Debian Wireshark vulnerabilities

CVE-2013-4077 [MEDIUM] CVE-2013-4077: wireshark - Array index error in the NBAP dissector in Wireshark 1.8.x before 1.8.8 allows r... Array index error in the NBAP dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to nbap.cnf and packet-nbap.c. Scope: local bookworm: resolved (fixed in 1.10.0-1) bullseye: resolved (fixed in 1.10.0-1) forky: resolved (fixed in 1.10.0-1) sid: resolved (fixed in 1.10.0-1)

CVE-2013-5720 [MEDIUM] CVE-2013-5720: wireshark - Buffer overflow in the RTPS dissector in Wireshark 1.8.x before 1.8.10 and 1.10.... Buffer overflow in the RTPS dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet. Scope: local bookworm: resolved (fixed in 1.10.2-1) bullseye: resolved (fixed in 1.10.2-1) forky: resolved (fixed in 1.10.2-1) sid: resolved (fixed in 1.10.2-1) trixie: resolv

CVE-2013-4933 [MEDIUM] CVE-2013-4933: wireshark - The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wiresh... The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) via a crafted packet-trace file. Scope: local bookworm: resolved (fixed in 1.10.1-1) bullseye: resolved (fixed in 1.10.1-1)

CVE-2013-4076 [MEDIUM] CVE-2013-4076: wireshark - Buffer overflow in the dissect_iphc_crtp_fh function in epan/dissectors/packet-p... Buffer overflow in the dissect_iphc_crtp_fh function in epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (application crash) via a crafted packet. Scope: local bookworm: resolved (fixed in 1.10.0-1) bullseye: resolved (fixed in 1.10.0-1) forky: resolved (fixed in 1.10.0-1) sid: r

CVE-2013-4923 [MEDIUM] CVE-2013-4923: wireshark - Memory leak in the dissect_dcom_ActivationProperties function in epan/dissectors... Memory leak in the dissect_dcom_ActivationProperties function in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (memory consumption) via crafted packets. Scope: local bookworm: resolved (fixed in 1.10.1-1) bullseye: resolved (fixed in 1.10.1-1) forky

CVE-2013-6337 [MEDIUM] CVE-2013-6337: wireshark - Unspecified vulnerability in the NBAP dissector in Wireshark 1.8.x before 1.8.11... Unspecified vulnerability in the NBAP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet. Scope: local bookworm: resolved (fixed in 1.10.3-1) bullseye: resolved (fixed in 1.10.3-1) forky: resolved (fixed in 1.10.3-1) sid: resolved (fixed in 1.10.3-1) trix

CVE-2013-4936 [MEDIUM] CVE-2013-4936: wireshark - The IsDFP_Frame function in plugins/profinet/packet-pn-rt.c in the PROFINET Real... The IsDFP_Frame function in plugins/profinet/packet-pn-rt.c in the PROFINET Real-Time dissector in Wireshark 1.10.x before 1.10.1 does not validate MAC addresses, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet. Scope: local bookworm: resolved (fixed in 1.10.1-1) bullseye: resolved (f

CVE-2013-6336 [MEDIUM] CVE-2013-6336: wireshark - The ieee802154_map_rec function in epan/dissectors/packet-ieee802154.c in the IE... The ieee802154_map_rec function in epan/dissectors/packet-ieee802154.c in the IEEE 802.15.4 dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 uses an incorrect pointer chain, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. Scope: local bookworm: resolved (fixed in 1.10.3-1) bullseye: resolved (

CVE-2013-4921 [MEDIUM] CVE-2013-4921: wireshark - Off-by-one error in the dissect_radiotap function in epan/dissectors/packet-ieee... Off-by-one error in the dissect_radiotap function in epan/dissectors/packet-ieee80211-radiotap.c in the Radiotap dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet. Scope: local bookworm: resolved (fixed in 1.10.1-1) bullseye: resolved (fixed in 1.10.1-1) forky: resolved (fixed

CVE-2013-3555 [MEDIUM] CVE-2013-3555: wireshark - epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshark 1.8.x before ... epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshark 1.8.x before 1.8.7 calls incorrect functions in certain contexts related to ciphers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. Scope: local bookworm: resolved (fixed in 1.8.7-1) bullseye: resolved (fixed in 1.8.7-1) forky: resolved (fixed

CVE-2013-4922 [MEDIUM] CVE-2013-4922: wireshark - Double free vulnerability in the dissect_dcom_ActivationProperties function in e... Double free vulnerability in the dissect_dcom_ActivationProperties function in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet. Scope: local bookworm: resolved (fixed in 1.10.1-1) bullseye: resolved (fixed in 1

CVE-2013-6338 [MEDIUM] CVE-2013-6338: wireshark - The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP disse... The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. Scope: local bookworm: resolved (fixed in 1.10.3-1) bullseye: resolved (fix

CVE-2013-7114 [MEDIUM] CVE-2013-7114: wireshark - Multiple buffer overflows in the create_ntlmssp_v2_key function in epan/dissecto... Multiple buffer overflows in the create_ntlmssp_v2_key function in epan/dissectors/packet-ntlmssp.c in the NTLMSSP v2 dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 allow remote attackers to cause a denial of service (application crash) via a long domain name in a packet. Scope: local bookworm: resolved (fixed in 1.10.4-1) bullseye: resolved (

CVE-2013-4078 [MEDIUM] CVE-2013-4078: wireshark - epan/dissectors/packet-rdp.c in the RDP dissector in Wireshark 1.8.x before 1.8.... epan/dissectors/packet-rdp.c in the RDP dissector in Wireshark 1.8.x before 1.8.8 does not validate return values during checks for data availability, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. Scope: local bookworm: resolved (fixed in 1.10.0-1) bullseye: resolved (fixed in 1.10.0-1) forky: resolved (fixed

CVE-2013-5718 [MEDIUM] CVE-2013-5718: wireshark - The dissect_nbap_T_dCH_ID function in epan/dissectors/packet-nbap.c in the NBAP ... The dissect_nbap_T_dCH_ID function in epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 does not restrict the dch_id value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. Scope: local bookworm: resolved (fixed in 1.10.2-1) bullseye: resolved (fixed in

CVE-2013-3558 [MEDIUM] CVE-2013-3558: wireshark - The dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c in the PPP ... The dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c in the PPP CCP dissector in Wireshark 1.8.x before 1.8.7 does not terminate a bit-field list, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. Scope: local bookworm: resolved (fixed in 1.8.7-1) bullseye: resolved (fixed in 1.8.7-1) forky: reso

CVE-2013-7113 [MEDIUM] CVE-2013-7113: wireshark - epan/dissectors/packet-bssgp.c in the BSSGP dissector in Wireshark 1.10.x before... epan/dissectors/packet-bssgp.c in the BSSGP dissector in Wireshark 1.10.x before 1.10.4 incorrectly relies on a global variable, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. Scope: local bookworm: resolved (fixed in 1.10.4-1) bullseye: resolved (fixed in 1.10.4-1) forky: resolved (fixed in 1.10.4-1) sid: reso

CVE-2013-5717 [MEDIUM] CVE-2013-5717: wireshark - The Bluetooth HCI ACL dissector in Wireshark 1.10.x before 1.10.2 does not prope... The Bluetooth HCI ACL dissector in Wireshark 1.10.x before 1.10.2 does not properly maintain a certain free list, which allows remote attackers to cause a denial of service (application crash) via a crafted packet that is not properly handled by the wmem_block_alloc function in epan/wmem/wmem_allocator_block.c. Scope: local bookworm: resolved (fixed in 1.10.2-1) b

CVE-2013-4083 [MEDIUM] CVE-2013-4083: wireshark - The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI di... The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.6.x before 1.6.16, 1.8.x before 1.8.8, and 1.10.0 does not validate a certain fragment length value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. Scope: local bookworm: resolved (fixed in 1.10.0-1) bullseye:

CVE-2013-6340 [MEDIUM] CVE-2013-6340: wireshark - epan/dissectors/packet-tcp.c in the TCP dissector in Wireshark 1.8.x before 1.8.... epan/dissectors/packet-tcp.c in the TCP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 does not properly determine the amount of remaining data, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. Scope: local bookworm: resolved (fixed in 1.10.3-1) bullseye: resolved (fixed in 1.10.3-1) forky: r