Debian Wireshark vulnerabilities

CVE-2012-4298 [MEDIUM] CVE-2012-4298: wireshark - Integer signedness error in the vwr_read_rec_data_ethernet function in wiretap/v... Integer signedness error in the vwr_read_rec_data_ethernet function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.2 allows user-assisted remote attackers to execute arbitrary code via a crafted packet-trace file that triggers a buffer overflow. Scope: local bookworm: resolved (fixed in 1.8.2-1) bullseye: resolved (fixed in 1.8.2

CVE-2012-0068 [MEDIUM] CVE-2012-0068: wireshark - The lanalyzer_read function in wiretap/lanalyzer.c in Wireshark 1.4.x before 1.4... The lanalyzer_read function in wiretap/lanalyzer.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a Novell capture file containing a record that is too small. Scope: local bookworm: resolved (fixed in 1.6.5-1) bullseye: resolved (fixed in 1.6.5-1) forky: resolved (fixed in 1.6.5-

CVE-2012-0043 [MEDIUM] CVE-2012-0043: wireshark - Buffer overflow in the reassemble_message function in epan/dissectors/packet-rlc... Buffer overflow in the reassemble_message function in epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a series of fragmented RLC packets. Scope: local bookworm: resolved (fixed in 1.6.5-1) bullsey

CVE-2012-6060 [MEDIUM] CVE-2012-6060: wireshark - Integer overflow in the dissect_iscsi_pdu function in epan/dissectors/packet-isc... Integer overflow in the dissect_iscsi_pdu function in epan/dissectors/packet-iscsi.c in the iSCSI dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. Scope: local bookworm: resolved (fixed in 1.8.6-1) bullseye: resolved (fixed in 1.8.6-1) forky: resolved (fix

CVE-2012-6061 [MEDIUM] CVE-2012-6061: wireshark - The dissect_wtp_common function in epan/dissectors/packet-wtp.c in the WTP disse... The dissect_wtp_common function in epan/dissectors/packet-wtp.c in the WTP dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 uses an incorrect data type for a certain length field, which allows remote attackers to cause a denial of service (integer overflow and infinite loop) via a crafted value in a packet. Scope: local bookworm: resolved (fixed i

CVE-2012-3826 [LOW] CVE-2012-3826: wireshark - Multiple integer underflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.... Multiple integer underflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allow remote attackers to cause a denial of service (loop) via vectors related to the R3 dissector, a different vulnerability than CVE-2012-2392. Scope: local bookworm: resolved (fixed in 1.6.8-1) bullseye: resolved (fixed in 1.6.8-1) forky: resolved (fixed in 1.6.8-1) sid: resolved (

CVE-2012-5237 [LOW] CVE-2012-5237: wireshark - The dissect_hsrp function in epan/dissectors/packet-hsrp.c in the HSRP dissector... The dissect_hsrp function in epan/dissectors/packet-hsrp.c in the HSRP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. Scope: local bookworm: resolved (fixed in 1.8.2-2) bullseye: resolved (fixed in 1.8.2-2) forky: resolved (fixed in 1.8.2-2) sid: resolved (fixed in 1.8.2-2) trixie

CVE-2012-6056 [MEDIUM] CVE-2012-6056: wireshark - Integer overflow in the dissect_sack_chunk function in epan/dissectors/packet-sc... Integer overflow in the dissect_sack_chunk function in epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted Duplicate TSN count. Scope: local bookworm: resolved (fixed in 1.8.6-1) bullseye: resolved (fixed in 1.8.6-1) forky: resolved (fixed in 1.8.6-1)

CVE-2012-2392 [LOW] CVE-2012-2392: wireshark - Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allows remote attackers to ... Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allows remote attackers to cause a denial of service (infinite loop) via vectors related to the (1) ANSI MAP, (2) ASF, (3) IEEE 802.11, (4) IEEE 802.3, and (5) LTP dissectors. Scope: local bookworm: resolved (fixed in 1.6.8-1) bullseye: resolved (fixed in 1.6.8-1) forky: resolved (fixed in 1.6.8-1) sid: resolved (f

CVE-2012-1596 [MEDIUM] CVE-2012-1596: wireshark - The mp2t_process_fragmented_payload function in epan/dissectors/packet-mp2t.c in... The mp2t_process_fragmented_payload function in epan/dissectors/packet-mp2t.c in the MP2T dissector in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (application crash) via a packet containing an invalid pointer value that triggers an incorrect memory-allocation attempt. Scope: local bookworm: resolved (f

CVE-2012-4293 [LOW] CVE-2012-4293: wireshark - plugins/ethercat/packet-ecatmb.c in the EtherCAT Mailbox dissector in Wireshark ... plugins/ethercat/packet-ecatmb.c in the EtherCAT Mailbox dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly handle certain integer fields, which allows remote attackers to cause a denial of service (application exit) via a malformed packet. Scope: local bookworm: resolved (fixed in 1.8.2-1) bullseye: resolved (fi

CVE-2012-0041 [MEDIUM] CVE-2012-0041: wireshark - The dissect_packet function in epan/packet.c in Wireshark 1.4.x before 1.4.11 an... The dissect_packet function in epan/packet.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a long packet in a capture file, as demonstrated by an airopeek file. Scope: local bookworm: resolved (fixed in 1.6.5-1) bullseye: resolved (fixed in 1.6.5-1) forky: resolved (fixed in 1.6

CVE-2012-4291 [LOW] CVE-2012-4291: wireshark - The CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8... The CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet. Scope: local bookworm: resolved (fixed in 1.8.2-1) bullseye: resolved (fixed in 1.8.2-1) forky: resolved (fixed in 1.8.2-1) sid: resolved (fixed in 1.8.2-1) trixie: resolved (

CVE-2012-2393 [LOW] CVE-2012-2393: wireshark - epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.4.x b... epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 does not properly construct certain array data structures, which allows remote attackers to cause a denial of service (application crash) via a crafted packet that triggers incorrect memory allocation. Scope: local bookworm: resolved (fixed in 1.6.8-1)

CVE-2012-0067 [MEDIUM] CVE-2012-0067: wireshark - wiretap/iptrace.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows... wiretap/iptrace.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a long packet in an AIX iptrace file. Scope: local bookworm: resolved (fixed in 1.6.5-1) bullseye: resolved (fixed in 1.6.5-1) forky: resolved (fixed in 1.6.5-1) sid: resolved (fixed in 1.6.5-1) trixie: resolved (fi

CVE-2012-4288 [LOW] CVE-2012-4288: wireshark - Integer overflow in the dissect_xtp_ecntl function in epan/dissectors/packet-xtp... Integer overflow in the dissect_xtp_ecntl function in epan/dissectors/packet-xtp.c in the XTP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop or application crash) via a large value for a span length. Scope: local bookworm: resolved (fixed in 1.8.2-1) bullseye: resolved

CVE-2012-1593 [LOW] CVE-2012-1593: wireshark - epan/dissectors/packet-ansi_a.c in the ANSI A dissector in Wireshark 1.4.x befor... epan/dissectors/packet-ansi_a.c in the ANSI A dissector in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed packet. Scope: local bookworm: resolved (fixed in 1.6.6-1) bullseye: resolved (fixed in 1.6.6-1) forky: resolved (fixed in 1.6.6-1) sid: re

CVE-2012-6058 [MEDIUM] CVE-2012-6058: wireshark - Integer overflow in the dissect_icmpv6 function in epan/dissectors/packet-icmpv6... Integer overflow in the dissect_icmpv6 function in epan/dissectors/packet-icmpv6.c in the ICMPv6 dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted Number of Sources value. Scope: local bookworm: resolved (fixed in 1.8.6-1) bullseye: resolved (fixed in 1.8.6-1) forky:

CVE-2012-1594 [LOW] CVE-2012-1594: wireshark - epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 1.6... epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. Scope: local bookworm: resolved (fixed in 1.6.6-1) bullseye: resolved (fixed in 1.6.6-1) forky: resolved (fixed in 1.6.6-1) sid: resolved (fixed in 1.6.6-1) trixie: resolved (fixed i

CVE-2012-6052 [MEDIUM] CVE-2012-6052: wireshark - Wireshark 1.8.x before 1.8.4 allows remote attackers to obtain sensitive hostnam... Wireshark 1.8.x before 1.8.4 allows remote attackers to obtain sensitive hostname information by reading pcap-ng files. Scope: local bookworm: resolved (fixed in 1.8.6-1) bullseye: resolved (fixed in 1.8.6-1) forky: resolved (fixed in 1.8.6-1) sid: resolved (fixed in 1.8.6-1) trixie: resolved (fixed in 1.8.6-1)