Debian Wireshark vulnerabilities

CVE-2013-1580 [LOW] CVE-2013-1580: wireshark - The dissect_cmstatus_tlv function in plugins/docsis/packet-cmstatus.c in the DOC... The dissect_cmstatus_tlv function in plugins/docsis/packet-cmstatus.c in the DOCSIS CM-STATUS dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 uses an incorrect data type for a position variable, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. Scope: local bookworm: resolved (fixed in 1.8.6-1) bullse

CVE-2013-2483 [LOW] CVE-2013-2483: wireshark - The acn_add_dmp_data function in epan/dissectors/packet-acn.c in the ACN dissect... The acn_add_dmp_data function in epan/dissectors/packet-acn.c in the ACN dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via an invalid count value in ACN_DMP_ADT_D_RE DMP data. Scope: local bookworm: resolved (fixed in 1.8.2-5) bullseye: resolved (fixe

CVE-2013-1579 [LOW] CVE-2013-1579: wireshark - The rtps_util_add_bitmap function in epan/dissectors/packet-rtps.c in the RTPS d... The rtps_util_add_bitmap function in epan/dissectors/packet-rtps.c in the RTPS dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly implement certain nested loops for processing bitmap data, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. Scope: local bookworm: resolved (fixed in 1.8.6-

CVE-2013-2476 [MEDIUM] CVE-2013-2476: wireshark - The dissect_hartip function in epan/dissectors/packet-hartip.c in the HART/IP di... The dissect_hartip function in epan/dissectors/packet-hartip.c in the HART/IP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a packet with a header that is too short. Scope: local bookworm: resolved (fixed in 1.8.6-1) bullseye: resolved (fixed in 1.8.6-1) forky: resolved (fixed in 1.8.6-1) sid: re

CVE-2013-2475 [LOW] CVE-2013-2475: wireshark - The TCP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cau... The TCP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (application crash) via a malformed packet. Scope: local bookworm: resolved (fixed in 1.8.2-5) bullseye: resolved (fixed in 1.8.2-5) forky: resolved (fixed in 1.8.2-5) sid: resolved (fixed in 1.8.2-5) trixie: resolved (fixed in 1.8.2-5)

CVE-2013-4080 [MEDIUM] CVE-2013-4080: wireshark - The dissect_r3_upstreamcommand_queryconfig function in epan/dissectors/packet-as... The dissect_r3_upstreamcommand_queryconfig function in epan/dissectors/packet-assa_r3.c in the Assa Abloy R3 dissector in Wireshark 1.8.x before 1.8.8 does not properly handle a zero-length item, which allows remote attackers to cause a denial of service (infinite loop, and CPU and memory consumption) via a crafted packet. Scope: local bookworm: resolved (fixed in

CVE-2013-2477 [LOW] CVE-2013-2477: wireshark - The CSN.1 dissector in Wireshark 1.8.x before 1.8.6 does not properly manage fun... The CSN.1 dissector in Wireshark 1.8.x before 1.8.6 does not properly manage function pointers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. Scope: local bookworm: resolved (fixed in 1.8.2-5) bullseye: resolved (fixed in 1.8.2-5) forky: resolved (fixed in 1.8.2-5) sid: resolved (fixed in 1.8.2-5) trixie: resol

CVE-2013-1581 [LOW] CVE-2013-1581: wireshark - The dissect_pft_fec_detailed function in epan/dissectors/packet-dcp-etsi.c in th... The dissect_pft_fec_detailed function in epan/dissectors/packet-dcp-etsi.c in the DCP-ETSI dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle fragment gaps, which allows remote attackers to cause a denial of service (loop) via a malformed packet. Scope: local bookworm: resolved (fixed in 1.8.6-1) bullseye: resolved (fixed in 1.

CVE-2013-3556 [MEDIUM] CVE-2013-3556: wireshark - The fragment_add_seq_common function in epan/reassemble.c in the ASN.1 BER disse... The fragment_add_seq_common function in epan/reassemble.c in the ASN.1 BER dissector in Wireshark before r48943 has an incorrect pointer dereference during a comparison, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: reso

CVE-2013-1589 [LOW] CVE-2013-1589: wireshark - Double free vulnerability in epan/proto.c in the dissection engine in Wireshark ... Double free vulnerability in epan/proto.c in the dissection engine in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allows remote attackers to cause a denial of service (application crash) via a malformed packet. Scope: local bookworm: resolved (fixed in 1.8.6-1) bullseye: resolved (fixed in 1.8.6-1) forky: resolved (fixed in 1.8.6-1) sid: resolved (fixed in 1

CVE-2013-1586 [LOW] CVE-2013-1586: wireshark - The fragment_set_tot_len function in epan/reassemble.c in Wireshark 1.6.x before... The fragment_set_tot_len function in epan/reassemble.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly determine the length of a reassembled packet for the DTLS dissector, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. Scope: local bookworm: resolved (fixed in 1.8.6-1) bullseye: resolve

CVE-2013-2479 [LOW] CVE-2013-2479: wireshark - The dissect_mpls_echo_tlv_dd_map function in epan/dissectors/packet-mpls-echo.c ... The dissect_mpls_echo_tlv_dd_map function in epan/dissectors/packet-mpls-echo.c in the MPLS Echo dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via invalid Sub-tlv data. Scope: local bookworm: resolved (fixed in 1.8.6-1) bullseye: resolved (fixed in 1.8.6-1) forky: resolved (fixed in 1.8.6-1) sid: resolv

CVE-2013-1577 [LOW] CVE-2013-1577: wireshark - The dissect_sip_p_charging_func_addresses function in epan/dissectors/packet-sip... The dissect_sip_p_charging_func_addresses function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle offset data associated with a quoted string, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. Scope: local bookworm: resolved (fixed i

CVE-2013-1576 [LOW] CVE-2013-1576: wireshark - The dissect_sdp_media_attribute function in epan/dissectors/packet-sdp.c in the ... The dissect_sdp_media_attribute function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly process crypto-suite parameters, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. Scope: local bookworm: resolved (fixed in 1.8.6-1) bullseye: resolved

CVE-2012-4297 [HIGH] CVE-2012-4297: wireshark - Buffer overflow in the dissect_gsm_rlcmac_downlink function in epan/dissectors/p... Buffer overflow in the dissect_gsm_rlcmac_downlink function in epan/dissectors/packet-gsm_rlcmac.c in the GSM RLC MAC dissector in Wireshark 1.6.x before 1.6.10 and 1.8.x before 1.8.2 allows remote attackers to execute arbitrary code via a malformed packet. Scope: local bookworm: resolved (fixed in 1.8.2-1) bullseye: resolved (fixed in 1.8.2-1) forky: resolved (fixe

CVE-2012-4286 [MEDIUM] CVE-2012-4286: wireshark - The pcapng_read_packet_block function in wiretap/pcapng.c in the pcap-ng file pa... The pcapng_read_packet_block function in wiretap/pcapng.c in the pcap-ng file parser in Wireshark 1.8.x before 1.8.2 allows user-assisted remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted pcap-ng file. Scope: local bookworm: resolved (fixed in 1.8.2-1) bullseye: resolved (fixed in 1.8.2-1) forky: resolved (fix

CVE-2012-5240 [MEDIUM] CVE-2012-5240: wireshark - Buffer overflow in the dissect_tlv function in epan/dissectors/packet-ldp.c in t... Buffer overflow in the dissect_tlv function in epan/dissectors/packet-ldp.c in the LDP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malformed packet. Scope: local bookworm: resolved (fixed in 1.8.2-2) bullseye: resolved (fixed in 1.8.2-2) forky: re

CVE-2012-1595 [MEDIUM] CVE-2012-1595: wireshark - The pcap_process_pseudo_header function in wiretap/pcap-common.c in Wireshark 1.... The pcap_process_pseudo_header function in wiretap/pcap-common.c in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (application crash) via a WTAP_ENCAP_ERF file containing an Extension or Multi-Channel header with an invalid pseudoheader size, related to the pcap and pcap-ng file parsers. Scope: local book

CVE-2012-4287 [MEDIUM] CVE-2012-4287: wireshark - epan/dissectors/packet-mongo.c in the MongoDB dissector in Wireshark 1.8.x befor... epan/dissectors/packet-mongo.c in the MongoDB dissector in Wireshark 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a small value for a BSON document length. Scope: local bookworm: resolved (fixed in 1.8.2-1) bullseye: resolved (fixed in 1.8.2-1) forky: resolved (fixed in 1.8.2-1) sid: resolved (fixed in 1.8.

CVE-2012-4294 [MEDIUM] CVE-2012-4294: wireshark - Buffer overflow in the channelised_fill_sdh_g707_format function in epan/dissect... Buffer overflow in the channelised_fill_sdh_g707_format function in epan/dissectors/packet-erf.c in the ERF dissector in Wireshark 1.8.x before 1.8.2 allows remote attackers to execute arbitrary code via a large speed (aka rate) value. Scope: local bookworm: resolved (fixed in 1.8.2-1) bullseye: resolved (fixed in 1.8.2-1) forky: resolved (fixed in 1.8.2-1) sid: r