: resolved (fixe