Debian Wireshark vulnerabilities

CVE-2011-1141 [MEDIUM] CVE-2011-1141: wireshark - epan/dissectors/packet-ldap.c in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.... epan/dissectors/packet-ldap.c in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (memory consumption) via (1) a long LDAP filter string or (2) an LDAP filter string containing many elements. Scope: local bookworm: resolved (fixed in 1.4.4-1) bullseye: resolved (fixed in 1.4.4-1) forky: resolved (f

CVE-2011-1142 [HIGH] CVE-2011-1142: wireshark - Stack consumption vulnerability in the dissect_ber_choice function in the BER di... Stack consumption vulnerability in the dissect_ber_choice function in the BER dissector in Wireshark 1.2.x through 1.2.15 and 1.4.x through 1.4.4 might allow remote attackers to cause a denial of service (infinite loop) via vectors involving self-referential ASN.1 CHOICE values. Scope: local bookworm: resolved (fixed in 1.4.4-1) bullseye: resolved (fixed in 1.4.4-1)

CVE-2011-0445 [MEDIUM] CVE-2011-0445: wireshark - The ASN.1 BER dissector in Wireshark 1.4.0 through 1.4.2 allows remote attackers... The ASN.1 BER dissector in Wireshark 1.4.0 through 1.4.2 allows remote attackers to cause a denial of service (assertion failure) via crafted packets, as demonstrated by fuzz-2010-12-30-28473.pcap. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2011-1590 [MEDIUM] CVE-2011-1590: wireshark - The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 do... The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 does not properly initialize certain global variables, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file. Scope: local bookworm: resolved (fixed in 1.4.5-1) bullseye: resolved (fixed in 1.4.5-1) forky: resolved (fixed in 1.4.5-1) sid:

CVE-2011-1959 [MEDIUM] CVE-2011-1959: wireshark - The snoop_read function in wiretap/snoop.c in Wireshark 1.2.x before 1.2.17 and ... The snoop_read function in wiretap/snoop.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 does not properly handle certain virtualizable buffers, which allows remote attackers to cause a denial of service (application crash) via a large length value in a snoop file that triggers a stack-based buffer over-read. Scope: local bookworm: resolved (fixed in 1.6

CVE-2011-1956 [MEDIUM] CVE-2011-1956: wireshark - The bytes_repr_len function in Wireshark 1.4.5 uses an incorrect pointer argumen... The bytes_repr_len function in Wireshark 1.4.5 uses an incorrect pointer argument, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via arbitrary TCP traffic. Scope: local bookworm: resolved (fixed in 1.4.6-1) bullseye: resolved (fixed in 1.4.6-1) forky: resolved (fixed in 1.4.6-1) sid: resolved (fixed in

CVE-2011-1139 [MEDIUM] CVE-2011-1139: wireshark - wiretap/pcapng.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allow... wiretap/pcapng.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) via a pcap-ng file that contains a large packet-length field. Scope: local bookworm: resolved (fixed in 1.4.4-1) bullseye: resolved (fixed in 1.4.4-1) forky: resolved (fixed in 1.4.4-1) sid: resolved (fixed in 1.4.4-1)

CVE-2011-4101 [MEDIUM] CVE-2011-4101: wireshark - The dissect_infiniband_common function in epan/dissectors/packet-infiniband.c in... The dissect_infiniband_common function in epan/dissectors/packet-infiniband.c in the Infiniband dissector in Wireshark 1.4.0 through 1.4.9 and 1.6.x before 1.6.3 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed packet. Scope: local bookworm: resolved (fixed in 1.6.3-1) bullseye: resolved (fixed i

CVE-2011-1140 [MEDIUM] CVE-2011-1140: wireshark - Multiple stack consumption vulnerabilities in the dissect_ms_compressed_string a... Multiple stack consumption vulnerabilities in the dissect_ms_compressed_string and dissect_mscldap_string functions in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allow remote attackers to cause a denial of service (infinite recursion) via a crafted (1) SMB or (2) Connection-less LDAP (CLDAP) packet. Scope: local bookworm: resolved (fixed in 1.4

CVE-2011-2175 [MEDIUM] CVE-2011-2175: wireshark - Integer underflow in the visual_read function in wiretap/visual.c in Wireshark 1... Integer underflow in the visual_read function in wiretap/visual.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a malformed Visual Networks file that triggers a heap-based buffer over-read. Scope: local bookworm: resolved (fixed in 1.6.0-1) bullseye: resolved (fixed in 1.6.0-1)

CVE-2010-4538 [CRITICAL] CVE-2010-4538: wireshark - Buffer overflow in the sect_enttec_dmx_da function in epan/dissectors/packet-ent... Buffer overflow in the sect_enttec_dmx_da function in epan/dissectors/packet-enttec.c in Wireshark 1.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ENTTEC DMX packet with Run Length Encoding (RLE) compression. Scope: local bookworm: resolved (fixed in 1.2.11-6) bullseye: resolved (fix

CVE-2010-2995 [HIGH] CVE-2010-2995: wireshark - The SigComp Universal Decompressor Virtual Machine (UDVM) in Wireshark 0.10.8 th... The SigComp Universal Decompressor Virtual Machine (UDVM) in Wireshark 0.10.8 through 1.0.14 and 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to sigcomp-udvm.c and an off-by-one error, which triggers a buffer overflow, different vulnerabilities than CVE-2010-2287. Scope: loca

CVE-2010-2284 [HIGH] CVE-2010-2284: wireshark - Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.13 a... Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors. Scope: local bookworm: resolved (fixed in 1.2.9-1) bullseye: resolved (fixed in 1.2.9-1) forky: resolved (fixed in 1.2.9-1) sid: resolved (fixed in 1.2.9-1) trixie: resolved (fixed in 1.2.9-1)

CVE-2010-2287 [HIGH] CVE-2010-2287: wireshark - Buffer overflow in the SigComp Universal Decompressor Virtual Machine dissector ... Buffer overflow in the SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors. Scope: local bookworm: resolved (fixed in 1.2.9-1) bullseye: resolved (fixed in 1.2.9-1) forky: resolved (fixed in 1.2.9-1) sid: resolved (fixed in 1.2.9-1) trixie: resolved (fixed in

CVE-2010-2994 [HIGH] CVE-2010-2994: wireshark - Stack-based buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 thro... Stack-based buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.14 and 1.2.0 through 1.2.9 has unknown impact and remote attack vectors. NOTE: this issue exists because of a CVE-2010-2284 regression. Scope: local bookworm: resolved (fixed in 1.2.10-1) bullseye: resolved (fixed in 1.2.10-1) forky: resolved (fixed in 1.2.10-1) sid: resolved (fi

CVE-2010-4300 [HIGH] CVE-2010-4300: wireshark - Heap-based buffer overflow in the dissect_ldss_transfer function (epan/dissector... Heap-based buffer overflow in the dissect_ldss_transfer function (epan/dissectors/packet-ldss.c) in the LDSS dissector in Wireshark 1.2.0 through 1.2.12 and 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an LDSS packet with a long digest line that triggers memory corruption. Scope: local bookw

CVE-2010-0304 [HIGH] CVE-2010-0304: wireshark - Multiple buffer overflows in the LWRES dissector in Wireshark 0.9.15 through 1.0... Multiple buffer overflows in the LWRES dissector in Wireshark 0.9.15 through 1.0.10 and 1.2.0 through 1.2.5 allow remote attackers to cause a denial of service (crash) via a malformed packet, as demonstrated using a stack-based buffer overflow to the dissect_getaddrsbyname_request function. Scope: local bookworm: resolved (fixed in 1.2.6-1) bullseye: resolved (fixed

CVE-2010-2992 [MEDIUM] CVE-2010-2992: wireshark - packet-gsm_a_rr.c in the GSM A RR dissector in Wireshark 1.2.2 through 1.2.9 all... packet-gsm_a_rr.c in the GSM A RR dissector in Wireshark 1.2.2 through 1.2.9 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger a NULL pointer dereference. Scope: local bookworm: resolved (fixed in 1.2.10-1) bullseye: resolved (fixed in 1.2.10-1) forky: resolved (fixed in 1.2.10-1) sid: resolved (fixed in 1.2.10-1) trixie

CVE-2010-2993 [MEDIUM] CVE-2010-2993: wireshark - The IPMI dissector in Wireshark 1.2.0 through 1.2.9 allows remote attackers to c... The IPMI dissector in Wireshark 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. Scope: local bookworm: resolved (fixed in 1.2.10-1) bullseye: resolved (fixed in 1.2.10-1) forky: resolved (fixed in 1.2.10-1) sid: resolved (fixed in 1.2.10-1) trixie: resolved (fixed in 1.2.10-1)

CVE-2010-2283 [LOW] CVE-2010-2283: wireshark - The SMB dissector in Wireshark 0.99.6 through 1.0.13, and 1.2.0 through 1.2.8 al... The SMB dissector in Wireshark 0.99.6 through 1.0.13, and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors. Scope: local bookworm: resolved (fixed in 1.2.9-1) bullseye: resolved (fixed in 1.2.9-1) forky: resolved (fixed in 1.2.9-1) sid: resolved (fixed in 1.2.9-1) trixie: resolved (fixed in 1.2.9-