[3.6] wireshark: Multiple issues (CVE-2017-6467, CVE-2017-6468, CVE-2017-6469, CVE-2017-6470, CVE-2017-6471, CVE-2017-6472, CVE-2017-6473, CVE-2017-6474)
CVE-2017-6467: NetScaler file parser infinite loop
Affected versions: 2.2.0 to 2.2.4, 2.0.0 to 2.0.10
Fixed versions: 2.2.5, 2.0.11
References:
https://www.wireshark.org/security/wnpa-sec-2017-11.html
CVE-2017-6468: NetScaler file parser crash
Affected versions: 2.2.0 to 2.2.4, 2.0.0 to 2.0.10
Fixed versions: 2.2.5, 2.0.11
References:
https://www.wireshark.org/security/wnpa-sec-2017-08.html
CVE-2017-6469: LDSS dissector crash
Affected versions: 2.2.0 to 2.2.4, 2.0.0 to 2.0.10
Fixed In Version: wireshark 2.2.5, wireshark 2.0.11
References:
https://www.wireshark.org/security/wnpa-sec-2017-03.html
CVE-2017-6470: IAX2 infinite loop
Affected versions: 2.2.0 to 2.2.4, 2.0.0 to 2.0.10
Fixed In Version: wireshark 2.2.5, wireshark 2.0.11
References:
https://www.wireshark.org/security/wnpa-sec-2017-10.html
CVE-2017-6471: WSP infinite loop
Affected versions: 2.2.0 to 2.2.4, 2.0.0 to 2.0.10
Fixed versions: 2.2.5, 2.0.11
References:
https://www.wireshark.org/security/wnpa-sec-2017-05.html
CVE-2017-6472: RTMPT dissector infinite loop
Affected versions: 2.2.0 to 2.2.4, 2.0.0 to 2.0.10
Fixed versions: 2.2.5, 2.0.11
References:
https://www.wireshark.org/security/wnpa-sec-2017-04.html
CVE-2017-6473: K12 file parser crash
Affected versions: 2.2.0 to 2.2.4, 2.0.0 to 2.0.10
Fixed versions: 2.2.5, 2.0.11
References:
https://www.wireshark.org/security/wnpa-sec-2017-09.html
CVE-2017-6474: NetScaler file parser infinite loop
Affected versions: 2.2.0 to 2.2.4, 2.0.0 to 2.0.10
Fixed versions: 2.2.5, 2.0.11
References:
https://www.wireshark.org/security/wnpa-sec-2017-07.html
wnpa-sec-2017-06: STANAG 4607 file parser infinite loop
Affected versions: 2.2.0 to 2.2.4, 2.0.0 to 2.0.10
Fixed versions: 2.2.5, 2.0.11
References:
https://www.wireshark.org/security/wnpa-sec-2017-06.html
(from redmine: issue id 7026, created on 2017-03-17, closed on 2017-03-28)
- Relations:
- parent #7025 (closed)
- Changesets:
- Revision 441bebab by Sergei Lukin on 2017-03-17T15:07:11Z:
main/wireshark: security upgrade to 2.2.5 - fixes #7026
CVE-2017-6467: NetScaler file parser infinite loop
CVE-2017-6468: NetScaler file parser crash
CVE-2017-6469: LDSS dissector crash
CVE-2017-6470: IAX2 infinite loop
CVE-2017-6471: WSP infinite loop
CVE-2017-6472: RTMPT dissector infinite loop
CVE-2017-6473: K12 file parser crash
CVE-2017-6474: NetScaler file parser infinite loop
wnpa-sec-2017-06: STANAG 4607 file parser infinite loop