Shodan
Vulnerabilities
Vulnerable Software
Wireshark:  >> Wireshark  >> 2.2.5  Security Vulnerabilities
CVE-2018-9272
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-h223.c has a memory leak.
CVSS Score
7.5
EPSS Score
0.002
Published
2018-04-04
CVE-2018-9273
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-pcp.c has a memory leak.
CVSS Score
7.5
EPSS Score
0.005
Published
2018-04-04
CVE-2018-9274
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, ui/failure_message.c has a memory leak.
CVSS Score
7.5
EPSS Score
0.003
Published
2018-04-04
CVE-2018-9256
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the LWAPP dissector could crash. This was addressed in epan/dissectors/packet-lwapp.c by limiting the encapsulation levels to restrict the recursion depth.
CVSS Score
7.5
EPSS Score
0.004
Published
2018-04-04
CVE-2018-9259
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the MP4 dissector could crash. This was addressed in epan/dissectors/file-mp4.c by restricting the box recursion depth.
CVSS Score
7.5
EPSS Score
0.005
Published
2018-04-04
CVE-2018-9260
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the IEEE 802.15.4 dissector could crash. This was addressed in epan/dissectors/packet-ieee802154.c by ensuring that an allocation step occurs.
CVSS Score
7.5
EPSS Score
0.004
Published
2018-04-04
CVE-2018-9261
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the NBAP dissector could crash with a large loop that ends with a heap-based buffer overflow. This was addressed in epan/dissectors/packet-nbap.c by prohibiting the self-linking of DCH-IDs.
CVSS Score
7.5
EPSS Score
0.005
Published
2018-04-04
CVE-2018-9262
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the VLAN dissector could crash. This was addressed in epan/dissectors/packet-vlan.c by limiting VLAN tag nesting to restrict the recursion depth.
CVSS Score
7.5
EPSS Score
0.006
Published
2018-04-04
CVE-2018-9263
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the Kerberos dissector could crash. This was addressed in epan/dissectors/packet-kerberos.c by ensuring a nonzero key length.
CVSS Score
7.5
EPSS Score
0.004
Published
2018-04-04
CVE-2018-9264
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the ADB dissector could crash with a heap-based buffer overflow. This was addressed in epan/dissectors/packet-adb.c by checking for a length inconsistency.
CVSS Score
7.5
EPSS Score
0.005
Published
2018-04-04


Products
Pricing
Contact Us

Shodan ® - All rights reserved