ID CVE-2014-8711
Summary Multiple integer overflows in epan/dissectors/packet-amqp.c in the AMQP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 allow remote attackers to cause a denial of service (application crash) via a crafted amqp_0_10 PDU in a packet.
References
Vulnerable Configurations
  • Wireshark 1.10.0
    cpe:2.3:a:wireshark:wireshark:1.10.0
  • Wireshark Wireshark 1.10.1
    cpe:2.3:a:wireshark:wireshark:1.10.1
  • Wireshark Wireshark 1.10.2
    cpe:2.3:a:wireshark:wireshark:1.10.2
  • Wireshark 1.10.3
    cpe:2.3:a:wireshark:wireshark:1.10.3
  • Wireshark 1.10.4
    cpe:2.3:a:wireshark:wireshark:1.10.4
  • Wireshark 1.10.5
    cpe:2.3:a:wireshark:wireshark:1.10.5
  • Wireshark 1.10.6
    cpe:2.3:a:wireshark:wireshark:1.10.6
  • Wireshark 1.10.7
    cpe:2.3:a:wireshark:wireshark:1.10.7
  • Wireshark 1.10.8
    cpe:2.3:a:wireshark:wireshark:1.10.8
  • Wireshark 1.10.9
    cpe:2.3:a:wireshark:wireshark:1.10.9
  • Wireshark 1.10.10
    cpe:2.3:a:wireshark:wireshark:1.10.10
  • Wireshark 1.12.0
    cpe:2.3:a:wireshark:wireshark:1.12.0
  • Wireshark 1.12.1
    cpe:2.3:a:wireshark:wireshark:1.12.1
CVSS
Base: 5.0 (as of 01-11-2016 - 13:05)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2015-1460.NASL
    description From Red Hat Security Advisory 2015:1460 : Updated wireshark packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Wireshark, previously known as Ethereal, is a network protocol analyzer, which is used to capture and browse the traffic running on a computer network. Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2014-8714, CVE-2014-8712, CVE-2014-8713, CVE-2014-8711, CVE-2014-8710, CVE-2015-0562, CVE-2015-0564, CVE-2015-2189, CVE-2015-2191) This update also fixes the following bugs : * Previously, the Wireshark tool did not support Advanced Encryption Standard Galois/Counter Mode (AES-GCM) cryptographic algorithm. As a consequence, AES-GCM was not decrypted. Support for AES-GCM has been added to Wireshark, and AES-GCM is now correctly decrypted. (BZ#1095065) * Previously, when installing the system using the kickstart method, a dependency on the shadow-utils packages was missing from the wireshark packages, which could cause the installation to fail with a 'bad scriptlet' error message. With this update, shadow-utils are listed as required in the wireshark packages spec file, and kickstart installation no longer fails. (BZ#1121275) * Prior to this update, the Wireshark tool could not decode types of elliptic curves in Datagram Transport Layer Security (DTLS) Client Hello. Consequently, Wireshark incorrectly displayed elliptic curves types as data. A patch has been applied to address this bug, and Wireshark now decodes elliptic curves types properly. (BZ#1131203) * Previously, a dependency on the gtk2 packages was missing from the wireshark packages. As a consequence, the Wireshark tool failed to start under certain circumstances due to an unresolved symbol, 'gtk_combo_box_text_new_with_entry', which was added in gtk version 2.24. With this update, a dependency on gtk2 has been added, and Wireshark now always starts as expected. (BZ#1160388) In addition, this update adds the following enhancements : * With this update, the Wireshark tool supports process substitution, which feeds the output of a process (or processes) into the standard input of another process using the '<(command_list)' syntax. When using process substitution with large files as input, Wireshark failed to decode such input. (BZ#1104210) * Wireshark has been enhanced to enable capturing packets with nanosecond time stamp precision, which allows better analysis of recorded network traffic. (BZ#1146578) All wireshark users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements. All running instances of Wireshark must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 85112
    published 2015-07-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=85112
    title Oracle Linux 6 : wireshark (ELSA-2015-1460)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2015-1460.NASL
    description Updated wireshark packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Wireshark, previously known as Ethereal, is a network protocol analyzer, which is used to capture and browse the traffic running on a computer network. Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2014-8714, CVE-2014-8712, CVE-2014-8713, CVE-2014-8711, CVE-2014-8710, CVE-2015-0562, CVE-2015-0564, CVE-2015-2189, CVE-2015-2191) This update also fixes the following bugs : * Previously, the Wireshark tool did not support Advanced Encryption Standard Galois/Counter Mode (AES-GCM) cryptographic algorithm. As a consequence, AES-GCM was not decrypted. Support for AES-GCM has been added to Wireshark, and AES-GCM is now correctly decrypted. (BZ#1095065) * Previously, when installing the system using the kickstart method, a dependency on the shadow-utils packages was missing from the wireshark packages, which could cause the installation to fail with a 'bad scriptlet' error message. With this update, shadow-utils are listed as required in the wireshark packages spec file, and kickstart installation no longer fails. (BZ#1121275) * Prior to this update, the Wireshark tool could not decode types of elliptic curves in Datagram Transport Layer Security (DTLS) Client Hello. Consequently, Wireshark incorrectly displayed elliptic curves types as data. A patch has been applied to address this bug, and Wireshark now decodes elliptic curves types properly. (BZ#1131203) * Previously, a dependency on the gtk2 packages was missing from the wireshark packages. As a consequence, the Wireshark tool failed to start under certain circumstances due to an unresolved symbol, 'gtk_combo_box_text_new_with_entry', which was added in gtk version 2.24. With this update, a dependency on gtk2 has been added, and Wireshark now always starts as expected. (BZ#1160388) In addition, this update adds the following enhancements : * With this update, the Wireshark tool supports process substitution, which feeds the output of a process (or processes) into the standard input of another process using the '<(command_list)' syntax. When using process substitution with large files as input, Wireshark failed to decode such input. (BZ#1104210) * Wireshark has been enhanced to enable capturing packets with nanosecond time stamp precision, which allows better analysis of recorded network traffic. (BZ#1146578) All wireshark users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements. All running instances of Wireshark must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 84952
    published 2015-07-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=84952
    title RHEL 6 : wireshark (RHSA-2015:1460)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2015-2393.NASL
    description From Red Hat Security Advisory 2015:2393 : Updated wireshark packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The wireshark packages contain a network protocol analyzer used to capture and browse the traffic running on a computer network. Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2015-2188, CVE-2015-2189, CVE-2015-2191, CVE-2015-3810, CVE-2015-3811, CVE-2015-3812, CVE-2015-3813, CVE-2014-8710, CVE-2014-8711, CVE-2014-8712, CVE-2014-8713, CVE-2014-8714, CVE-2015-0562, CVE-2015-0563, CVE-2015-0564, CVE-2015-3182, CVE-2015-6243, CVE-2015-6244, CVE-2015-6245, CVE-2015-6246, CVE-2015-6248) The CVE-2015-3182 issue was discovered by Martin Zember of Red Hat. The wireshark packages have been upgraded to upstream version 1.10.14, which provides a number of bug fixes and enhancements over the previous version. (BZ#1238676) This update also fixes the following bug : * Prior to this update, when using the tshark utility to capture packets over the interface, tshark failed to create output files in the .pcap format even if it was specified using the '-F' option. This bug has been fixed, the '-F' option is now honored, and the result saved in the .pcap format as expected. (BZ#1227199) In addition, this update adds the following enhancement : * Previously, wireshark included only microseconds in the .pcapng format. With this update, wireshark supports nanosecond time stamp precision to allow for more accurate time stamps. (BZ#1213339) All wireshark users are advised to upgrade to these updated packages, which correct these issues and add these enhancements. All running instances of Wireshark must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-07-24
    plugin id 87038
    published 2015-11-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=87038
    title Oracle Linux 7 : wireshark (ELSA-2015-2393)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2015-2393.NASL
    description Updated wireshark packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The wireshark packages contain a network protocol analyzer used to capture and browse the traffic running on a computer network. Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2015-2188, CVE-2015-2189, CVE-2015-2191, CVE-2015-3810, CVE-2015-3811, CVE-2015-3812, CVE-2015-3813, CVE-2014-8710, CVE-2014-8711, CVE-2014-8712, CVE-2014-8713, CVE-2014-8714, CVE-2015-0562, CVE-2015-0563, CVE-2015-0564, CVE-2015-3182, CVE-2015-6243, CVE-2015-6244, CVE-2015-6245, CVE-2015-6246, CVE-2015-6248) The CVE-2015-3182 issue was discovered by Martin Zember of Red Hat. The wireshark packages have been upgraded to upstream version 1.10.14, which provides a number of bug fixes and enhancements over the previous version. (BZ#1238676) This update also fixes the following bug : * Prior to this update, when using the tshark utility to capture packets over the interface, tshark failed to create output files in the .pcap format even if it was specified using the '-F' option. This bug has been fixed, the '-F' option is now honored, and the result saved in the .pcap format as expected. (BZ#1227199) In addition, this update adds the following enhancement : * Previously, wireshark included only microseconds in the .pcapng format. With this update, wireshark supports nanosecond time stamp precision to allow for more accurate time stamps. (BZ#1213339) All wireshark users are advised to upgrade to these updated packages, which correct these issues and add these enhancements. All running instances of Wireshark must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 86988
    published 2015-11-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=86988
    title RHEL 7 : wireshark (RHSA-2015:2393)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2014-223.NASL
    description Updated wireshark packages fix security vulnerabilities : SigComp UDVM buffer overflow (CVE-2014-8710). AMQP crash (CVE-2014-8711). NCP crashes (CVE-2014-8712, CVE-2014-8713). TN5250 infinite loops (CVE-2014-8714).
    last seen 2019-01-03
    modified 2019-01-02
    plugin id 79410
    published 2014-11-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79410
    title Mandriva Linux Security Advisory : wireshark (MDVSA-2014:223)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DLA-198.NASL
    description The following vulnerabilities were discovered in the Squeeze's Wireshark version : CVE-2015-2188 The WCP dissector could crash CVE-2015-0564 Wireshark could crash while decypting TLS/SSL sessions CVE-2015-0562 The DEC DNA Routing Protocol dissector could crash CVE-2014-8714 TN5250 infinite loops CVE-2014-8713 NCP crashes CVE-2014-8712 NCP crashes CVE-2014-8711 AMQP crash CVE-2014-8710 SigComp UDVM buffer overflow CVE-2014-6432 Sniffer file parser crash CVE-2014-6431 Sniffer file parser crash CVE-2014-6430 Sniffer file parser crash CVE-2014-6429 Sniffer file parser crash CVE-2014-6428 SES dissector crash CVE-2014-6423 MEGACO dissector infinite loop CVE-2014-6422 RTP dissector crash Since back-porting upstream patches to 1.2.11-6+squeeze15 did not fix all the outstanding issues and some issues are not even tracked publicly the LTS Team decided to sync squeeze-lts's wireshark package with wheezy-security to provide the best possible security support. Note that upgrading Wireshark from 1.2.x to 1.8.x introduces several backward-incompatible changes in package structure, shared library API/ABI, availability of dissectors and in syntax of command line parameters. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-06
    plugin id 83002
    published 2015-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=83002
    title Debian DLA-198-1 : wireshark security update
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20151119_WIRESHARK_ON_SL7_X.NASL
    description Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2015-2188, CVE-2015-2189, CVE-2015-2191, CVE-2015-3810, CVE-2015-3811, CVE-2015-3812, CVE-2015-3813, CVE-2014-8710, CVE-2014-8711, CVE-2014-8712, CVE-2014-8713, CVE-2014-8714, CVE-2015-0562, CVE-2015-0563, CVE-2015-0564, CVE-2015-3182, CVE-2015-6243, CVE-2015-6244, CVE-2015-6245, CVE-2015-6246, CVE-2015-6248) The wireshark packages have been upgraded to upstream version 1.10.14, which provides a number of bug fixes and enhancements over the previous version. This update also fixes the following bug : - Prior to this update, when using the tshark utility to capture packets over the interface, tshark failed to create output files in the .pcap format even if it was specified using the '-F' option. This bug has been fixed, the '-F' option is now honored, and the result saved in the .pcap format as expected. In addition, this update adds the following enhancement : - Previously, wireshark included only microseconds in the .pcapng format. With this update, wireshark supports nanosecond time stamp precision to allow for more accurate time stamps. All running instances of Wireshark must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-12-28
    plugin id 87578
    published 2015-12-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=87578
    title Scientific Linux Security Update : wireshark on SL7.x x86_64
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2014-15320.NASL
    description Ver. 1.12.2, Security fix for CVE-2014-8711, CVE-2014-8712, CVE-2014-8713, CVE-2014-8714, CVE-2014-8710 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-05
    plugin id 79769
    published 2014-12-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79769
    title Fedora 21 : wireshark-1.12.2-1.fc21 (2014-15320)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2014-15244.NASL
    description Ver. 1.10.11, Security fix for CVE-2014-8711, CVE-2014-8712, CVE-2014-8713, CVE-2014-8714, CVE-2014-8710 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-05
    plugin id 79699
    published 2014-12-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79699
    title Fedora 20 : wireshark-1.10.11-1.fc20 (2014-15244)
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2015-580.NASL
    description Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2014-8714 , CVE-2014-8712 , CVE-2014-8713 , CVE-2014-8711 , CVE-2014-8710 , CVE-2015-0562 , CVE-2015-0564 , CVE-2015-2189 , CVE-2015-2191)
    last seen 2019-02-21
    modified 2018-04-18
    plugin id 85453
    published 2015-08-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=85453
    title Amazon Linux AMI : wireshark (ALAS-2015-580)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20150722_WIRESHARK_ON_SL6_X.NASL
    description Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2014-8714, CVE-2014-8712, CVE-2014-8713, CVE-2014-8711, CVE-2014-8710, CVE-2015-0562, CVE-2015-0564, CVE-2015-2189, CVE-2015-2191) This update also fixes the following bugs : - Previously, the Wireshark tool did not support Advanced Encryption Standard Galois/Counter Mode (AES-GCM) cryptographic algorithm. As a consequence, AES-GCM was not decrypted. Support for AES-GCM has been added to Wireshark, and AES-GCM is now correctly decrypted. - Previously, when installing the system using the kickstart method, a dependency on the shadow-utils packages was missing from the wireshark packages, which could cause the installation to fail with a 'bad scriptlet' error message. With this update, shadow-utils are listed as required in the wireshark packages spec file, and kickstart installation no longer fails. - Prior to this update, the Wireshark tool could not decode types of elliptic curves in Datagram Transport Layer Security (DTLS) Client Hello. Consequently, Wireshark incorrectly displayed elliptic curves types as data. A patch has been applied to address this bug, and Wireshark now decodes elliptic curves types properly. - Previously, a dependency on the gtk2 packages was missing from the wireshark packages. As a consequence, the Wireshark tool failed to start under certain circumstances due to an unresolved symbol, 'gtk_combo_box_text_new_with_entry', which was added in gtk version 2.24. With this update, a dependency on gtk2 has been added, and Wireshark now always starts as expected. In addition, this update adds the following enhancements : - With this update, the Wireshark tool supports process substitution, which feeds the output of a process (or processes) into the standard input of another process using the '<(command_list)' syntax. When using process substitution with large files as input, Wireshark failed to decode such input. - Wireshark has been enhanced to enable capturing packets with nanosecond time stamp precision, which allows better analysis of recorded network traffic. All running instances of Wireshark must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-12-28
    plugin id 85208
    published 2015-08-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=85208
    title Scientific Linux Security Update : wireshark on SL6.x i386/x86_64
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2015-2393.NASL
    description Updated wireshark packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The wireshark packages contain a network protocol analyzer used to capture and browse the traffic running on a computer network. Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2015-2188, CVE-2015-2189, CVE-2015-2191, CVE-2015-3810, CVE-2015-3811, CVE-2015-3812, CVE-2015-3813, CVE-2014-8710, CVE-2014-8711, CVE-2014-8712, CVE-2014-8713, CVE-2014-8714, CVE-2015-0562, CVE-2015-0563, CVE-2015-0564, CVE-2015-3182, CVE-2015-6243, CVE-2015-6244, CVE-2015-6245, CVE-2015-6246, CVE-2015-6248) The CVE-2015-3182 issue was discovered by Martin Zember of Red Hat. The wireshark packages have been upgraded to upstream version 1.10.14, which provides a number of bug fixes and enhancements over the previous version. (BZ#1238676) This update also fixes the following bug : * Prior to this update, when using the tshark utility to capture packets over the interface, tshark failed to create output files in the .pcap format even if it was specified using the '-F' option. This bug has been fixed, the '-F' option is now honored, and the result saved in the .pcap format as expected. (BZ#1227199) In addition, this update adds the following enhancement : * Previously, wireshark included only microseconds in the .pcapng format. With this update, wireshark supports nanosecond time stamp precision to allow for more accurate time stamps. (BZ#1213339) All wireshark users are advised to upgrade to these updated packages, which correct these issues and add these enhancements. All running instances of Wireshark must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 87156
    published 2015-12-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=87156
    title CentOS 7 : wireshark (CESA-2015:2393)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2015-1460.NASL
    description Updated wireshark packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Wireshark, previously known as Ethereal, is a network protocol analyzer, which is used to capture and browse the traffic running on a computer network. Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2014-8714, CVE-2014-8712, CVE-2014-8713, CVE-2014-8711, CVE-2014-8710, CVE-2015-0562, CVE-2015-0564, CVE-2015-2189, CVE-2015-2191) This update also fixes the following bugs : * Previously, the Wireshark tool did not support Advanced Encryption Standard Galois/Counter Mode (AES-GCM) cryptographic algorithm. As a consequence, AES-GCM was not decrypted. Support for AES-GCM has been added to Wireshark, and AES-GCM is now correctly decrypted. (BZ#1095065) * Previously, when installing the system using the kickstart method, a dependency on the shadow-utils packages was missing from the wireshark packages, which could cause the installation to fail with a 'bad scriptlet' error message. With this update, shadow-utils are listed as required in the wireshark packages spec file, and kickstart installation no longer fails. (BZ#1121275) * Prior to this update, the Wireshark tool could not decode types of elliptic curves in Datagram Transport Layer Security (DTLS) Client Hello. Consequently, Wireshark incorrectly displayed elliptic curves types as data. A patch has been applied to address this bug, and Wireshark now decodes elliptic curves types properly. (BZ#1131203) * Previously, a dependency on the gtk2 packages was missing from the wireshark packages. As a consequence, the Wireshark tool failed to start under certain circumstances due to an unresolved symbol, 'gtk_combo_box_text_new_with_entry', which was added in gtk version 2.24. With this update, a dependency on gtk2 has been added, and Wireshark now always starts as expected. (BZ#1160388) In addition, this update adds the following enhancements : * With this update, the Wireshark tool supports process substitution, which feeds the output of a process (or processes) into the standard input of another process using the '<(command_list)' syntax. When using process substitution with large files as input, Wireshark failed to decode such input. (BZ#1104210) * Wireshark has been enhanced to enable capturing packets with nanosecond time stamp precision, which allows better analysis of recorded network traffic. (BZ#1146578) All wireshark users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements. All running instances of Wireshark must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 85026
    published 2015-07-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=85026
    title CentOS 6 : wireshark (CESA-2015:1460)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2014-717.NASL
    description wireshark was updated to fix five security issues. These security issues were fixed : - SigComp UDVM buffer overflow (CVE-2014-8710). - AMQP crash (CVE-2014-8711). - NCP crashes (CVE-2014-8712, CVE-2014-8713). - TN5250 infinite loops (CVE-2014-8714). For openSUSE 12.3 and 13.1 further bug fixes and updated protocol support are described in: https://www.wireshark.org/docs/relnotes/wireshark-1.10.11.html For openSUSE 13.2 further bug fixes and updated protocol support are described in: https://www.wireshark.org/docs/relnotes/wireshark-1.12.2.html
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 79592
    published 2014-11-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79592
    title openSUSE Security Update : wireshark (openSUSE-SU-2014:1503-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_WIRESHARK-141114.NASL
    description wireshark has been updated to version 1.10.11 to fix five security issues. These security issues have been fixed : - SigComp UDVM buffer overflow. (CVE-2014-8710) - AMQP dissector crash. (CVE-2014-8711) - NCP dissector crashes. (CVE-2014-8712 / CVE-2014-8713) - TN5250 infinite loops (CVE-2014-8714). This non-security issue has been fixed : - enable zlib (bnc#899303). Further bug fixes and updated protocol support as listed in : https://www.wireshark.org/docs/relnotes/wireshark-1.10.11.html
    last seen 2019-02-21
    modified 2015-01-18
    plugin id 79620
    published 2014-11-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79620
    title SuSE 11.3 Security Update : wireshark (SAT Patch Number 9968)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-3076.NASL
    description Multiple vulnerabilities were discovered in the dissectors/parsers for SigComp UDVM, AMQP, NCP and TN5250, which could result in denial of service.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 79564
    published 2014-11-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79564
    title Debian DSA-3076-1 : wireshark - security update
  • NASL family Windows
    NASL id WIRESHARK_1_10_11.NASL
    description The remote Windows host has a version of Wireshark installed that is 1.10.x prior to 1.10.11. It is, therefore, affected by multiple denial of service vulnerabilities in following dissectors : - AMQP (CVE-2014-8711) - NCP (CVE-2014-8712, CVE-2014-8713) - SigComp (CVE-2014-8710) - TN5250 (CVE-2014-8714) A remote attacker, using a specially crafted packet, can cause the application to crash. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
    last seen 2019-02-21
    modified 2018-08-06
    plugin id 79251
    published 2014-11-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79251
    title Wireshark 1.10.x < 1.10.11 Multiple DoS Vulnerabilities
  • NASL family Windows
    NASL id WIRESHARK_1_12_2.NASL
    description The remote Windows host has a version of Wireshark installed that is 1.12.x prior to 1.12.2. It is, therefore, affected by multiple denial of service vulnerabilities in following dissectors : - AMQP (CVE-2014-8711) - NCP (CVE-2014-8712, CVE-2014-8713) - SigComp (CVE-2014-8710) - TN5250 (CVE-2014-8714) A remote attacker, using a specially crafted packet, can cause the application to crash. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
    last seen 2019-02-21
    modified 2018-08-06
    plugin id 79252
    published 2014-11-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79252
    title Wireshark 1.12.x < 1.12.2 Multiple DoS Vulnerabilities
redhat via4
advisories
rhsa
id RHSA-2015:1460
rpms
  • wireshark-0:1.8.10-17.el6
  • wireshark-devel-0:1.8.10-17.el6
  • wireshark-gnome-0:1.8.10-17.el6
  • wireshark-0:1.10.14-7.el7
  • wireshark-devel-0:1.10.14-7.el7
  • wireshark-gnome-0:1.10.14-7.el7
refmap via4
bid 71070
confirm
debian DSA-3076
fedora FEDORA-2014-15320
secunia
  • 60231
  • 60290
suse openSUSE-SU-2014:1503
Last major update 28-11-2016 - 14:13
Published 22-11-2014 - 21:59
Last modified 04-01-2018 - 21:29
Back to Top