Shodan
Vulnerabilities
Vulnerable Software
Wireshark:  >> Wireshark  >> 2.4.0  Security Vulnerabilities
CVE-2018-19622
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-mmse.c by preventing length overflows.
CVSS Score
7.5
EPSS Score
0.014
Published
2018-11-29
CVE-2018-19623
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the LBMPDM dissector could crash. In addition, a remote attacker could write arbitrary data to any memory locations before the packet-scoped memory. This was addressed in epan/dissectors/packet-lbmpdm.c by disallowing certain negative values.
CVSS Score
7.5
EPSS Score
0.022
Published
2018-11-29
CVE-2018-19624
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the PVFS dissector could crash. This was addressed in epan/dissectors/packet-pvfs2.c by preventing a NULL pointer dereference.
CVSS Score
5.5
EPSS Score
0.003
Published
2018-11-29
CVE-2018-19625
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the dissection engine could crash. This was addressed in epan/tvbuff_composite.c by preventing a heap-based buffer over-read.
CVSS Score
5.5
EPSS Score
0.003
Published
2018-11-29
CVE-2018-19626
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the DCOM dissector could crash. This was addressed in epan/dissectors/packet-dcom.c by adding '\0' termination.
CVSS Score
5.5
EPSS Score
0.003
Published
2018-11-29
CVE-2018-19627
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the IxVeriWave file parser could crash. This was addressed in wiretap/vwr.c by adjusting a buffer boundary.
CVSS Score
7.5
EPSS Score
0.213
Published
2018-11-29
CVE-2018-18227
In Wireshark 2.6.0 to 2.6.3 and 2.4.0 to 2.4.9, the MS-WSP protocol dissector could crash. This was addressed in epan/dissectors/packet-mswsp.c by properly handling NULL return values.
CVSS Score
7.5
EPSS Score
0.019
Published
2018-10-12
CVE-2018-16056
In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth Attribute Protocol dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by verifying that a dissector for a specific UUID exists.
CVSS Score
7.5
EPSS Score
0.009
Published
2018-08-30
CVE-2018-16057
In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Radiotap dissector could crash. This was addressed in epan/dissectors/packet-ieee80211-radiotap-iter.c by validating iterator operations.
CVSS Score
7.5
EPSS Score
0.011
Published
2018-08-30
CVE-2018-16058
In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth AVDTP dissector could crash. This was addressed in epan/dissectors/packet-btavdtp.c by properly initializing a data structure.
CVSS Score
7.5
EPSS Score
0.013
Published
2018-08-30


Products
Pricing
Contact Us

Shodan ® - All rights reserved