Skip to content

GitLab

Closed
Created by Alicha CH@alichaReporter

wireshark: Multiple issues (CVE-2015-2529, CVE-2016-2521, CVE-2016-2522, CVE-2016-2523, CVE-2016-2524, CVE-2016-2525, CVE-2016-2526, CVE-2016-2527, CVE-2016-2528, CVE-2016-2530, CVE-2016-2531, CVE-2016-2532)

CVE-2015-2529: The iSeries file parser could crash.

Affected versions: 2.0.0 to 2.0.1

Fixed versions: 2.0.2

https://www.wireshark.org/security/wnpa-sec-2016-09.html

CVE-2016-2521: DLL hijacking.

Affected versions: 2.0.0 to 2.0.1, 1.12.0 to 1.12.9

Fixed versions: 2.0.2, 1.12.10

https://www.wireshark.org/security/wnpa-sec-2016-01.html

CVE-2016-2522: The ASN.1 BER dissector could crash.

Affected versions: 2.0.0 to 2.0.1

Fixed versions: 2.0.2

https://www.wireshark.org/security/wnpa-sec-2016-02.html

CVE-2016-2523: The DNP3 dissector could go into an infinite loop.

Affected versions: 2.0.0 to 2.0.1, 1.12.0 to 1.12.9

Fixed versions: 2.0.2, 1.12.10

https://www.wireshark.org/security/wnpa-sec-2016-03.html

CVE-2016-2524: The X.509AF dissector could crash.

Affected versions: 2.0.0 to 2.0.1

Fixed versions: 2.0.2

https://www.wireshark.org/security/wnpa-sec-2016-04.html

CVE-2016-2525: The HTTP/2 dissector could crash.

Affected versions: 2.0.0 to 2.0.1

Fixed versions: 2.0.2

https://www.wireshark.org/security/wnpa-sec-2016-05.html

CVE-2016-2526: The HiQnet dissector could crash.

Affected versions: 2.0.0 to 2.0.1

Fixed versions: 2.0.2

https://www.wireshark.org/security/wnpa-sec-2016-06.html

CVE-2016-2527: The 3GPP TS 32.423 Trace file parser could crash.

Affected versions: 2.0.0 to 2.0.1

Fixed versions: 2.0.2

https://www.wireshark.org/security/wnpa-sec-2016-07.html

CVE-2016-2528: The LBMC dissector could crash.

Affected versions: 2.0.0 to 2.0.1

Fixed versions: 2.0.2

https://www.wireshark.org/security/wnpa-sec-2016-08.html

CVE-2016-2530, CVE-2016-2531: The RSL dissector could crash.

Affected versions: 2.0.0 to 2.0.1, 1.12.0 to 1.12.9

Fixed versions: 2.0.2, 1.12.10

https://www.wireshark.org/security/wnpa-sec-2016-10.html

CVE-2016-2532: The LLRP dissector could crash.

Affected versions: 2.0.0 to 2.0.1, 1.12.0 to 1.12.9

Fixed versions: 2.0.2, 1.12.10

https://www.wireshark.org/security/wnpa-sec-2016-11.html

(from redmine: issue id 5225, created on 2016-03-07, closed on 2016-04-12)

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information