Shodan
Vulnerabilities
Vulnerable Software
Wireshark:  >> Wireshark  >> 2.0.7  Security Vulnerabilities
CVE-2017-9344
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bluetooth L2CAP dissector could divide by zero. This was addressed in epan/dissectors/packet-btl2cap.c by validating an interval value.
CVSS Score
7.5
EPSS Score
0.012
Published
2017-06-02
CVE-2017-9345
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DNS dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-dns.c by trying to detect self-referencing pointers.
CVSS Score
7.5
EPSS Score
0.007
Published
2017-06-02
CVE-2017-9346
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the SoulSeek dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-slsk.c by making loop bounds more explicit.
CVSS Score
7.5
EPSS Score
0.005
Published
2017-06-02
CVE-2017-9349
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DICOM dissector has an infinite loop. This was addressed in epan/dissectors/packet-dcm.c by validating a length value.
CVSS Score
7.5
EPSS Score
0.008
Published
2017-06-02
CVE-2017-9350
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the openSAFETY dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-opensafety.c by checking for a negative length.
CVSS Score
7.5
EPSS Score
0.013
Published
2017-06-02
CVE-2017-9351
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DHCP dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-bootp.c by extracting the Vendor Class Identifier more carefully.
CVSS Score
7.5
EPSS Score
0.008
Published
2017-06-02
CVE-2017-9352
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bazaar dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by ensuring that backwards parsing cannot occur.
CVSS Score
7.5
EPSS Score
0.005
Published
2017-06-02
CVE-2017-9354
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the RGMP dissector could crash. This was addressed in epan/dissectors/packet-rgmp.c by validating an IPv4 address.
CVSS Score
7.5
EPSS Score
0.008
Published
2017-06-02
CVE-2017-7700
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by ensuring a nonzero record size.
CVSS Score
6.5
EPSS Score
0.005
Published
2017-04-12
CVE-2017-7701
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the BGP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-bgp.c by using a different integer data type.
CVSS Score
7.5
EPSS Score
0.005
Published
2017-04-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved