Shodan
Vulnerabilities
Vulnerable Software
Wireshark:  Security Vulnerabilities
CVE-2018-7417
In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the IPMI dissector could crash. This was addressed in epan/dissectors/packet-ipmi-picmg.c by adding support for crafted packets that lack an IPMI header.
CVSS Score
7.5
EPSS Score
0.004
Published
2018-02-23
CVE-2018-7418
In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the SIGCOMP dissector could crash. This was addressed in epan/dissectors/packet-sigcomp.c by correcting the extraction of the length value.
CVSS Score
7.5
EPSS Score
0.01
Published
2018-02-23
CVE-2018-7419
In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the NBAP dissector could crash. This was addressed in epan/dissectors/asn1/nbap/nbap.cnf by ensuring DCH ID initialization.
CVSS Score
7.5
EPSS Score
0.02
Published
2018-02-23
CVE-2018-7420
In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the pcapng file parser could crash. This was addressed in wiretap/pcapng.c by adding a block-size check for sysdig event blocks.
CVSS Score
7.5
EPSS Score
0.02
Published
2018-02-23
CVE-2018-7421
In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the DMP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-dmp.c by correctly supporting a bounded number of Security Categories for a DMP Security Classification.
CVSS Score
7.5
EPSS Score
0.004
Published
2018-02-23
CVE-2018-7320
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the SIGCOMP protocol dissector could crash. This was addressed in epan/dissectors/packet-sigcomp.c by validating operand offsets.
CVSS Score
7.5
EPSS Score
0.007
Published
2018-02-23
CVE-2018-7321
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-thrift.c had a large loop that was addressed by not proceeding with dissection after encountering an unexpected type.
CVSS Score
7.5
EPSS Score
0.004
Published
2018-02-23
CVE-2018-7322
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-dcm.c had an infinite loop that was addressed by checking for integer wraparound.
CVSS Score
7.5
EPSS Score
0.005
Published
2018-02-23
CVE-2018-7323
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-wccp.c had a large loop that was addressed by ensuring that a calculated length was monotonically increasing.
CVSS Score
7.5
EPSS Score
0.005
Published
2018-02-23
CVE-2018-7324
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-sccp.c had an infinite loop that was addressed by using a correct integer data type.
CVSS Score
7.5
EPSS Score
0.005
Published
2018-02-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved