Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2015-8717 (GCVE-0-2015-8717)
Vulnerability from cvelistv5
Published
2016-01-04 02:00
Modified
2024-08-06 08:29
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.12.x before 1.12.9 does not prevent use of a negative media count, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:29:21.649Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-3505",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3505"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=2ddd92b6f8f587325b9e14598658626f3a007c5c"
},
{
"name": "79816",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/79816"
},
{
"name": "GLSA-201604-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201604-05"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9887"
},
{
"name": "1034551",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034551"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wireshark.org/security/wnpa-sec-2015-36.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-12-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.12.x before 1.12.9 does not prevent use of a negative media count, which allows remote attackers to cause a denial of service (application crash) via a crafted packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-05T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-3505",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3505"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=2ddd92b6f8f587325b9e14598658626f3a007c5c"
},
{
"name": "79816",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/79816"
},
{
"name": "GLSA-201604-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201604-05"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9887"
},
{
"name": "1034551",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034551"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wireshark.org/security/wnpa-sec-2015-36.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8717",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.12.x before 1.12.9 does not prevent use of a negative media count, which allows remote attackers to cause a denial of service (application crash) via a crafted packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3505",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3505"
},
{
"name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2ddd92b6f8f587325b9e14598658626f3a007c5c",
"refsource": "CONFIRM",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2ddd92b6f8f587325b9e14598658626f3a007c5c"
},
{
"name": "79816",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/79816"
},
{
"name": "GLSA-201604-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201604-05"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9887",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9887"
},
{
"name": "1034551",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034551"
},
{
"name": "http://www.wireshark.org/security/wnpa-sec-2015-36.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2015-36.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-8717",
"datePublished": "2016-01-04T02:00:00",
"dateReserved": "2016-01-03T00:00:00",
"dateUpdated": "2024-08-06T08:29:21.649Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2015-8717\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2016-01-04T05:59:07.437\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.12.x before 1.12.9 does not prevent use of a negative media count, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n dissect_sdp en epan/dissectors/packet-sdp.c en el disector SDP en Wireshark 1.12.x en versiones anteriores a 1.12.9 no impide utilizar una cuenta negativa de medios, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un paquete manipulado.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:P\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29AC5E99-9C21-4C2E-AE68-A4B887318577\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.12.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B90C8934-01D8-4027-8A38-0B3230CC5077\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.12.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49C89A62-69E2-40C5-9C75-FA6601A935A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.12.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1946DDC9-E49F-4601-8448-E73B0480C880\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.12.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2F85560-F43E-46C5-9CD1-1A1D66E21580\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.12.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2518D86A-623D-431E-9574-32B677D5FB94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.12.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FEA2B085-01D2-4707-A9F7-6545E4D6D99A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.12.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE4BBF1A-4303-456C-AD19-F5BCF6FDD76B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.12.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD3D5FFB-1A09-4A06-8E83-DF72E39E1891\"}]}]}],\"references\":[{\"url\":\"http://www.debian.org/security/2016/dsa-3505\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/79816\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id/1034551\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.wireshark.org/security/wnpa-sec-2015-36.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9887\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=2ddd92b6f8f587325b9e14598658626f3a007c5c\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://security.gentoo.org/glsa/201604-05\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2016/dsa-3505\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/79816\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1034551\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.wireshark.org/security/wnpa-sec-2015-36.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9887\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=2ddd92b6f8f587325b9e14598658626f3a007c5c\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/201604-05\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
fkie_cve-2015-8717
Vulnerability from fkie_nvd
Published
2016-01-04 05:59
Modified
2025-04-12 10:46
Severity ?
Summary
The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.12.x before 1.12.9 does not prevent use of a negative media count, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.debian.org/security/2016/dsa-3505 | ||
| cve@mitre.org | http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html | ||
| cve@mitre.org | http://www.securityfocus.com/bid/79816 | ||
| cve@mitre.org | http://www.securitytracker.com/id/1034551 | ||
| cve@mitre.org | http://www.wireshark.org/security/wnpa-sec-2015-36.html | Vendor Advisory | |
| cve@mitre.org | https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9887 | ||
| cve@mitre.org | https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=2ddd92b6f8f587325b9e14598658626f3a007c5c | ||
| cve@mitre.org | https://security.gentoo.org/glsa/201604-05 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2016/dsa-3505 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/79816 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1034551 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.wireshark.org/security/wnpa-sec-2015-36.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9887 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=2ddd92b6f8f587325b9e14598658626f3a007c5c | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201604-05 |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wireshark:wireshark:1.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "29AC5E99-9C21-4C2E-AE68-A4B887318577",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wireshark:wireshark:1.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B90C8934-01D8-4027-8A38-0B3230CC5077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wireshark:wireshark:1.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "49C89A62-69E2-40C5-9C75-FA6601A935A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wireshark:wireshark:1.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1946DDC9-E49F-4601-8448-E73B0480C880",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wireshark:wireshark:1.12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E2F85560-F43E-46C5-9CD1-1A1D66E21580",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wireshark:wireshark:1.12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2518D86A-623D-431E-9574-32B677D5FB94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wireshark:wireshark:1.12.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA2B085-01D2-4707-A9F7-6545E4D6D99A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wireshark:wireshark:1.12.7:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4BBF1A-4303-456C-AD19-F5BCF6FDD76B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wireshark:wireshark:1.12.8:*:*:*:*:*:*:*",
"matchCriteriaId": "AD3D5FFB-1A09-4A06-8E83-DF72E39E1891",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.12.x before 1.12.9 does not prevent use of a negative media count, which allows remote attackers to cause a denial of service (application crash) via a crafted packet."
},
{
"lang": "es",
"value": "La funci\u00f3n dissect_sdp en epan/dissectors/packet-sdp.c en el disector SDP en Wireshark 1.12.x en versiones anteriores a 1.12.9 no impide utilizar una cuenta negativa de medios, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un paquete manipulado."
}
],
"id": "CVE-2015-8717",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-01-04T05:59:07.437",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2016/dsa-3505"
},
{
"source": "cve@mitre.org",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/79816"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1034551"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.wireshark.org/security/wnpa-sec-2015-36.html"
},
{
"source": "cve@mitre.org",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9887"
},
{
"source": "cve@mitre.org",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=2ddd92b6f8f587325b9e14598658626f3a007c5c"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201604-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3505"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/79816"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1034551"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.wireshark.org/security/wnpa-sec-2015-36.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9887"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=2ddd92b6f8f587325b9e14598658626f3a007c5c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201604-05"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cnvd-2016-00071
Vulnerability from cnvd
Title
Wireshark SDP解析器拒绝服务漏洞
Description
Wireshark是最流行的网络协议解析器。
Wireshark 1.12.9之前的1.12.x版本,SDP解析器中epan/dissectors/packet-sdp.c的函数dissect_sdp未阻止使用负媒体数,通过构造的数据包,远程攻击者利用此漏洞可造成拒绝服务(应用崩溃)。
Severity
中
VLAI Severity ?
Patch Name
Wireshark SDP解析器拒绝服务漏洞的补丁
Patch Description
Wireshark是最流行的网络协议解析器。
Wireshark 1.12.9之前的1.12.x版本,SDP解析器中epan/dissectors/packet-sdp.c的函数dissect_sdp未阻止使用负媒体数,通过构造的数据包,远程攻击者利用此漏洞可造成拒绝服务(应用崩溃)。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.wireshark.org/security/wnpa-sec-2015-37.html
Reference
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8717
Impacted products
| Name | Wireshark Wireshark 1.12.x(<1.12.9) |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2015-8717"
}
},
"description": "Wireshark\u662f\u6700\u6d41\u884c\u7684\u7f51\u7edc\u534f\u8bae\u89e3\u6790\u5668\u3002\r\n\r\nWireshark 1.12.9\u4e4b\u524d\u76841.12.x\u7248\u672c\uff0cSDP\u89e3\u6790\u5668\u4e2depan/dissectors/packet-sdp.c\u7684\u51fd\u6570dissect_sdp\u672a\u963b\u6b62\u4f7f\u7528\u8d1f\u5a92\u4f53\u6570\uff0c\u901a\u8fc7\u6784\u9020\u7684\u6570\u636e\u5305\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6b64\u6f0f\u6d1e\u53ef\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u5e94\u7528\u5d29\u6e83\uff09\u3002",
"discovererName": "Buildbot Builder",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\nhttp://www.wireshark.org/security/wnpa-sec-2015-37.html",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2016-00071",
"openTime": "2016-01-06",
"patchDescription": "Wireshark\u662f\u6700\u6d41\u884c\u7684\u7f51\u7edc\u534f\u8bae\u89e3\u6790\u5668\u3002\r\n\r\nWireshark 1.12.9\u4e4b\u524d\u76841.12.x\u7248\u672c\uff0cSDP\u89e3\u6790\u5668\u4e2depan/dissectors/packet-sdp.c\u7684\u51fd\u6570dissect_sdp\u672a\u963b\u6b62\u4f7f\u7528\u8d1f\u5a92\u4f53\u6570\uff0c\u901a\u8fc7\u6784\u9020\u7684\u6570\u636e\u5305\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6b64\u6f0f\u6d1e\u53ef\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u5e94\u7528\u5d29\u6e83\uff09\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Wireshark SDP\u89e3\u6790\u5668\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "Wireshark Wireshark 1.12.x(\u003c1.12.9)"
},
"referenceLink": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8717",
"serverity": "\u4e2d",
"submitTime": "2016-01-05",
"title": "Wireshark SDP\u89e3\u6790\u5668\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}
ghsa-gpvp-wmm7-67r5
Vulnerability from github
Published
2022-05-17 03:24
Modified
2025-04-12 12:55
Severity ?
VLAI Severity ?
Details
The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.12.x before 1.12.9 does not prevent use of a negative media count, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
{
"affected": [],
"aliases": [
"CVE-2015-8717"
],
"database_specific": {
"cwe_ids": [
"CWE-20"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2016-01-04T05:59:00Z",
"severity": "MODERATE"
},
"details": "The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.12.x before 1.12.9 does not prevent use of a negative media count, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.",
"id": "GHSA-gpvp-wmm7-67r5",
"modified": "2025-04-12T12:55:29Z",
"published": "2022-05-17T03:24:43Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8717"
},
{
"type": "WEB",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9887"
},
{
"type": "WEB",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=2ddd92b6f8f587325b9e14598658626f3a007c5c"
},
{
"type": "WEB",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2ddd92b6f8f587325b9e14598658626f3a007c5c"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201604-05"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2016/dsa-3505"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/79816"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1034551"
},
{
"type": "WEB",
"url": "http://www.wireshark.org/security/wnpa-sec-2015-36.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
suse-su-2016:0110-1
Vulnerability from csaf_suse
Published
2016-01-13 15:14
Modified
2016-01-13 15:14
Summary
Security update for wireshark
Notes
Title of the patch
Security update for wireshark
Description of the patch
This update contains Wireshark 1.12.9 and fixes the following issues:
* CVE-2015-7830: pcapng file parser could crash while copying an interface filter (bsc#950437)
* CVE-2015-8711: epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate conversation data, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.
* CVE-2015-8712: The dissect_hsdsch_channel_info function in epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not validate the number of PDUs, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
* CVE-2015-8713: epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not properly reserve memory for channel ID mappings, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.
* CVE-2015-8714: The dissect_dcom_OBJREF function in epan/dissectors/packet-dcom.c in the DCOM dissector in Wireshark 1.12.x before 1.12.9 does not initialize a certain IPv4 data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
* CVE-2015-8715: epan/dissectors/packet-alljoyn.c in the AllJoyn dissector in Wireshark 1.12.x before 1.12.9 does not check for empty arguments, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
* CVE-2015-8716: The init_t38_info_conv function in epan/dissectors/packet-t38.c in the T.38 dissector in Wireshark 1.12.x before 1.12.9 does not ensure that a conversation exists, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
* CVE-2015-8717: The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.12.x before 1.12.9 does not prevent use of a negative media count, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
* CVE-2015-8718: Double free vulnerability in epan/dissectors/packet-nlm.c in the NLM dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1, when the 'Match MSG/RES packets for async NLM' option is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted packet.
* CVE-2015-8719: The dissect_dns_answer function in epan/dissectors/packet-dns.c in the DNS dissector in Wireshark 1.12.x before 1.12.9 mishandles the EDNS0 Client Subnet option, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
* CVE-2015-8720: The dissect_ber_GeneralizedTime function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly checks an sscanf return value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
* CVE-2015-8721: Buffer overflow in the tvb_uncompress function in epan/tvbuff_zlib.c in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet with zlib compression.
* CVE-2015-8722: epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the frame pointer, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.
* CVE-2015-8723: The AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationship between the total length and the capture length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted
* CVE-2015-8724: The AirPDcapDecryptWPABroadcastKey function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not verify the WPA broadcast key length, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.
* CVE-2015-8725: The dissect_diameter_base_framed_ipv6_prefix function in epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the IPv6 prefix length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.
* CVE-2015-8726: wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and Modulation and Coding Scheme (MCS) data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.
* CVE-2015-8727: The dissect_rsvp_common function in epan/dissectors/packet-rsvp.c in the RSVP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not properly maintain request-key data, which allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet.
* CVE-2015-8728: The Mobile Identity parser in (1) epan/dissectors/packet-ansi_a.c in the ANSI A dissector and (2) epan/dissectors/packet-gsm_a_common.c in the GSM A dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly uses the tvb_bcd_dig_to_wmem_packet_str function, which allows remote attackers to cause a denial of service (buffer overflow and application crash) via a crafted packet.
* CVE-2015-8729: The ascend_seek function in wiretap/ascendtext.c in the Ascend file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not ensure the presence of a '\0' character at the end of a date string, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.
* CVE-2015-8730: epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the number of items, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted packet.
* CVE-2015-8731: The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not reject unknown TLV types, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.
* CVE-2015-8732: The dissect_zcl_pwr_prof_pwrprofstatersp function in epan/dissectors/packet-zbee-zcl-general.c in the ZigBee ZCL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the Total Profile Number field, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.
* CVE-2015-8733: The ngsniffer_process_record function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.
Patchnames
sdksp3-wireshark-12322,sdksp4-wireshark-12322,sledsp3-wireshark-12322,sledsp4-wireshark-12322,slessp3-wireshark-12322,slessp4-wireshark-12322
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for wireshark",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update contains Wireshark 1.12.9 and fixes the following issues:\n\n* CVE-2015-7830: pcapng file parser could crash while copying an interface filter (bsc#950437)\n* CVE-2015-8711: epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate conversation data, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.\n* CVE-2015-8712: The dissect_hsdsch_channel_info function in epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not validate the number of PDUs, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.\n* CVE-2015-8713: epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not properly reserve memory for channel ID mappings, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.\n* CVE-2015-8714: The dissect_dcom_OBJREF function in epan/dissectors/packet-dcom.c in the DCOM dissector in Wireshark 1.12.x before 1.12.9 does not initialize a certain IPv4 data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.\n* CVE-2015-8715: epan/dissectors/packet-alljoyn.c in the AllJoyn dissector in Wireshark 1.12.x before 1.12.9 does not check for empty arguments, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.\n* CVE-2015-8716: The init_t38_info_conv function in epan/dissectors/packet-t38.c in the T.38 dissector in Wireshark 1.12.x before 1.12.9 does not ensure that a conversation exists, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.\n* CVE-2015-8717: The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.12.x before 1.12.9 does not prevent use of a negative media count, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.\n* CVE-2015-8718: Double free vulnerability in epan/dissectors/packet-nlm.c in the NLM dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1, when the \u0027Match MSG/RES packets for async NLM\u0027 option is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted packet.\n* CVE-2015-8719: The dissect_dns_answer function in epan/dissectors/packet-dns.c in the DNS dissector in Wireshark 1.12.x before 1.12.9 mishandles the EDNS0 Client Subnet option, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.\n* CVE-2015-8720: The dissect_ber_GeneralizedTime function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly checks an sscanf return value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.\n* CVE-2015-8721: Buffer overflow in the tvb_uncompress function in epan/tvbuff_zlib.c in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet with zlib compression.\n* CVE-2015-8722: epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the frame pointer, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.\n* CVE-2015-8723: The AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationship between the total length and the capture length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted\n* CVE-2015-8724: The AirPDcapDecryptWPABroadcastKey function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not verify the WPA broadcast key length, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.\n* CVE-2015-8725: The dissect_diameter_base_framed_ipv6_prefix function in epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the IPv6 prefix length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.\n* CVE-2015-8726: wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and Modulation and Coding Scheme (MCS) data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.\n* CVE-2015-8727: The dissect_rsvp_common function in epan/dissectors/packet-rsvp.c in the RSVP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not properly maintain request-key data, which allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet.\n* CVE-2015-8728: The Mobile Identity parser in (1) epan/dissectors/packet-ansi_a.c in the ANSI A dissector and (2) epan/dissectors/packet-gsm_a_common.c in the GSM A dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly uses the tvb_bcd_dig_to_wmem_packet_str function, which allows remote attackers to cause a denial of service (buffer overflow and application crash) via a crafted packet.\n* CVE-2015-8729: The ascend_seek function in wiretap/ascendtext.c in the Ascend file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not ensure the presence of a \u0027\\0\u0027 character at the end of a date string, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.\n* CVE-2015-8730: epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the number of items, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted packet.\n* CVE-2015-8731: The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not reject unknown TLV types, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.\n* CVE-2015-8732: The dissect_zcl_pwr_prof_pwrprofstatersp function in epan/dissectors/packet-zbee-zcl-general.c in the ZigBee ZCL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the Total Profile Number field, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.\n* CVE-2015-8733: The ngsniffer_process_record function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "sdksp3-wireshark-12322,sdksp4-wireshark-12322,sledsp3-wireshark-12322,sledsp4-wireshark-12322,slessp3-wireshark-12322,slessp4-wireshark-12322",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_0110-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:0110-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20160110-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:0110-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-January/001798.html"
},
{
"category": "self",
"summary": "SUSE Bug 950437",
"url": "https://bugzilla.suse.com/950437"
},
{
"category": "self",
"summary": "SUSE Bug 960382",
"url": "https://bugzilla.suse.com/960382"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7830 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8711 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8711/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8712 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8712/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8713 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8713/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8714 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8714/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8715 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8715/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8716 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8716/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8717 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8717/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8718 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8719 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8719/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8720 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8720/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8721 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8721/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8722 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8722/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8723 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8723/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8724 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8724/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8725 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8725/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8726 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8726/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8727 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8727/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8728 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8728/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8729 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8729/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8730 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8730/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8731 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8731/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8732 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8732/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8733 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8733/"
}
],
"title": "Security update for wireshark",
"tracking": {
"current_release_date": "2016-01-13T15:14:15Z",
"generator": {
"date": "2016-01-13T15:14:15Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:0110-1",
"initial_release_date": "2016-01-13T15:14:15Z",
"revision_history": [
{
"date": "2016-01-13T15:14:15Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "wireshark-1.12.9-0.12.1.i586",
"product": {
"name": "wireshark-1.12.9-0.12.1.i586",
"product_id": "wireshark-1.12.9-0.12.1.i586"
}
},
{
"category": "product_version",
"name": "wireshark-devel-1.12.9-0.12.1.i586",
"product": {
"name": "wireshark-devel-1.12.9-0.12.1.i586",
"product_id": "wireshark-devel-1.12.9-0.12.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "wireshark-devel-1.12.9-0.12.1.ia64",
"product": {
"name": "wireshark-devel-1.12.9-0.12.1.ia64",
"product_id": "wireshark-devel-1.12.9-0.12.1.ia64"
}
},
{
"category": "product_version",
"name": "wireshark-1.12.9-0.12.1.ia64",
"product": {
"name": "wireshark-1.12.9-0.12.1.ia64",
"product_id": "wireshark-1.12.9-0.12.1.ia64"
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "wireshark-devel-1.12.9-0.12.1.ppc64",
"product": {
"name": "wireshark-devel-1.12.9-0.12.1.ppc64",
"product_id": "wireshark-devel-1.12.9-0.12.1.ppc64"
}
},
{
"category": "product_version",
"name": "wireshark-1.12.9-0.12.1.ppc64",
"product": {
"name": "wireshark-1.12.9-0.12.1.ppc64",
"product_id": "wireshark-1.12.9-0.12.1.ppc64"
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "wireshark-devel-1.12.9-0.12.1.s390x",
"product": {
"name": "wireshark-devel-1.12.9-0.12.1.s390x",
"product_id": "wireshark-devel-1.12.9-0.12.1.s390x"
}
},
{
"category": "product_version",
"name": "wireshark-1.12.9-0.12.1.s390x",
"product": {
"name": "wireshark-1.12.9-0.12.1.s390x",
"product_id": "wireshark-1.12.9-0.12.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "wireshark-1.12.9-0.12.1.x86_64",
"product": {
"name": "wireshark-1.12.9-0.12.1.x86_64",
"product_id": "wireshark-1.12.9-0.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "wireshark-devel-1.12.9-0.12.1.x86_64",
"product": {
"name": "wireshark-devel-1.12.9-0.12.1.x86_64",
"product_id": "wireshark-devel-1.12.9-0.12.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 11 SP3",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 11 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP3",
"product_identification_helper": {
"cpe": "cpe:/a:suse:sle-sdk:11:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/a:suse:sle-sdk:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 11 SP3",
"product": {
"name": "SUSE Linux Enterprise Desktop 11 SP3",
"product_id": "SUSE Linux Enterprise Desktop 11 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sled:11:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Desktop 11 SP4",
"product_id": "SUSE Linux Enterprise Desktop 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sled:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP3",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP3",
"product_id": "SUSE Linux Enterprise Server 11 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles:11:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:11:sp3:teradata"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:11:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:11:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-0.12.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586"
},
"product_reference": "wireshark-1.12.9-0.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-0.12.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64"
},
"product_reference": "wireshark-1.12.9-0.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-devel-1.12.9-0.12.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586"
},
"product_reference": "wireshark-devel-1.12.9-0.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-devel-1.12.9-0.12.1.ia64 as component of SUSE Linux Enterprise Software Development Kit 11 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64"
},
"product_reference": "wireshark-devel-1.12.9-0.12.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-devel-1.12.9-0.12.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64"
},
"product_reference": "wireshark-devel-1.12.9-0.12.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-devel-1.12.9-0.12.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x"
},
"product_reference": "wireshark-devel-1.12.9-0.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-devel-1.12.9-0.12.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64"
},
"product_reference": "wireshark-devel-1.12.9-0.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-0.12.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586"
},
"product_reference": "wireshark-1.12.9-0.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-0.12.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64"
},
"product_reference": "wireshark-1.12.9-0.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-devel-1.12.9-0.12.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586"
},
"product_reference": "wireshark-devel-1.12.9-0.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-devel-1.12.9-0.12.1.ia64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64"
},
"product_reference": "wireshark-devel-1.12.9-0.12.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-devel-1.12.9-0.12.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64"
},
"product_reference": "wireshark-devel-1.12.9-0.12.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-devel-1.12.9-0.12.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x"
},
"product_reference": "wireshark-devel-1.12.9-0.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-devel-1.12.9-0.12.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
},
"product_reference": "wireshark-devel-1.12.9-0.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-0.12.1.i586 as component of SUSE Linux Enterprise Desktop 11 SP3",
"product_id": "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586"
},
"product_reference": "wireshark-1.12.9-0.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-0.12.1.x86_64 as component of SUSE Linux Enterprise Desktop 11 SP3",
"product_id": "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64"
},
"product_reference": "wireshark-1.12.9-0.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-0.12.1.i586 as component of SUSE Linux Enterprise Desktop 11 SP4",
"product_id": "SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586"
},
"product_reference": "wireshark-1.12.9-0.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-0.12.1.x86_64 as component of SUSE Linux Enterprise Desktop 11 SP4",
"product_id": "SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64"
},
"product_reference": "wireshark-1.12.9-0.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-0.12.1.i586 as component of SUSE Linux Enterprise Server 11 SP3",
"product_id": "SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586"
},
"product_reference": "wireshark-1.12.9-0.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-0.12.1.ia64 as component of SUSE Linux Enterprise Server 11 SP3",
"product_id": "SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64"
},
"product_reference": "wireshark-1.12.9-0.12.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-0.12.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP3",
"product_id": "SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64"
},
"product_reference": "wireshark-1.12.9-0.12.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-0.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP3",
"product_id": "SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x"
},
"product_reference": "wireshark-1.12.9-0.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-0.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3",
"product_id": "SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64"
},
"product_reference": "wireshark-1.12.9-0.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-0.12.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586"
},
"product_reference": "wireshark-1.12.9-0.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-0.12.1.ia64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64"
},
"product_reference": "wireshark-1.12.9-0.12.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-0.12.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64"
},
"product_reference": "wireshark-1.12.9-0.12.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-0.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x"
},
"product_reference": "wireshark-1.12.9-0.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-0.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64"
},
"product_reference": "wireshark-1.12.9-0.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-0.12.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586"
},
"product_reference": "wireshark-1.12.9-0.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-0.12.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64"
},
"product_reference": "wireshark-1.12.9-0.12.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-0.12.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64"
},
"product_reference": "wireshark-1.12.9-0.12.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-0.12.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x"
},
"product_reference": "wireshark-1.12.9-0.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-0.12.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64"
},
"product_reference": "wireshark-1.12.9-0.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-0.12.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586"
},
"product_reference": "wireshark-1.12.9-0.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-0.12.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64"
},
"product_reference": "wireshark-1.12.9-0.12.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-0.12.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64"
},
"product_reference": "wireshark-1.12.9-0.12.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-0.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x"
},
"product_reference": "wireshark-1.12.9-0.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-0.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64"
},
"product_reference": "wireshark-1.12.9-0.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-0.12.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586"
},
"product_reference": "wireshark-1.12.9-0.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-0.12.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64"
},
"product_reference": "wireshark-1.12.9-0.12.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-0.12.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64"
},
"product_reference": "wireshark-1.12.9-0.12.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-0.12.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x"
},
"product_reference": "wireshark-1.12.9-0.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-0.12.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64"
},
"product_reference": "wireshark-1.12.9-0.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-7830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7830"
}
],
"notes": [
{
"category": "general",
"text": "The pcapng_read_if_descr_block function in wiretap/pcapng.c in the pcapng parser in Wireshark 1.12.x before 1.12.8 uses too many levels of pointer indirection, which allows remote attackers to cause a denial of service (incorrect free and application crash) via a crafted packet that triggers interface-filter copying.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7830",
"url": "https://www.suse.com/security/cve/CVE-2015-7830"
},
{
"category": "external",
"summary": "SUSE Bug 950437 for CVE-2015-7830",
"url": "https://bugzilla.suse.com/950437"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-7830",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T15:14:15Z",
"details": "moderate"
}
],
"title": "CVE-2015-7830"
},
{
"cve": "CVE-2015-8711",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8711"
}
],
"notes": [
{
"category": "general",
"text": "epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate conversation data, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8711",
"url": "https://www.suse.com/security/cve/CVE-2015-8711"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8711",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T15:14:15Z",
"details": "moderate"
}
],
"title": "CVE-2015-8711"
},
{
"cve": "CVE-2015-8712",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8712"
}
],
"notes": [
{
"category": "general",
"text": "The dissect_hsdsch_channel_info function in epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not validate the number of PDUs, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8712",
"url": "https://www.suse.com/security/cve/CVE-2015-8712"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8712",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T15:14:15Z",
"details": "moderate"
}
],
"title": "CVE-2015-8712"
},
{
"cve": "CVE-2015-8713",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8713"
}
],
"notes": [
{
"category": "general",
"text": "epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not properly reserve memory for channel ID mappings, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8713",
"url": "https://www.suse.com/security/cve/CVE-2015-8713"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8713",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T15:14:15Z",
"details": "moderate"
}
],
"title": "CVE-2015-8713"
},
{
"cve": "CVE-2015-8714",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8714"
}
],
"notes": [
{
"category": "general",
"text": "The dissect_dcom_OBJREF function in epan/dissectors/packet-dcom.c in the DCOM dissector in Wireshark 1.12.x before 1.12.9 does not initialize a certain IPv4 data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8714",
"url": "https://www.suse.com/security/cve/CVE-2015-8714"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8714",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T15:14:15Z",
"details": "moderate"
}
],
"title": "CVE-2015-8714"
},
{
"cve": "CVE-2015-8715",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8715"
}
],
"notes": [
{
"category": "general",
"text": "epan/dissectors/packet-alljoyn.c in the AllJoyn dissector in Wireshark 1.12.x before 1.12.9 does not check for empty arguments, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8715",
"url": "https://www.suse.com/security/cve/CVE-2015-8715"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8715",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T15:14:15Z",
"details": "moderate"
}
],
"title": "CVE-2015-8715"
},
{
"cve": "CVE-2015-8716",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8716"
}
],
"notes": [
{
"category": "general",
"text": "The init_t38_info_conv function in epan/dissectors/packet-t38.c in the T.38 dissector in Wireshark 1.12.x before 1.12.9 does not ensure that a conversation exists, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8716",
"url": "https://www.suse.com/security/cve/CVE-2015-8716"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8716",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T15:14:15Z",
"details": "moderate"
}
],
"title": "CVE-2015-8716"
},
{
"cve": "CVE-2015-8717",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8717"
}
],
"notes": [
{
"category": "general",
"text": "The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.12.x before 1.12.9 does not prevent use of a negative media count, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8717",
"url": "https://www.suse.com/security/cve/CVE-2015-8717"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8717",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T15:14:15Z",
"details": "moderate"
}
],
"title": "CVE-2015-8717"
},
{
"cve": "CVE-2015-8718",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8718"
}
],
"notes": [
{
"category": "general",
"text": "Double free vulnerability in epan/dissectors/packet-nlm.c in the NLM dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1, when the \"Match MSG/RES packets for async NLM\" option is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8718",
"url": "https://www.suse.com/security/cve/CVE-2015-8718"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8718",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T15:14:15Z",
"details": "moderate"
}
],
"title": "CVE-2015-8718"
},
{
"cve": "CVE-2015-8719",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8719"
}
],
"notes": [
{
"category": "general",
"text": "The dissect_dns_answer function in epan/dissectors/packet-dns.c in the DNS dissector in Wireshark 1.12.x before 1.12.9 mishandles the EDNS0 Client Subnet option, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8719",
"url": "https://www.suse.com/security/cve/CVE-2015-8719"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8719",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T15:14:15Z",
"details": "moderate"
}
],
"title": "CVE-2015-8719"
},
{
"cve": "CVE-2015-8720",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8720"
}
],
"notes": [
{
"category": "general",
"text": "The dissect_ber_GeneralizedTime function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly checks an sscanf return value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8720",
"url": "https://www.suse.com/security/cve/CVE-2015-8720"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8720",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T15:14:15Z",
"details": "moderate"
}
],
"title": "CVE-2015-8720"
},
{
"cve": "CVE-2015-8721",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8721"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the tvb_uncompress function in epan/tvbuff_zlib.c in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet with zlib compression.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8721",
"url": "https://www.suse.com/security/cve/CVE-2015-8721"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8721",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T15:14:15Z",
"details": "moderate"
}
],
"title": "CVE-2015-8721"
},
{
"cve": "CVE-2015-8722",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8722"
}
],
"notes": [
{
"category": "general",
"text": "epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the frame pointer, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8722",
"url": "https://www.suse.com/security/cve/CVE-2015-8722"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8722",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T15:14:15Z",
"details": "moderate"
}
],
"title": "CVE-2015-8722"
},
{
"cve": "CVE-2015-8723",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8723"
}
],
"notes": [
{
"category": "general",
"text": "The AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationship between the total length and the capture length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8723",
"url": "https://www.suse.com/security/cve/CVE-2015-8723"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8723",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T15:14:15Z",
"details": "moderate"
}
],
"title": "CVE-2015-8723"
},
{
"cve": "CVE-2015-8724",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8724"
}
],
"notes": [
{
"category": "general",
"text": "The AirPDcapDecryptWPABroadcastKey function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not verify the WPA broadcast key length, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8724",
"url": "https://www.suse.com/security/cve/CVE-2015-8724"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8724",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T15:14:15Z",
"details": "moderate"
}
],
"title": "CVE-2015-8724"
},
{
"cve": "CVE-2015-8725",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8725"
}
],
"notes": [
{
"category": "general",
"text": "The dissect_diameter_base_framed_ipv6_prefix function in epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the IPv6 prefix length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8725",
"url": "https://www.suse.com/security/cve/CVE-2015-8725"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8725",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T15:14:15Z",
"details": "moderate"
}
],
"title": "CVE-2015-8725"
},
{
"cve": "CVE-2015-8726",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8726"
}
],
"notes": [
{
"category": "general",
"text": "wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and Modulation and Coding Scheme (MCS) data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8726",
"url": "https://www.suse.com/security/cve/CVE-2015-8726"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8726",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T15:14:15Z",
"details": "moderate"
}
],
"title": "CVE-2015-8726"
},
{
"cve": "CVE-2015-8727",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8727"
}
],
"notes": [
{
"category": "general",
"text": "The dissect_rsvp_common function in epan/dissectors/packet-rsvp.c in the RSVP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not properly maintain request-key data, which allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8727",
"url": "https://www.suse.com/security/cve/CVE-2015-8727"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8727",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T15:14:15Z",
"details": "moderate"
}
],
"title": "CVE-2015-8727"
},
{
"cve": "CVE-2015-8728",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8728"
}
],
"notes": [
{
"category": "general",
"text": "The Mobile Identity parser in (1) epan/dissectors/packet-ansi_a.c in the ANSI A dissector and (2) epan/dissectors/packet-gsm_a_common.c in the GSM A dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly uses the tvb_bcd_dig_to_wmem_packet_str function, which allows remote attackers to cause a denial of service (buffer overflow and application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8728",
"url": "https://www.suse.com/security/cve/CVE-2015-8728"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8728",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T15:14:15Z",
"details": "moderate"
}
],
"title": "CVE-2015-8728"
},
{
"cve": "CVE-2015-8729",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8729"
}
],
"notes": [
{
"category": "general",
"text": "The ascend_seek function in wiretap/ascendtext.c in the Ascend file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not ensure the presence of a \u0027\\0\u0027 character at the end of a date string, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8729",
"url": "https://www.suse.com/security/cve/CVE-2015-8729"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8729",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T15:14:15Z",
"details": "moderate"
}
],
"title": "CVE-2015-8729"
},
{
"cve": "CVE-2015-8730",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8730"
}
],
"notes": [
{
"category": "general",
"text": "epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the number of items, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8730",
"url": "https://www.suse.com/security/cve/CVE-2015-8730"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8730",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T15:14:15Z",
"details": "moderate"
}
],
"title": "CVE-2015-8730"
},
{
"cve": "CVE-2015-8731",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8731"
}
],
"notes": [
{
"category": "general",
"text": "The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not reject unknown TLV types, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8731",
"url": "https://www.suse.com/security/cve/CVE-2015-8731"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8731",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T15:14:15Z",
"details": "moderate"
}
],
"title": "CVE-2015-8731"
},
{
"cve": "CVE-2015-8732",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8732"
}
],
"notes": [
{
"category": "general",
"text": "The dissect_zcl_pwr_prof_pwrprofstatersp function in epan/dissectors/packet-zbee-zcl-general.c in the ZigBee ZCL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the Total Profile Number field, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8732",
"url": "https://www.suse.com/security/cve/CVE-2015-8732"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8732",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T15:14:15Z",
"details": "moderate"
}
],
"title": "CVE-2015-8732"
},
{
"cve": "CVE-2015-8733",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8733"
}
],
"notes": [
{
"category": "general",
"text": "The ngsniffer_process_record function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8733",
"url": "https://www.suse.com/security/cve/CVE-2015-8733"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8733",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.9-0.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.9-0.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T15:14:15Z",
"details": "moderate"
}
],
"title": "CVE-2015-8733"
}
]
}
suse-su-2016:0109-1
Vulnerability from csaf_suse
Published
2016-01-13 14:18
Modified
2016-01-13 14:18
Summary
Security update for wireshark
Notes
Title of the patch
Security update for wireshark
Description of the patch
This update contains Wireshark 1.12.9 and fixes the following issues:
* CVE-2015-7830: pcapng file parser could crash while copying an interface filter (bsc#950437)
* CVE-2015-8711: epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate conversation data, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.
* CVE-2015-8712: The dissect_hsdsch_channel_info function in epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not validate the number of PDUs, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
* CVE-2015-8713: epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not properly reserve memory for channel ID mappings, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.
* CVE-2015-8714: The dissect_dcom_OBJREF function in epan/dissectors/packet-dcom.c in the DCOM dissector in Wireshark 1.12.x before 1.12.9 does not initialize a certain IPv4 data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
* CVE-2015-8715: epan/dissectors/packet-alljoyn.c in the AllJoyn dissector in Wireshark 1.12.x before 1.12.9 does not check for empty arguments, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
* CVE-2015-8716: The init_t38_info_conv function in epan/dissectors/packet-t38.c in the T.38 dissector in Wireshark 1.12.x before 1.12.9 does not ensure that a conversation exists, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
* CVE-2015-8717: The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.12.x before 1.12.9 does not prevent use of a negative media count, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
* CVE-2015-8718: Double free vulnerability in epan/dissectors/packet-nlm.c in the NLM dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1, when the 'Match MSG/RES packets for async NLM' option is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted packet.
* CVE-2015-8719: The dissect_dns_answer function in epan/dissectors/packet-dns.c in the DNS dissector in Wireshark 1.12.x before 1.12.9 mishandles the EDNS0 Client Subnet option, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
* CVE-2015-8720: The dissect_ber_GeneralizedTime function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly checks an sscanf return value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
* CVE-2015-8721: Buffer overflow in the tvb_uncompress function in epan/tvbuff_zlib.c in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet with zlib compression.
* CVE-2015-8722: epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the frame pointer, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.
* CVE-2015-8723: The AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationship between the total length and the capture length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted
* CVE-2015-8724: The AirPDcapDecryptWPABroadcastKey function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not verify the WPA broadcast key length, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.
* CVE-2015-8725: The dissect_diameter_base_framed_ipv6_prefix function in epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the IPv6 prefix length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.
* CVE-2015-8726: wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and Modulation and Coding Scheme (MCS) data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.
* CVE-2015-8727: The dissect_rsvp_common function in epan/dissectors/packet-rsvp.c in the RSVP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not properly maintain request-key data, which allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet.
* CVE-2015-8728: The Mobile Identity parser in (1) epan/dissectors/packet-ansi_a.c in the ANSI A dissector and (2) epan/dissectors/packet-gsm_a_common.c in the GSM A dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly uses the tvb_bcd_dig_to_wmem_packet_str function, which allows remote attackers to cause a denial of service (buffer overflow and application crash) via a crafted packet.
* CVE-2015-8729: The ascend_seek function in wiretap/ascendtext.c in the Ascend file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not ensure the presence of a '\0' character at the end of a date string, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.
* CVE-2015-8730: epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the number of items, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted packet.
* CVE-2015-8731: The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not reject unknown TLV types, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.
* CVE-2015-8732: The dissect_zcl_pwr_prof_pwrprofstatersp function in epan/dissectors/packet-zbee-zcl-general.c in the ZigBee ZCL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the Total Profile Number field, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.
* CVE-2015-8733: The ngsniffer_process_record function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.
Patchnames
SUSE-SLE-DESKTOP-12-2016-76,SUSE-SLE-DESKTOP-12-SP1-2016-76,SUSE-SLE-SDK-12-2016-76,SUSE-SLE-SDK-12-SP1-2016-76,SUSE-SLE-SERVER-12-2016-76,SUSE-SLE-SERVER-12-SP1-2016-76
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for wireshark",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update contains Wireshark 1.12.9 and fixes the following issues:\n\n* CVE-2015-7830: pcapng file parser could crash while copying an interface filter (bsc#950437)\n* CVE-2015-8711: epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate conversation data, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.\n* CVE-2015-8712: The dissect_hsdsch_channel_info function in epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not validate the number of PDUs, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.\n* CVE-2015-8713: epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not properly reserve memory for channel ID mappings, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.\n* CVE-2015-8714: The dissect_dcom_OBJREF function in epan/dissectors/packet-dcom.c in the DCOM dissector in Wireshark 1.12.x before 1.12.9 does not initialize a certain IPv4 data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.\n* CVE-2015-8715: epan/dissectors/packet-alljoyn.c in the AllJoyn dissector in Wireshark 1.12.x before 1.12.9 does not check for empty arguments, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.\n* CVE-2015-8716: The init_t38_info_conv function in epan/dissectors/packet-t38.c in the T.38 dissector in Wireshark 1.12.x before 1.12.9 does not ensure that a conversation exists, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.\n* CVE-2015-8717: The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.12.x before 1.12.9 does not prevent use of a negative media count, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.\n* CVE-2015-8718: Double free vulnerability in epan/dissectors/packet-nlm.c in the NLM dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1, when the \u0027Match MSG/RES packets for async NLM\u0027 option is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted packet.\n* CVE-2015-8719: The dissect_dns_answer function in epan/dissectors/packet-dns.c in the DNS dissector in Wireshark 1.12.x before 1.12.9 mishandles the EDNS0 Client Subnet option, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.\n* CVE-2015-8720: The dissect_ber_GeneralizedTime function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly checks an sscanf return value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.\n* CVE-2015-8721: Buffer overflow in the tvb_uncompress function in epan/tvbuff_zlib.c in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet with zlib compression.\n* CVE-2015-8722: epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the frame pointer, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.\n* CVE-2015-8723: The AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationship between the total length and the capture length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted\n* CVE-2015-8724: The AirPDcapDecryptWPABroadcastKey function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not verify the WPA broadcast key length, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.\n* CVE-2015-8725: The dissect_diameter_base_framed_ipv6_prefix function in epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the IPv6 prefix length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.\n* CVE-2015-8726: wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and Modulation and Coding Scheme (MCS) data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.\n* CVE-2015-8727: The dissect_rsvp_common function in epan/dissectors/packet-rsvp.c in the RSVP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not properly maintain request-key data, which allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet.\n* CVE-2015-8728: The Mobile Identity parser in (1) epan/dissectors/packet-ansi_a.c in the ANSI A dissector and (2) epan/dissectors/packet-gsm_a_common.c in the GSM A dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly uses the tvb_bcd_dig_to_wmem_packet_str function, which allows remote attackers to cause a denial of service (buffer overflow and application crash) via a crafted packet.\n* CVE-2015-8729: The ascend_seek function in wiretap/ascendtext.c in the Ascend file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not ensure the presence of a \u0027\\0\u0027 character at the end of a date string, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.\n* CVE-2015-8730: epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the number of items, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted packet.\n* CVE-2015-8731: The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not reject unknown TLV types, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.\n* CVE-2015-8732: The dissect_zcl_pwr_prof_pwrprofstatersp function in epan/dissectors/packet-zbee-zcl-general.c in the ZigBee ZCL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the Total Profile Number field, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.\n* CVE-2015-8733: The ngsniffer_process_record function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-DESKTOP-12-2016-76,SUSE-SLE-DESKTOP-12-SP1-2016-76,SUSE-SLE-SDK-12-2016-76,SUSE-SLE-SDK-12-SP1-2016-76,SUSE-SLE-SERVER-12-2016-76,SUSE-SLE-SERVER-12-SP1-2016-76",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_0109-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:0109-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20160109-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:0109-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-January/001797.html"
},
{
"category": "self",
"summary": "SUSE Bug 950437",
"url": "https://bugzilla.suse.com/950437"
},
{
"category": "self",
"summary": "SUSE Bug 960382",
"url": "https://bugzilla.suse.com/960382"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7830 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8711 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8711/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8712 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8712/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8713 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8713/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8714 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8714/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8715 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8715/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8716 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8716/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8717 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8717/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8718 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8719 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8719/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8720 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8720/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8721 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8721/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8722 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8722/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8723 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8723/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8724 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8724/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8725 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8725/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8726 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8726/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8727 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8727/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8728 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8728/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8729 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8729/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8730 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8730/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8731 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8731/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8732 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8732/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8733 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8733/"
}
],
"title": "Security update for wireshark",
"tracking": {
"current_release_date": "2016-01-13T14:18:25Z",
"generator": {
"date": "2016-01-13T14:18:25Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:0109-1",
"initial_release_date": "2016-01-13T14:18:25Z",
"revision_history": [
{
"date": "2016-01-13T14:18:25Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "wireshark-devel-1.12.9-22.1.ppc64le",
"product": {
"name": "wireshark-devel-1.12.9-22.1.ppc64le",
"product_id": "wireshark-devel-1.12.9-22.1.ppc64le"
}
},
{
"category": "product_version",
"name": "wireshark-1.12.9-22.1.ppc64le",
"product": {
"name": "wireshark-1.12.9-22.1.ppc64le",
"product_id": "wireshark-1.12.9-22.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "wireshark-devel-1.12.9-22.1.s390x",
"product": {
"name": "wireshark-devel-1.12.9-22.1.s390x",
"product_id": "wireshark-devel-1.12.9-22.1.s390x"
}
},
{
"category": "product_version",
"name": "wireshark-1.12.9-22.1.s390x",
"product": {
"name": "wireshark-1.12.9-22.1.s390x",
"product_id": "wireshark-1.12.9-22.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "wireshark-1.12.9-22.1.x86_64",
"product": {
"name": "wireshark-1.12.9-22.1.x86_64",
"product_id": "wireshark-1.12.9-22.1.x86_64"
}
},
{
"category": "product_version",
"name": "wireshark-devel-1.12.9-22.1.x86_64",
"product": {
"name": "wireshark-devel-1.12.9-22.1.x86_64",
"product_id": "wireshark-devel-1.12.9-22.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12",
"product": {
"name": "SUSE Linux Enterprise Desktop 12",
"product_id": "SUSE Linux Enterprise Desktop 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12",
"product_id": "SUSE Linux Enterprise Software Development Kit 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12 SP1",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12",
"product": {
"name": "SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-22.1.x86_64 as component of SUSE Linux Enterprise Desktop 12",
"product_id": "SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64"
},
"product_reference": "wireshark-1.12.9-22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-22.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64"
},
"product_reference": "wireshark-1.12.9-22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-devel-1.12.9-22.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12",
"product_id": "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le"
},
"product_reference": "wireshark-devel-1.12.9-22.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-devel-1.12.9-22.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12",
"product_id": "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x"
},
"product_reference": "wireshark-devel-1.12.9-22.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-devel-1.12.9-22.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12",
"product_id": "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
},
"product_reference": "wireshark-devel-1.12.9-22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-devel-1.12.9-22.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP1",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le"
},
"product_reference": "wireshark-devel-1.12.9-22.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-devel-1.12.9-22.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP1",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x"
},
"product_reference": "wireshark-devel-1.12.9-22.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-devel-1.12.9-22.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP1",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64"
},
"product_reference": "wireshark-devel-1.12.9-22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-22.1.ppc64le as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le"
},
"product_reference": "wireshark-1.12.9-22.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-22.1.s390x as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x"
},
"product_reference": "wireshark-1.12.9-22.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-22.1.x86_64 as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64"
},
"product_reference": "wireshark-1.12.9-22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-22.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le"
},
"product_reference": "wireshark-1.12.9-22.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-22.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x"
},
"product_reference": "wireshark-1.12.9-22.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-22.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64"
},
"product_reference": "wireshark-1.12.9-22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-22.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le"
},
"product_reference": "wireshark-1.12.9-22.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-22.1.s390x as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x"
},
"product_reference": "wireshark-1.12.9-22.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-22.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64"
},
"product_reference": "wireshark-1.12.9-22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-22.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le"
},
"product_reference": "wireshark-1.12.9-22.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-22.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x"
},
"product_reference": "wireshark-1.12.9-22.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-1.12.9-22.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64"
},
"product_reference": "wireshark-1.12.9-22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-7830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7830"
}
],
"notes": [
{
"category": "general",
"text": "The pcapng_read_if_descr_block function in wiretap/pcapng.c in the pcapng parser in Wireshark 1.12.x before 1.12.8 uses too many levels of pointer indirection, which allows remote attackers to cause a denial of service (incorrect free and application crash) via a crafted packet that triggers interface-filter copying.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7830",
"url": "https://www.suse.com/security/cve/CVE-2015-7830"
},
{
"category": "external",
"summary": "SUSE Bug 950437 for CVE-2015-7830",
"url": "https://bugzilla.suse.com/950437"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-7830",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T14:18:25Z",
"details": "moderate"
}
],
"title": "CVE-2015-7830"
},
{
"cve": "CVE-2015-8711",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8711"
}
],
"notes": [
{
"category": "general",
"text": "epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate conversation data, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8711",
"url": "https://www.suse.com/security/cve/CVE-2015-8711"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8711",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T14:18:25Z",
"details": "moderate"
}
],
"title": "CVE-2015-8711"
},
{
"cve": "CVE-2015-8712",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8712"
}
],
"notes": [
{
"category": "general",
"text": "The dissect_hsdsch_channel_info function in epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not validate the number of PDUs, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8712",
"url": "https://www.suse.com/security/cve/CVE-2015-8712"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8712",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T14:18:25Z",
"details": "moderate"
}
],
"title": "CVE-2015-8712"
},
{
"cve": "CVE-2015-8713",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8713"
}
],
"notes": [
{
"category": "general",
"text": "epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not properly reserve memory for channel ID mappings, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8713",
"url": "https://www.suse.com/security/cve/CVE-2015-8713"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8713",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T14:18:25Z",
"details": "moderate"
}
],
"title": "CVE-2015-8713"
},
{
"cve": "CVE-2015-8714",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8714"
}
],
"notes": [
{
"category": "general",
"text": "The dissect_dcom_OBJREF function in epan/dissectors/packet-dcom.c in the DCOM dissector in Wireshark 1.12.x before 1.12.9 does not initialize a certain IPv4 data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8714",
"url": "https://www.suse.com/security/cve/CVE-2015-8714"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8714",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T14:18:25Z",
"details": "moderate"
}
],
"title": "CVE-2015-8714"
},
{
"cve": "CVE-2015-8715",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8715"
}
],
"notes": [
{
"category": "general",
"text": "epan/dissectors/packet-alljoyn.c in the AllJoyn dissector in Wireshark 1.12.x before 1.12.9 does not check for empty arguments, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8715",
"url": "https://www.suse.com/security/cve/CVE-2015-8715"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8715",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T14:18:25Z",
"details": "moderate"
}
],
"title": "CVE-2015-8715"
},
{
"cve": "CVE-2015-8716",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8716"
}
],
"notes": [
{
"category": "general",
"text": "The init_t38_info_conv function in epan/dissectors/packet-t38.c in the T.38 dissector in Wireshark 1.12.x before 1.12.9 does not ensure that a conversation exists, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8716",
"url": "https://www.suse.com/security/cve/CVE-2015-8716"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8716",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T14:18:25Z",
"details": "moderate"
}
],
"title": "CVE-2015-8716"
},
{
"cve": "CVE-2015-8717",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8717"
}
],
"notes": [
{
"category": "general",
"text": "The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.12.x before 1.12.9 does not prevent use of a negative media count, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8717",
"url": "https://www.suse.com/security/cve/CVE-2015-8717"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8717",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T14:18:25Z",
"details": "moderate"
}
],
"title": "CVE-2015-8717"
},
{
"cve": "CVE-2015-8718",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8718"
}
],
"notes": [
{
"category": "general",
"text": "Double free vulnerability in epan/dissectors/packet-nlm.c in the NLM dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1, when the \"Match MSG/RES packets for async NLM\" option is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8718",
"url": "https://www.suse.com/security/cve/CVE-2015-8718"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8718",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T14:18:25Z",
"details": "moderate"
}
],
"title": "CVE-2015-8718"
},
{
"cve": "CVE-2015-8719",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8719"
}
],
"notes": [
{
"category": "general",
"text": "The dissect_dns_answer function in epan/dissectors/packet-dns.c in the DNS dissector in Wireshark 1.12.x before 1.12.9 mishandles the EDNS0 Client Subnet option, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8719",
"url": "https://www.suse.com/security/cve/CVE-2015-8719"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8719",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T14:18:25Z",
"details": "moderate"
}
],
"title": "CVE-2015-8719"
},
{
"cve": "CVE-2015-8720",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8720"
}
],
"notes": [
{
"category": "general",
"text": "The dissect_ber_GeneralizedTime function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly checks an sscanf return value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8720",
"url": "https://www.suse.com/security/cve/CVE-2015-8720"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8720",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T14:18:25Z",
"details": "moderate"
}
],
"title": "CVE-2015-8720"
},
{
"cve": "CVE-2015-8721",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8721"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the tvb_uncompress function in epan/tvbuff_zlib.c in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet with zlib compression.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8721",
"url": "https://www.suse.com/security/cve/CVE-2015-8721"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8721",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T14:18:25Z",
"details": "moderate"
}
],
"title": "CVE-2015-8721"
},
{
"cve": "CVE-2015-8722",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8722"
}
],
"notes": [
{
"category": "general",
"text": "epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the frame pointer, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8722",
"url": "https://www.suse.com/security/cve/CVE-2015-8722"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8722",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T14:18:25Z",
"details": "moderate"
}
],
"title": "CVE-2015-8722"
},
{
"cve": "CVE-2015-8723",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8723"
}
],
"notes": [
{
"category": "general",
"text": "The AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationship between the total length and the capture length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8723",
"url": "https://www.suse.com/security/cve/CVE-2015-8723"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8723",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T14:18:25Z",
"details": "moderate"
}
],
"title": "CVE-2015-8723"
},
{
"cve": "CVE-2015-8724",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8724"
}
],
"notes": [
{
"category": "general",
"text": "The AirPDcapDecryptWPABroadcastKey function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not verify the WPA broadcast key length, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8724",
"url": "https://www.suse.com/security/cve/CVE-2015-8724"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8724",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T14:18:25Z",
"details": "moderate"
}
],
"title": "CVE-2015-8724"
},
{
"cve": "CVE-2015-8725",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8725"
}
],
"notes": [
{
"category": "general",
"text": "The dissect_diameter_base_framed_ipv6_prefix function in epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the IPv6 prefix length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8725",
"url": "https://www.suse.com/security/cve/CVE-2015-8725"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8725",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T14:18:25Z",
"details": "moderate"
}
],
"title": "CVE-2015-8725"
},
{
"cve": "CVE-2015-8726",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8726"
}
],
"notes": [
{
"category": "general",
"text": "wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and Modulation and Coding Scheme (MCS) data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8726",
"url": "https://www.suse.com/security/cve/CVE-2015-8726"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8726",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T14:18:25Z",
"details": "moderate"
}
],
"title": "CVE-2015-8726"
},
{
"cve": "CVE-2015-8727",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8727"
}
],
"notes": [
{
"category": "general",
"text": "The dissect_rsvp_common function in epan/dissectors/packet-rsvp.c in the RSVP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not properly maintain request-key data, which allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8727",
"url": "https://www.suse.com/security/cve/CVE-2015-8727"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8727",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T14:18:25Z",
"details": "moderate"
}
],
"title": "CVE-2015-8727"
},
{
"cve": "CVE-2015-8728",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8728"
}
],
"notes": [
{
"category": "general",
"text": "The Mobile Identity parser in (1) epan/dissectors/packet-ansi_a.c in the ANSI A dissector and (2) epan/dissectors/packet-gsm_a_common.c in the GSM A dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly uses the tvb_bcd_dig_to_wmem_packet_str function, which allows remote attackers to cause a denial of service (buffer overflow and application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8728",
"url": "https://www.suse.com/security/cve/CVE-2015-8728"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8728",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T14:18:25Z",
"details": "moderate"
}
],
"title": "CVE-2015-8728"
},
{
"cve": "CVE-2015-8729",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8729"
}
],
"notes": [
{
"category": "general",
"text": "The ascend_seek function in wiretap/ascendtext.c in the Ascend file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not ensure the presence of a \u0027\\0\u0027 character at the end of a date string, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8729",
"url": "https://www.suse.com/security/cve/CVE-2015-8729"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8729",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T14:18:25Z",
"details": "moderate"
}
],
"title": "CVE-2015-8729"
},
{
"cve": "CVE-2015-8730",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8730"
}
],
"notes": [
{
"category": "general",
"text": "epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the number of items, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8730",
"url": "https://www.suse.com/security/cve/CVE-2015-8730"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8730",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T14:18:25Z",
"details": "moderate"
}
],
"title": "CVE-2015-8730"
},
{
"cve": "CVE-2015-8731",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8731"
}
],
"notes": [
{
"category": "general",
"text": "The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not reject unknown TLV types, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8731",
"url": "https://www.suse.com/security/cve/CVE-2015-8731"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8731",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T14:18:25Z",
"details": "moderate"
}
],
"title": "CVE-2015-8731"
},
{
"cve": "CVE-2015-8732",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8732"
}
],
"notes": [
{
"category": "general",
"text": "The dissect_zcl_pwr_prof_pwrprofstatersp function in epan/dissectors/packet-zbee-zcl-general.c in the ZigBee ZCL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the Total Profile Number field, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8732",
"url": "https://www.suse.com/security/cve/CVE-2015-8732"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8732",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T14:18:25Z",
"details": "moderate"
}
],
"title": "CVE-2015-8732"
},
{
"cve": "CVE-2015-8733",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8733"
}
],
"notes": [
{
"category": "general",
"text": "The ngsniffer_process_record function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8733",
"url": "https://www.suse.com/security/cve/CVE-2015-8733"
},
{
"category": "external",
"summary": "SUSE Bug 960382 for CVE-2015-8733",
"url": "https://bugzilla.suse.com/960382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Desktop 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:wireshark-devel-1.12.9-22.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.12.9-22.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T14:18:25Z",
"details": "moderate"
}
],
"title": "CVE-2015-8733"
}
]
}
CERTFR-2017-AVI-481
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans F5 BIG-IP. Elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| F5 | BIG-IP | BIG-IP (AFM) versions 12.0.0 à 12.1.2 | ||
| F5 | BIG-IP | BIG-IP (PSM) version 11.4.0 à 11.4.1 | ||
| F5 | BIG-IP | BIG-IP (AFM) version 13.0.0 | ||
| F5 | BIG-IP | BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe) version 13.0.0 | ||
| F5 | BIG-IP | BIG-IP (APM) version 12.1.2 | ||
| F5 | BIG-IP | BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, WebSafe) versions 11.4.0 à 11.6.2 | ||
| F5 | BIG-IP | BIG-IP (APM) version 13.0.0 | ||
| F5 | BIG-IP | BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, WebSafe) versions 12.1.0 à 12.1.2 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "BIG-IP (AFM) versions 12.0.0 \u00e0 12.1.2",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "BIG-IP (PSM) version 11.4.0 \u00e0 11.4.1",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "BIG-IP (AFM) version 13.0.0",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe) version 13.0.0",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "BIG-IP (APM) version 12.1.2",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, WebSafe) versions 11.4.0 \u00e0 11.6.2",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "BIG-IP (APM) version 13.0.0",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, WebSafe) versions 12.1.0 \u00e0 12.1.2",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-6151",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6151"
},
{
"name": "CVE-2017-6139",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6139"
},
{
"name": "CVE-2015-8725",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8725"
},
{
"name": "CVE-2017-6167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6167"
},
{
"name": "CVE-2017-6136",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6136"
},
{
"name": "CVE-2015-8733",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8733"
},
{
"name": "CVE-2017-6132",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6132"
},
{
"name": "CVE-2015-8718",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8718"
},
{
"name": "CVE-2017-6133",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6133"
},
{
"name": "CVE-2015-8716",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8716"
},
{
"name": "CVE-2015-8714",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8714"
},
{
"name": "CVE-2017-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6129"
},
{
"name": "CVE-2015-8730",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8730"
},
{
"name": "CVE-2017-6138",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6138"
},
{
"name": "CVE-2017-6135",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6135"
},
{
"name": "CVE-2015-8717",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8717"
},
{
"name": "CVE-2017-0304",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0304"
},
{
"name": "CVE-2016-2523",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2523"
},
{
"name": "CVE-2017-6146",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6146"
},
{
"name": "CVE-2016-4006",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4006"
},
{
"name": "CVE-2015-8711",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8711"
},
{
"name": "CVE-2016-4085",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4085"
},
{
"name": "CVE-2015-8729",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8729"
},
{
"name": "CVE-2015-8723",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8723"
},
{
"name": "CVE-2017-6164",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6164"
},
{
"name": "CVE-2016-4080",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4080"
},
{
"name": "CVE-2016-4078",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4078"
},
{
"name": "CVE-2016-4079",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4079"
},
{
"name": "CVE-2017-6134",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6134"
},
{
"name": "CVE-2016-4081",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4081"
},
{
"name": "CVE-2015-8720",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8720"
},
{
"name": "CVE-2015-8721",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8721"
}
],
"initial_release_date": "2017-12-21T00:00:00",
"last_revision_date": "2017-12-21T00:00:00",
"links": [],
"reference": "CERTFR-2017-AVI-481",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2017-12-21T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans F5 BIG-IP. Elles\npermettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance,\nune atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans F5 BIG-IP",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 F5 K12044607 du 20 d\u00e9cembre 2017",
"url": "https://support.f5.com/csp/article/K12044607"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 F5 K81137982 du 20 d\u00e9cembre 2017",
"url": "https://support.f5.com/csp/article/K81137982"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 F5 K37404773 du 20 d\u00e9cembre 2017",
"url": "https://support.f5.com/csp/article/K37404773"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 F5 K20087443 du 20 d\u00e9cembre 2017",
"url": "https://support.f5.com/csp/article/K20087443"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 F5 K42644206 du 20 d\u00e9cembre 2017",
"url": "https://support.f5.com/csp/article/K42644206"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 F5 K25033460 du 20 d\u00e9cembre 2017",
"url": "https://support.f5.com/csp/article/K25033460"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 F5 K07369970 du 20 d\u00e9cembre 2017",
"url": "https://support.f5.com/csp/article/K07369970"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 F5 K24465120 du 20 d\u00e9cembre 2017",
"url": "https://support.f5.com/csp/article/K24465120"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 F5 K34514540 du 20 d\u00e9cembre 2017",
"url": "https://support.f5.com/csp/article/K34514540"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 F5 K01837042 du 20 d\u00e9cembre 2017",
"url": "https://support.f5.com/csp/article/K01837042"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 F5 K02714910 du 20 d\u00e9cembre 2017",
"url": "https://support.f5.com/csp/article/K02714910"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 F5 K39428424 du 20 d\u00e9cembre 2017",
"url": "https://support.f5.com/csp/article/K39428424"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 F5 K45432295 du 20 d\u00e9cembre 2017",
"url": "https://support.f5.com/csp/article/K45432295"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 F5 K43322910 du 20 d\u00e9cembre 2017",
"url": "https://support.f5.com/csp/article/K43322910"
}
]
}
gsd-2015-8717
Vulnerability from gsd
Modified
2023-12-13 01:20
Details
The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.12.x before 1.12.9 does not prevent use of a negative media count, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2015-8717",
"description": "The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.12.x before 1.12.9 does not prevent use of a negative media count, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.",
"id": "GSD-2015-8717",
"references": [
"https://www.suse.com/security/cve/CVE-2015-8717.html",
"https://www.debian.org/security/2016/dsa-3505"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2015-8717"
],
"details": "The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.12.x before 1.12.9 does not prevent use of a negative media count, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.",
"id": "GSD-2015-8717",
"modified": "2023-12-13T01:20:03.532286Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8717",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.12.x before 1.12.9 does not prevent use of a negative media count, which allows remote attackers to cause a denial of service (application crash) via a crafted packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3505",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3505"
},
{
"name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2ddd92b6f8f587325b9e14598658626f3a007c5c",
"refsource": "CONFIRM",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2ddd92b6f8f587325b9e14598658626f3a007c5c"
},
{
"name": "79816",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/79816"
},
{
"name": "GLSA-201604-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201604-05"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9887",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9887"
},
{
"name": "1034551",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034551"
},
{
"name": "http://www.wireshark.org/security/wnpa-sec-2015-36.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2015-36.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:1.12.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:1.12.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:1.12.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:1.12.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:1.12.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:1.12.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:1.12.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:1.12.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wireshark:wireshark:1.12.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8717"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.12.x before 1.12.9 does not prevent use of a negative media count, which allows remote attackers to cause a denial of service (application crash) via a crafted packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9887",
"refsource": "CONFIRM",
"tags": [],
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9887"
},
{
"name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2ddd92b6f8f587325b9e14598658626f3a007c5c",
"refsource": "CONFIRM",
"tags": [],
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2ddd92b6f8f587325b9e14598658626f3a007c5c"
},
{
"name": "http://www.wireshark.org/security/wnpa-sec-2015-36.html",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "http://www.wireshark.org/security/wnpa-sec-2015-36.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html",
"refsource": "CONFIRM",
"tags": [],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"name": "79816",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/79816"
},
{
"name": "GLSA-201604-05",
"refsource": "GENTOO",
"tags": [],
"url": "https://security.gentoo.org/glsa/201604-05"
},
{
"name": "DSA-3505",
"refsource": "DEBIAN",
"tags": [],
"url": "http://www.debian.org/security/2016/dsa-3505"
},
{
"name": "1034551",
"refsource": "SECTRACK",
"tags": [],
"url": "http://www.securitytracker.com/id/1034551"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": true
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
},
"lastModifiedDate": "2016-12-07T18:29Z",
"publishedDate": "2016-01-04T05:59Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…