Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wireshark wireshark 2.0.0 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2017-6469
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an LDSS dissector crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-ldss.c by ensuring that memory is allocated for a certain data structure.
Wireshark Wireshark
Debian Debian Linux 8.0
7.5
CVSSv3
CVE-2017-6472
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an RTMPT dissector infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-rtmpt.c by properly incrementing a certain sequence value.
Wireshark Wireshark
Debian Debian Linux 8.0
7.5
CVSSv3
CVE-2017-6473
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a K12 file parser crash, triggered by a malformed capture file. This was addressed in wiretap/k12.c by validating the relationships between lengths and offsets.
Wireshark Wireshark
Debian Debian Linux 8.0
7.5
CVSSv3
CVE-2017-6468
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a NetScaler file parser crash, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by validating the relationship between pages and records.
Wireshark Wireshark
Debian Debian Linux 8.0
7.5
CVSSv3
CVE-2017-6470
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an IAX2 infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-iax2.c by constraining packet lateness.
Wireshark Wireshark
Debian Debian Linux 8.0
7.5
CVSSv3
CVE-2017-6471
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a WSP infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wsp.c by validating the capability length.
Wireshark Wireshark
Debian Debian Linux 8.0
7.5
CVSSv3
CVE-2017-6474
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a NetScaler file parser infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by validating record sizes.
Wireshark Wireshark
Debian Debian Linux 8.0
7.5
CVSSv3
CVE-2017-5596
In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the ASTERIX dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-asterix.c by changing a data type to avoid an integer overflow.
Wireshark Wireshark 2.0.0
Wireshark Wireshark 2.0.4
Wireshark Wireshark 2.2.0
Wireshark Wireshark 2.0.9
Wireshark Wireshark 2.2.2
Wireshark Wireshark 2.0.1
Wireshark Wireshark 2.2.1
Wireshark Wireshark 2.0.7
Wireshark Wireshark 2.0.2
Wireshark Wireshark 2.0.8
Wireshark Wireshark 2.0.3
Wireshark Wireshark 2.0.6
Wireshark Wireshark 2.2.3
Wireshark Wireshark 2.0.5
7.5
CVSSv3
CVE-2017-5597
In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the DHCPv6 dissector could go into a large loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dhcpv6.c by changing a data type to avoid an integer overflow.
Wireshark Wireshark 2.0.0
Wireshark Wireshark 2.0.4
Wireshark Wireshark 2.2.0
Wireshark Wireshark 2.0.9
Wireshark Wireshark 2.2.2
Wireshark Wireshark 2.0.1
Wireshark Wireshark 2.2.1
Wireshark Wireshark 2.0.7
Wireshark Wireshark 2.0.2
Wireshark Wireshark 2.0.8
Wireshark Wireshark 2.0.3
Wireshark Wireshark 2.0.6
Wireshark Wireshark 2.2.3
Wireshark Wireshark 2.0.5
5.9
CVSSv3
CVE-2016-7176
epan/dissectors/packet-h225.c in the H.225 dissector in Wireshark 2.x prior to 2.0.6 calls snprintf with one of its input buffers as the output buffer, which allows remote malicious users to cause a denial of service (copy overlap and application crash) via a crafted packet.
Wireshark Wireshark 2.0.0
Wireshark Wireshark 2.0.4
Wireshark Wireshark 2.0.1
Wireshark Wireshark 2.0.2
Wireshark Wireshark 2.0.3
Wireshark Wireshark 2.0.5
Debian Debian Linux 8.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »