Project

General

Profile

Bug #7377

Bug #7375: wireshark: Multiple vulnerabilities (CVE-2017-9343, CVE-2017-9344, CVE-2017-9345, CVE-2017-9346, CVE-2017-9347, CVE-2017-9348, CVE-2017-9349, CVE-2017-9350, CVE-2017-9351, CVE-2017-9352, CVE-2017-9353, CVE-2017-9354)

[3.6] wireshark: Multiple vulnerabilities (CVE-2017-9343, CVE-2017-9344, CVE-2017-9345, CVE-2017-9346, CVE-2017-9347, CVE-2017-9348, CVE-2017-9349, CVE-2017-9350, CVE-2017-9351, CVE-2017-9352, CVE-2017-9353, CVE-2017-9354)

Added by Alicha CH almost 2 years ago. Updated almost 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Security
Target version:
Start date:
06/05/2017
Due date:
% Done:

100%

Estimated time:
Affected versions:
Security IDs:

Description

CVE-2017-9343: MSNIP dissector crash

Affected versions: 2.2.0 to 2.2.6, 2.0.0 to 2.0.12

Fixed versions: 2.2.7, 2.0.13

Reference:

https://www.wireshark.org/security/wnpa-sec-2017-30.html

CVE-2017-9344: BT L2CAP dissector divide by zero

Affected versions: 2.2.0 to 2.2.6, 2.0.0 to 2.0.12

Fixed versions: 2.2.7, 2.0.13

Reference:

https://www.wireshark.org/security/wnpa-sec-2017-29.html

CVE-2017-9345: DNS dissector infinite loop

Affected versions: 2.2.0 to 2.2.6, 2.0.0 to 2.0.12

Fixed versions: 2.2.7, 2.0.13

Reference:

https://www.wireshark.org/security/wnpa-sec-2017-26.html

CVE-2017-9346: SoulSeek dissector infinite loop

Affected versions: 2.2.0 to 2.2.6, 2.0.0 to 2.0.12

Fixed versions: 2.2.7, 2.0.13

Reference:

https://www.wireshark.org/security/wnpa-sec-2017-25.html

CVE-2017-9347: ROS dissector crash

Affected versions: 2.2.0 to 2.2.12

Fixed versions: 2.2.7

Reference:

https://www.wireshark.org/security/wnpa-sec-2017-31.html

CVE-2017-9348: DOF dissector read overflow

Affected versions: 2.2.0 to 2.2.12

Fixed versions: 2.2.7

References:

https://www.wireshark.org/security/wnpa-sec-2017-23.html

CVE-2017-9349: DICOM dissector infinite loop

Affected versions: 2.2.0 to 2.2.6, 2.0.0 to 2.0.12

Fixed versions: 2.2.7, 2.0.13

Reference:

https://www.wireshark.org/security/wnpa-sec-2017-27.html

CVE-2017-9350: openSAFETY dissector memory exhaustion

Affected versions: 2.2.0 to 2.2.6, 2.0.0 to 2.0.12

Fixed versions: 2.2.7, 2.0.13

Reference:

https://www.wireshark.org/security/wnpa-sec-2017-28.html

CVE-2017-9351: DHCP dissector read overflow

Affected versions: 2.2.0 to 2.2.6, 2.0.0 to 2.0.12

Fixed versions: 2.2.7, 2.0.13

Reference:

https://www.wireshark.org/security/wnpa-sec-2017-24.html

CVE-2017-9352: Bazaar dissector infinite loop

Affected versions: 2.2.0 to 2.2.6, 2.0.0 to 2.0.12

Fixed versions: 2.2.7, 2.0.13

Reference:

https://www.wireshark.org/security/wnpa-sec-2017-22.html

CVE-2017-9353: IPv6 dissector crash

Affected versions: 2.2.0 to 2.2.6

Fixed versions: 2.2.7

Reference:

https://www.wireshark.org/security/wnpa-sec-2017-33.html

CVE-2017-9354: RGMP dissector crash

Affected versions: 2.2.0 to 2.2.6, 2.0.0 to 2.0.12

Fixed versions: 2.2.7, 2.0.13

Reference:

https://www.wireshark.org/security/wnpa-sec-2017-32.html

History

#1 Updated by Leonardo Arena almost 2 years ago

  • Status changed from New to Resolved
  • % Done changed from 0 to 100

Fixed with commit e60cdc58fdbbe1c315e9327497e04e61dd8bd4b4

#2 Updated by Alicha CH almost 2 years ago

  • Category set to Security
  • Status changed from Resolved to Closed

Also available in: Atom PDF