Debian Wireshark vulnerabilities

CVE-2007-6115 [CRITICAL] CVE-2007-6115: wireshark - Buffer overflow in the ANSI MAP dissector for Wireshark (formerly Ethereal) 0.99... Buffer overflow in the ANSI MAP dissector for Wireshark (formerly Ethereal) 0.99.5 to 0.99.6, when running on unspecified platforms, allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown vectors. Scope: local bookworm: resolved (fixed in 0.99.7~pre1-1) bullseye: resolved (fixed in 0.99.7~pre1-1) forky: resolved (fix

CVE-2007-3392 [MEDIUM] CVE-2007-3392: wireshark - Wireshark before 0.99.6 allows remote attackers to cause a denial of service via... Wireshark before 0.99.6 allows remote attackers to cause a denial of service via malformed (1) SSL or (2) MMS packets that trigger an infinite loop. Scope: local bookworm: resolved (fixed in 0.99.6pre1-1) bullseye: resolved (fixed in 0.99.6pre1-1) forky: resolved (fixed in 0.99.6pre1-1) sid: resolved (fixed in 0.99.6pre1-1) trixie: resolved (fixed in 0.99.6pre1-1)

CVE-2007-6451 [MEDIUM] CVE-2007-6451: wireshark - Unspecified vulnerability in the CIP dissector in Wireshark (formerly Ethereal) ... Unspecified vulnerability in the CIP dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger allocation of large amounts of memory. Scope: local bookworm: resolved (fixed in 0.99.7-1) bullseye: resolved (fixed in 0.99.7-1) forky: resolved (fixed in 0.99.7-1) sid: reso

CVE-2007-6450 [MEDIUM] CVE-2007-6450: wireshark - The RPL dissector in Wireshark (formerly Ethereal) 0.9.8 to 0.99.6 allows remote... The RPL dissector in Wireshark (formerly Ethereal) 0.9.8 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. Scope: local bookworm: resolved (fixed in 0.99.7-1) bullseye: resolved (fixed in 0.99.7-1) forky: resolved (fixed in 0.99.7-1) sid: resolved (fixed in 0.99.7-1) trixie: resolved (fixed in 0.99.7-1)

CVE-2007-6112 [CRITICAL] CVE-2007-6112: wireshark - Buffer overflow in the PPP dissector Wireshark (formerly Ethereal) 0.99.6 allows... Buffer overflow in the PPP dissector Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors. Scope: local bookworm: resolved (fixed in 0.99.7~pre1-1) bullseye: resolved (fixed in 0.99.7~pre1-1) forky: resolved (fixed in 0.99.7~pre1-1) sid: resolved (fixed in 0.99.7

CVE-2007-3390 [MEDIUM] CVE-2007-3390: wireshark - Wireshark 0.99.5 and 0.10.x up to 0.10.14, when running on certain systems, allo... Wireshark 0.99.5 and 0.10.x up to 0.10.14, when running on certain systems, allows remote attackers to cause a denial of service (crash) via crafted iSeries capture files that trigger a SIGTRAP. Scope: local bookworm: resolved (fixed in 0.99.6pre1-1) bullseye: resolved (fixed in 0.99.6pre1-1) forky: resolved (fixed in 0.99.6pre1-1) sid: resolved (fixed in 0.99.6pr

CVE-2007-6118 [HIGH] CVE-2007-6118: wireshark - The MEGACO dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows re... The MEGACO dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of service (long loop and resource consumption) via unknown vectors. Scope: local bookworm: resolved (fixed in 0.99.7~pre1-1) bullseye: resolved (fixed in 0.99.7~pre1-1) forky: resolved (fixed in 0.99.7~pre1-1) sid: resolved (fixed in 0.99.7~pre1-1) trixi

CVE-2007-0456 [MEDIUM] CVE-2007-0456: wireshark - Unspecified vulnerability in the LLT dissector in Wireshark (formerly Ethereal) ... Unspecified vulnerability in the LLT dissector in Wireshark (formerly Ethereal) 0.99.3 and 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors. Scope: local bookworm: resolved (fixed in 0.99.4-5) bullseye: resolved (fixed in 0.99.4-5) forky: resolved (fixed in 0.99.4-5) sid: resolved (fixed in 0.99.4-5) trixie: r

CVE-2007-6120 [MEDIUM] CVE-2007-6120: wireshark - The Bluetooth SDP dissector Wireshark (formerly Ethereal) 0.99.2 to 0.99.6 allow... The Bluetooth SDP dissector Wireshark (formerly Ethereal) 0.99.2 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. Scope: local bookworm: resolved (fixed in 0.99.7~pre1-1) bullseye: resolved (fixed in 0.99.7~pre1-1) forky: resolved (fixed in 0.99.7~pre1-1) sid: resolved (fixed in 0.99.7~pre1-1) trixie: resolved (fi

CVE-2007-0457 [MEDIUM] CVE-2007-0457: wireshark - Unspecified vulnerability in the IEEE 802.11 dissector in Wireshark (formerly Et... Unspecified vulnerability in the IEEE 802.11 dissector in Wireshark (formerly Ethereal) 0.10.14 through 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors. Scope: local bookworm: resolved (fixed in 0.99.4-5) bullseye: resolved (fixed in 0.99.4-5) forky: resolved (fixed in 0.99.4-5) sid: resolved (fixed in 0.99.4

CVE-2007-6441 [LOW] CVE-2007-6441: wireshark - The WiMAX dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attack... The WiMAX dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) via unknown vectors related to "unaligned access on some platforms." Scope: local bookworm: resolved (fixed in 0.99.7-1) bullseye: resolved (fixed in 0.99.7-1) forky: resolved (fixed in 0.99.7-1) sid: resolved (fixed in 0.99.7-1) trixie: resolved (

CVE-2007-6119 [HIGH] CVE-2007-6119: wireshark - The DCP ETSI dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote att... The DCP ETSI dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (long loop and resource consumption) via unknown vectors. Scope: local bookworm: resolved (fixed in 0.99.7~pre1-1) bullseye: resolved (fixed in 0.99.7~pre1-1) forky: resolved (fixed in 0.99.7~pre1-1) sid: resolved (fixed in 0.99.7~pre1-1) trixie: resol

CVE-2007-6121 [MEDIUM] CVE-2007-6121: wireshark - Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 allows remote attackers to cause ... Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 allows remote attackers to cause a denial of service (crash) via a malformed RPC Portmap packet. Scope: local bookworm: resolved (fixed in 0.99.7~pre1-1) bullseye: resolved (fixed in 0.99.7~pre1-1) forky: resolved (fixed in 0.99.7~pre1-1) sid: resolved (fixed in 0.99.7~pre1-1) trixie: resolved (fixed in 0.99.7~pre1-1)

CVE-2007-6111 [HIGH] CVE-2007-6111: wireshark - Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) allow remo... Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) allow remote attackers to cause a denial of service (crash) via (1) a crafted MP3 file or (2) unspecified vectors to the NCP dissector. Scope: local bookworm: resolved (fixed in 0.99.7~pre1-1) bullseye: resolved (fixed in 0.99.7~pre1-1) forky: resolved (fixed in 0.99.7~pre1-1) sid: resolved (fixed

CVE-2007-6116 [MEDIUM] CVE-2007-6116: wireshark - The Firebird/Interbase dissector in Wireshark (formerly Ethereal) 0.99.6 allows ... The Firebird/Interbase dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (infinite loop or crash) via unknown vectors. Scope: local bookworm: resolved (fixed in 0.99.7~pre1-1) bullseye: resolved (fixed in 0.99.7~pre1-1) forky: resolved (fixed in 0.99.7~pre1-1) sid: resolved (fixed in 0.99.7~pre1-1) trixie: resol

CVE-2007-0458 [MEDIUM] CVE-2007-0458: wireshark - Unspecified vulnerability in the HTTP dissector in Wireshark (formerly Ethereal)... Unspecified vulnerability in the HTTP dissector in Wireshark (formerly Ethereal) 0.99.3 and 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors, a different issue than CVE-2006-5468. Scope: local bookworm: resolved (fixed in 0.99.4-5) bullseye: resolved (fixed in 0.99.4-5) forky: resolved (fixed in 0.99.4-5) sid:

CVE-2007-6113 [MEDIUM] CVE-2007-6113: wireshark - Integer signedness error in the DNP3 dissector in Wireshark (formerly Ethereal) ... Integer signedness error in the DNP3 dissector in Wireshark (formerly Ethereal) 0.10.12 to 0.99.6 allows remote attackers to cause a denial of service (long loop) via a malformed DNP3 packet. Scope: local bookworm: resolved (fixed in 0.99.6pre1-1) bullseye: resolved (fixed in 0.99.6pre1-1) forky: resolved (fixed in 0.99.6pre1-1) sid: resolved (fixed in 0.99.6pre1-

CVE-2007-0459 [MEDIUM] CVE-2007-0459: wireshark - packet-tcp.c in the TCP dissector in Wireshark (formerly Ethereal) 0.99.2 throug... packet-tcp.c in the TCP dissector in Wireshark (formerly Ethereal) 0.99.2 through 0.99.4 allows remote attackers to cause a denial of service (application crash or hang) via fragmented HTTP packets. Scope: local bookworm: resolved (fixed in 0.99.4-5) bullseye: resolved (fixed in 0.99.4-5) forky: resolved (fixed in 0.99.4-5) sid: resolved (fixed in 0.99.4-5) trixie

CVE-2006-3628 [CRITICAL] CVE-2006-3628: wireshark - Multiple format string vulnerabilities in Wireshark (aka Ethereal) 0.10.x to 0.9... Multiple format string vulnerabilities in Wireshark (aka Ethereal) 0.10.x to 0.99.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) ANSI MAP, (2) Checkpoint FW-1, (3) MQ, (4) XML, and (5) NTP dissectors. Scope: local bookworm: resolved (fixed in 0.99.2-1) bullseye: resolved (fixed in 0.99.2-1) forky: resolved (

CVE-2006-3631 [MEDIUM] CVE-2006-3631: wireshark - Unspecified vulnerability in the SSH dissector in Wireshark (aka Ethereal) 0.9.1... Unspecified vulnerability in the SSH dissector in Wireshark (aka Ethereal) 0.9.10 to 0.99.0 allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors. Scope: local bookworm: resolved (fixed in 0.99.2-1) bullseye: resolved (fixed in 0.99.2-1) forky: resolved (fixed in 0.99.2-1) sid: resolved (fixed in 0.99.2-1) trixie: resolved