The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Wireshark

vulnerability bulletin CVE-2018-12086 CVE-2018-18225 CVE-2018-18226

Wireshark: four vulnerabilities

Synthesis of the vulnerability

Impacted products: Debian, Fedora, openSUSE Leap, Solaris, SUSE Linux Enterprise Desktop, SLES, Wireshark.
Severity: 2/4.
Consequences: client access/rights, denial of service on service.
Provenance: intranet client.
Confidence: confirmed by the editor (5/5).
Creation date: 12/10/2018.
Identifiers: bulletinoct2018, CERTFR-2018-AVI-488, CVE-2018-12086, CVE-2018-18225, CVE-2018-18226, CVE-2018-18227, DSA-4359-1, FEDORA-2018-89413a04e0, openSUSE-SU-2018:3368-1, SUSE-SU-2018:3282-1, SUSE-SU-2018:3590-1, SUSE-SU-2018:3590-2, VIGILANCE-VUL-27493, wnpa-sec-2018-47, wnpa-sec-2018-48, wnpa-sec-2018-49, wnpa-sec-2018-50.

Description of the vulnerability

An attacker can use several vulnerabilities of Wireshark.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability note CVE-2018-16056 CVE-2018-16057 CVE-2018-16058

Wireshark: three vulnerabilities

Synthesis of the vulnerability

Impacted products: Debian, Fedora, openSUSE Leap, SUSE Linux Enterprise Desktop, SLES, WindRiver Linux, Wireshark.
Severity: 2/4.
Consequences: denial of service on client.
Provenance: document.
Confidence: confirmed by the editor (5/5).
Creation date: 30/08/2018.
Identifiers: CERTFR-2018-AVI-417, CVE-2018-16056, CVE-2018-16057, CVE-2018-16058, DLA-1634-1, DSA-4315-1, FEDORA-2018-89413a04e0, FEDORA-2018-b7a58187ba, openSUSE-SU-2018:2587-1, openSUSE-SU-2018:2628-1, SUSE-SU-2018:2872-1, SUSE-SU-2018:2889-1, SUSE-SU-2018:2891-1, VIGILANCE-VUL-27109, wnpa-sec-2018-44, wnpa-sec-2018-45, wnpa-sec-2018-46.

Description of the vulnerability

An attacker can use several vulnerabilities of Wireshark.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability note CVE-2018-14339 CVE-2018-14340 CVE-2018-14341

Wireshark: multiple vulnerabilities

Synthesis of the vulnerability

Impacted products: Debian, Fedora, openSUSE Leap, Solaris, SUSE Linux Enterprise Desktop, SLES, Wireshark.
Severity: 2/4.
Consequences: user access/rights, data reading, denial of service on client.
Provenance: internet client.
Confidence: confirmed by the editor (5/5).
Creation date: 19/07/2018.
Identifiers: bulletinjul2018, CERTFR-2018-AVI-354, CVE-2018-14339, CVE-2018-14340, CVE-2018-14341, CVE-2018-14342, CVE-2018-14343, CVE-2018-14344, CVE-2018-14364, CVE-2018-14367, CVE-2018-14368, CVE-2018-14369, CVE-2018-14370, DLA-1451-1, FEDORA-2018-9ef52861b5, FEDORA-2018-d56c428f9e, openSUSE-SU-2018:2184-1, openSUSE-SU-2018:2188-1, SUSE-SU-2018:2301-1, SUSE-SU-2018:2412-1, SUSE-SU-2018:2891-1, VIGILANCE-VUL-26799, wnpa-sec-2018-34, wnpa-sec-2018-35, wnpa-sec-2018-36, wnpa-sec-2018-37, wnpa-sec-2018-38, wnpa-sec-2018-39, wnpa-sec-2018-40, wnpa-sec-2018-41, wnpa-sec-2018-42, wnpa-sec-2018-43.

Description of the vulnerability

An attacker can use several vulnerabilities of Wireshark.
Complete Vigil@nce bulletin.... (Free trial)

vulnerability note CVE-2018-11354 CVE-2018-11355 CVE-2018-11356

Wireshark: multiple vulnerabilities

Synthesis of the vulnerability

Impacted products: Debian, Fedora, openSUSE Leap, Solaris, SUSE Linux Enterprise Desktop, SLES, Wireshark.
Severity: 2/4.
Consequences: unknown consequence, administrator access/rights, privileged access/rights, user access/rights, client access/rights, data reading, data creation/edition, data deletion, data flow, denial of service on server, denial of service on service, denial of service on client, disguisement.
Provenance: intranet client.
Confidence: confirmed by the editor (5/5).
Creation date: 23/05/2018.
Identifiers: bulletinapr2018, CERTFR-2018-AVI-251, CVE-2018-11354, CVE-2018-11355, CVE-2018-11356, CVE-2018-11357, CVE-2018-11358, CVE-2018-11359, CVE-2018-11360, CVE-2018-11361, CVE-2018-11362, DLA-1388-1, DLA-1634-1, DSA-4217-1, FEDORA-2018-3dfee621af, FEDORA-2018-d1cfa444d2, openSUSE-SU-2018:1428-1, SUSE-SU-2018:1988-1, SUSE-SU-2018:2412-1, SUSE-SU-2018:2891-1, VIGILANCE-VUL-26204, wnpa-sec-2018-25, wnpa-sec-2018-26, wnpa-sec-2018-27, wnpa-sec-2018-28, wnpa-sec-2018-29, wnpa-sec-2018-30, wnpa-sec-2018-31, wnpa-sec-2018-32, wnpa-sec-2018-33.

Description of the vulnerability

An attacker can use several vulnerabilities of Wireshark.
Complete Vigil@nce bulletin.... (Free trial)

vulnerability CVE-2018-9256 CVE-2018-9257 CVE-2018-9258

Wireshark: multiple vulnerabilities

Synthesis of the vulnerability

Impacted products: Debian, openSUSE Leap, Solaris, Wireshark.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: intranet client.
Confidence: confirmed by the editor (5/5).
Creation date: 04/04/2018.
Identifiers: bulletinapr2018, CERTFR-2018-AVI-166, CVE-2018-9256, CVE-2018-9257, CVE-2018-9258, CVE-2018-9259, CVE-2018-9260, CVE-2018-9261, CVE-2018-9262, CVE-2018-9263, CVE-2018-9264, CVE-2018-9265, CVE-2018-9266, CVE-2018-9267, CVE-2018-9268, CVE-2018-9269, CVE-2018-9270, CVE-2018-9271, CVE-2018-9272, CVE-2018-9273, CVE-2018-9274, DLA-1388-1, DLA-1634-1, DSA-4217-1, openSUSE-SU-2018:0899-1, VIGILANCE-VUL-25770, wnpa-sec-2018-15, wnpa-sec-2018-16, wnpa-sec-2018-17, wnpa-sec-2018-18, wnpa-sec-2018-19, wnpa-sec-2018-20, wnpa-sec-2018-21, wnpa-sec-2018-22, wnpa-sec-2018-23, wnpa-sec-2018-24.

Description of the vulnerability

An attacker can use several vulnerabilities of Wireshark.
Complete Vigil@nce bulletin.... (Free trial)

vulnerability CVE-2018-6836

Wireshark: use after free via netmonrec_comment_destroy

Synthesis of the vulnerability

Impacted products: Fedora, Wireshark.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Confidence: confirmed by the editor (5/5).
Creation date: 28/03/2018.
Identifiers: 14397, CVE-2018-6836, FEDORA-2018-cdf3f8e8b0, VIGILANCE-VUL-25670.

Description of the vulnerability

An attacker can force the usage of a freed memory area via netmonrec_comment_destroy() of Wireshark, in order to trigger a denial of service, and possibly to run code.
Complete Vigil@nce bulletin.... (Free trial)

vulnerability bulletin CVE-2018-7320 CVE-2018-7321 CVE-2018-7322

Wireshark: ten vulnerabilities of protocol dissectors

Synthesis of the vulnerability

Impacted products: Debian, BIG-IP Hardware, TMOS, Fedora, openSUSE Leap, Solaris, WindRiver Linux, Wireshark.
Severity: 2/4.
Consequences: denial of service on service, denial of service on client.
Provenance: document.
Confidence: confirmed by the editor (5/5).
Creation date: 26/02/2018.
Identifiers: bulletinjan2018, CERTFR-2018-AVI-100, CVE-2018-7320, CVE-2018-7321, CVE-2018-7322, CVE-2018-7323, CVE-2018-7324, CVE-2018-7325, CVE-2018-7326, CVE-2018-7327, CVE-2018-7328, CVE-2018-7329, CVE-2018-7330, CVE-2018-7331, CVE-2018-7332, CVE-2018-7333, CVE-2018-7334, CVE-2018-7335, CVE-2018-7336, CVE-2018-7337, CVE-2018-7417, CVE-2018-7418, CVE-2018-7419, CVE-2018-7420, CVE-2018-7421, DLA-1353-1, DLA-1634-1, DSA-4217-1, FEDORA-2018-cdf3f8e8b0, K34035645, openSUSE-SU-2018:0540-1, openSUSE-SU-2018:2188-1, VIGILANCE-VUL-25373, wnpa-sec-2018-05, wnpa-sec-2018-06, wnpa-sec-2018-07, wnpa-sec-2018-08, wnpa-sec-2018-09, wnpa-sec-2018-10, wnpa-sec-2018-11, wnpa-sec-2018-12, wnpa-sec-2018-13, wnpa-sec-2018-14.

Description of the vulnerability

An attacker can use several vulnerabilities of Wireshark.
Complete Vigil@nce bulletin.... (Free trial)

vulnerability alert CVE-2017-17997 CVE-2018-5334 CVE-2018-5335

Wireshark: four vulnerabilities

Synthesis of the vulnerability

Impacted products: Debian, Fedora, openSUSE Leap, Solaris, WindRiver Linux, Wireshark.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: intranet client.
Confidence: confirmed by the editor (5/5).
Creation date: 12/01/2018.
Identifiers: bulletinjan2018, CERTFR-2018-AVI-031, CVE-2017-17997, CVE-2018-5334, CVE-2018-5335, CVE-2018-5336, DLA-1258-1, DLA-1634-1, DSA-4101-1, FEDORA-2018-cdf3f8e8b0, openSUSE-SU-2018:0090-1, VIGILANCE-VUL-25031, wnpa-sec-2018-01, wnpa-sec-2018-02, wnpa-sec-2018-03, wnpa-sec-2018-04.

Description of the vulnerability

An attacker can use several vulnerabilities of Wireshark.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability CVE-2017-17997

Wireshark: NULL pointer dereference via MRDISC

Synthesis of the vulnerability

Impacted products: Debian, openSUSE Leap, Wireshark.
Severity: 2/4.
Consequences: denial of service on service, denial of service on client.
Provenance: intranet client.
Confidence: confirmed by the editor (5/5).
Creation date: 02/01/2018.
Identifiers: 14299, CVE-2017-17997, DLA-1634-1, openSUSE-SU-2018:0090-1, VIGILANCE-VUL-24915.

Description of the vulnerability

An attacker can force a NULL pointer to be dereferenced via MRDISC of Wireshark, in order to trigger a denial of service.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability bulletin CVE-2017-17935

Wireshark: out-of-bounds memory reading via File_read_line

Synthesis of the vulnerability

Impacted products: Debian, Fedora, Wireshark.
Severity: 2/4.
Consequences: data reading, denial of service on service, denial of service on client.
Provenance: internet client.
Confidence: confirmed by the editor (5/5).
Creation date: 28/12/2017.
Identifiers: 14295, CVE-2017-17935, DLA-1634-1, FEDORA-2018-8c3a01cc65, VIGILANCE-VUL-24898.

Description of the vulnerability

An attacker can force a read at an invalid address via File_read_line() of Wireshark, in order to trigger a denial of service, or to obtain sensitive information.
Complete Vigil@nce bulletin.... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Wireshark: