wireshark: Multiple vulnerabilities (various CVEs)
CVE-2015-8711: The NBAP dissector could crash.
Affected versions: 2.0.0, 1.12.0 to 1.12.8
Fixed versions: 2.0.1, 1.12.9
Upgrade to Wireshark 2.0.1, 1.12.9 or later.
https://www.wireshark.org/security/wnpa-sec-2015-31.html
CVE-2015-8712, CVE-2015-8713: The UMTS FP dissector could crash.
Affected versions: 1.12.0 to 1.12.8
Fixed versions: 1.12.9
https://www.wireshark.org/security/wnpa-sec-2015-32.html
CVE-2015-8714: The DCOM dissector could crash.
Affected versions: 1.12.0 to 1.12.8
Fixed versions: 1.12.9
Upgrade to Wireshark 1.12.9 or later.
https://www.wireshark.org/security/wnpa-sec-2015-33.html
CVE-2015-8715: The AllJoyn dissector could go into an infinite loop.
Affected versions: 1.12.0 to 1.12.8
Fixed versions: 1.12.9
Upgrade to Wireshark 1.12.9 or later.
https://www.wireshark.org/security/wnpa-sec-2015-34.html
CVE-2015-8716: The T.38 dissector could crash.
Affected versions: 1.12.0 to 1.12.8
Fixed versions: 1.12.9
Upgrade to Wireshark 1.12.9 or later.
https://www.wireshark.org/security/wnpa-sec-2015-35.html
CVE-2015-8717: The SDP dissector could crash.
Affected versions: 1.12.0 to 1.12.8
Fixed versions: 1.12.9
Upgrade to Wireshark 1.12.9 or later.
https://www.wireshark.org/security/wnpa-sec-2015-36.html
CVE-2015-8718: The NLM dissector could crash.
Affected versions: 2.0.0, 1.12.0 to 1.12.8
Fixed versions: 2.0.1, 1.12.9
Upgrade to Wireshark 2.0.1, 1.12.9 or later.
https://www.wireshark.org/security/wnpa-sec-2015-37.html
CVE-2015-8719: The DNS dissector could crash.
Affected versions: 1.12.0 to 1.12.8
Fixed versions: 1.12.9
Upgrade to Wireshark 1.12.9 or later.
https://www.wireshark.org/security/wnpa-sec-2015-38.html
CVE-2015-8720: ASN.1 BER-based dissectors could crash.
Affected versions: 2.0.0, 1.12.0 to 1.12.8
Fixed versions: 2.0.1, 1.12.9
Upgrade to Wireshark 2.0.1, 1.12.9 or later.
https://www.wireshark.org/security/wnpa-sec-2015-39.html
CVE-2015-8721: Dissectors which use zlib decompression could crash.
Affected versions: 2.0.0, 1.12.0 to 1.12.8
Fixed versions: 2.0.1, 1.12.9
Upgrade to Wireshark 2.0.1, 1.12.9 or later.
https://www.wireshark.org/security/wnpa-sec-2015-40.html
CVE-2015-8722: The SCTP dissector could crash.
Affected versions: 2.0.0, 1.12.0 to 1.12.8
Fixed versions: 2.0.1, 1.12.9
Upgrade to Wireshark 2.0.1, 1.12.9 or later.
https://www.wireshark.org/security/wnpa-sec-2015-41.html
CVE-2015-8723: The 802.11 dissector could crash.
Affected versions: 2.0.0, 1.12.0 to 1.12.8
Fixed versions: 2.0.1, 1.12.9
Upgrade to Wireshark 2.0.1, 1.12.9 or later.
https://www.wireshark.org/security/wnpa-sec-2015-42.html
CVE-2015-8725: The DIAMETER dissector could crash.
Affected versions: 2.0.0, 1.12.0 to 1.12.8
Fixed versions: 2.0.1, 1.12.9
Upgrade to Wireshark 2.0.1, 1.12.9 or later.
https://www.wireshark.org/security/wnpa-sec-2015-43.html
CVE-2015-8726: The VeriWave file parser could crash.
Affected versions: 2.0.0, 1.12.0 to 1.12.8
Fixed versions: 2.0.1, 1.12.9
Upgrade to Wireshark 2.0.1, 1.12.9 or later.
https://www.wireshark.org/security/wnpa-sec-2015-44.html
CVE-2015-8727: The RSVP dissector could crash.
Affected versions: 2.0.0, 1.12.0 to 1.12.8
Fixed versions: 2.0.1, 1.12.9
Upgrade to Wireshark 2.0.1, 1.12.9 or later.
https://www.wireshark.org/security/wnpa-sec-2015-45.html
CVE-2015-8728: The ANSI A and GSM A dissectors could crash.
Affected versions: 2.0.0, 1.12.0 to 1.12.8
Fixed versions: 2.0.1, 1.12.9
Upgrade to Wireshark 2.0.1, 1.12.9 or later.
https://www.wireshark.org/security/wnpa-sec-2015-46.html
CVE-2015-8729: The Ascend file parser could crash.
Affected versions: 2.0.0, 1.12.0 to 1.12.8
Fixed versions: 2.0.1, 1.12.9
Upgrade to Wireshark 2.0.1, 1.12.9 or later.
https://www.wireshark.org/security/wnpa-sec-2015-47.html
CVE-2015-8730: The NBAP dissector could crash.
Affected versions: 2.0.0, 1.12.0 to 1.12.8
Fixed versions: 2.0.1, 1.12.9
Upgrade to Wireshark 2.0.1, 1.12.9 or later.
https://www.wireshark.org/security/wnpa-sec-2015-48.html
CVE-2015-8731: The RSL dissector could crash.
Affected versions: 2.0.0, 1.12.0 to 1.12.8
Fixed versions: 2.0.1, 1.12.9
Upgrade to Wireshark 2.0.1, 1.12.9 or later.
https://www.wireshark.org/security/wnpa-sec-2015-49.html
CVE-2015-8732: The ZigBee ZCL dissector could crash.
Affected versions: 2.0.0, 1.12.0 to 1.12.8
Fixed versions: 2.0.1, 1.12.9
Upgrade to Wireshark 2.0.1, 1.12.9 or later.
https://www.wireshark.org/security/wnpa-sec-2015-50.html
CVE-2015-8733: The Sniffer file parser could crash.
Affected versions: 2.0.0, 1.12.0 to 1.12.8
Fixed versions: 2.0.1, 1.12.9
Upgrade to Wireshark 2.0.1, 1.12.9 or later.
https://www.wireshark.org/security/wnpa-sec-2015-51.html
CVE-2015-8734: The NWP dissector could crash.
Affected versions: 2.0.0
Fixed versions: 2.0.1
https://www.wireshark.org/security/wnpa-sec-2015-52.html
Resolution
Upgrade to Wireshark 2.0.1 or later.
CVE-2015-8735: The Bluetooth Attribute dissector could crash.
Affected versions: 2.0.0
Fixed versions: 2.0.1
Upgrade to Wireshark 2.0.1 or later.
https://www.wireshark.org/security/wnpa-sec-2015-53.html
CVE-2015-8736: The MP2T file parser could crash.
Affected versions: 2.0.0
Fixed versions: 2.0.1
Upgrade to Wireshark 2.0.1 or later.
https://www.wireshark.org/security/wnpa-sec-2015-54.html
CVE-2015-8737: The MP2T file parser could crash.
Affected versions: 2.0.0
Fixed versions: 2.0.1
Upgrade to Wireshark 2.0.1 or later.
https://www.wireshark.org/security/wnpa-sec-2015-55.html
CVE-2015-8738: The S7COMM dissector could crash.
Affected versions: 2.0.0
Fixed versions: 2.0.1
Upgrade to Wireshark 2.0.1 or later.
https://www.wireshark.org/security/wnpa-sec-2015-56.html
CVE-2015-8739: The IPMI dissector could crash.
Affected versions: 2.0.0
Fixed versions: 2.0.1
Upgrade to Wireshark 2.0.1 or later.
https://www.wireshark.org/security/wnpa-sec-2015-57.html
CVE-2015-8740: The TDS dissector could crash.
Affected versions: 2.0.0
Fixed versions: 2.0.1
Upgrade to Wireshark 2.0.1 or later.
https://www.wireshark.org/security/wnpa-sec-2015-58.html
CVE-2015-8741: The PPI dissector could crash.
Affected versions: 2.0.0
Fixed versions: 2.0.1
Upgrade to Wireshark 2.0.1 or later.
https://www.wireshark.org/security/wnpa-sec-2015-59.html
CVE-2015-8742:The MS-WSP dissector could crash.
Affected versions: 2.0.0
Fixed versions: 2.0.1
Upgrade to Wireshark 2.0.1 or later.
https://www.wireshark.org/security/wnpa-sec-2015-60.html
(from redmine: issue id 5221, created on 2016-03-07, closed on 2016-04-12)
- Relations:
- child #5222 (closed)
- child #5223 (closed)
- child #5224 (closed)