[3.4] wireshark: Multiple issues (CVE-2017-7700, CVE-2017-7701, CVE-2017-7702, CVE-2017-7703, CVE-2017-7705)
CVE-2017-7700: NetScaler file parser infinite loop
Affected versions: 2.2.0 to 2.2.5, 2.0.0 to 2.0.11
Fixed versions: 2.2.6, 2.0.12
References:
https://www.wireshark.org/security/wnpa-sec-2017-14.html
CVE-2017-7701: BGP dissector infinite loop
Affected versions: 2.2.0 to 2.2.5, 2.0.0 to 2.0.11
Fixed versions: 2.2.6, 2.0.12
References:
https://www.wireshark.org/security/wnpa-sec-2017-16.html
CVE-2017-7702: WBXML dissector infinite loop
Affected versions: 2.2.0 to 2.2.5, 2.0.0 to 2.0.11
Fixed versions: 2.2.6, 2.0.12
References:
https://www.wireshark.org/security/wnpa-sec-2017-13.html
CVE-2017-7703: IMAP dissector crash
Affected versions: 2.2.0 to 2.2.5, 2.0.0 to 2.0.11
Fixed versions: 2.2.6, 2.0.12
References:
https://www.wireshark.org/security/wnpa-sec-2017-12.html
CVE-2017-7705: RPCoRDMA dissector infinite loop
Affected versions: 2.2.0 to 2.2.5, 2.0.0 to 2.0.11
Fixed versions: 2.2.6, 2.0.12
References:
https://www.wireshark.org/security/wnpa-sec-2017-15.html
PacketBB dissector crash (wnpa-sec-2017-18)
Affected versions: 2.2.0 to 2.2.5, 2.0.0 to 2.0.11
Fixed versions: 2.2.6, 2.0.12
References:
https://www.wireshark.org/security/wnpa-sec-2017-18.html
SLSK dissector long loop (wnpa-sec-2017-19)
Affected versions: 2.2.0 to 2.2.5, 2.0.0 to 2.0.11
Fixed versions: 2.2.6, 2.0.12
References:
https://www.wireshark.org/security/wnpa-sec-2017-19.html
SIGCOMP dissector infinite loop (wnpa-sec-2017-20)
Affected versions: 2.2.0 to 2.2.5, 2.0.0 to 2.0.11
Fixed versions: 2.2.6, 2.0.12
References:
https://www.wireshark.org/security/wnpa-sec-2017-20.html
WSP dissector infinite loop (wnpa-sec-2017-21)
Affected versions: 2.2.0 to 2.2.5, 2.0.0 to 2.0.11
Fixed versions: 2.2.6, 2.0.12
References:
https://www.wireshark.org/security/wnpa-sec-2017-21.html
(from redmine: issue id 7184, created on 2017-04-24, closed on 2017-05-02)
- Relations:
- parent #7182 (closed)
- Changesets:
- Revision 0ac366ad on 2017-04-28T13:35:17Z:
main/wireshark: security upgrade to 2.2.6 - fixes #7184
CVE-2017-7700, CVE-2017-7701, CVE-2017-7702, CVE-2017-7703,
CVE-2017-7704, CVE-2017-7705, wnpa-sec-2017-18, wnpa-sec-2017-19,
wnpa-sec-2017-20, wnpa-sec-2017-21