FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Wireshark -- Multiple vulnerabilities

Affected packages
wireshark < 1.8.2
wireshark-lite < 1.8.2
tshark < 1.8.2
tshark-lite < 1.8.2

Details

VuXML ID 4cdfe875-e8d6-11e1-bea0-002354ed89bc
Discovery 2012-07-22
Entry 2012-08-18

Wireshark reports:

It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.

It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.

The PPP dissector could crash.

The NFS dissector could use excessive amounts of CPU.

The DCP ETSI dissector could trigger a zero division.

The MongoDB dissector could go into a large loop.

The XTP dissector could go into an infinite loop.

The ERF dissector could overflow a buffer.

The AFP dissector could go into a large loop.

The RTPS2 dissector could overflow a buffer.

The GSM RLC MAC dissector could overflow a buffer.

The CIP dissector could exhaust system memory.

The STUN dissector could crash.

The EtherCAT Mailbox dissector could abort.

The CTDB dissector could go into a large loop.

The pcap-ng file parser could trigger a zero division.

The Ixia IxVeriWave file parser could overflow a buffer.

References

CVE Name CVE-2012-4048
CVE Name CVE-2012-4049
CVE Name CVE-2012-4285
CVE Name CVE-2012-4286
CVE Name CVE-2012-4287
CVE Name CVE-2012-4288
CVE Name CVE-2012-4289
CVE Name CVE-2012-4290
CVE Name CVE-2012-4291
CVE Name CVE-2012-4292
CVE Name CVE-2012-4293
CVE Name CVE-2012-4294
CVE Name CVE-2012-4295
CVE Name CVE-2012-4296
CVE Name CVE-2012-4297
CVE Name CVE-2012-4298
URL http://www.wireshark.org/security/wnpa-sec-2012-11.html
URL http://www.wireshark.org/security/wnpa-sec-2012-12.html
URL http://www.wireshark.org/security/wnpa-sec-2012-13.html
URL http://www.wireshark.org/security/wnpa-sec-2012-14.html
URL http://www.wireshark.org/security/wnpa-sec-2012-15.html
URL http://www.wireshark.org/security/wnpa-sec-2012-16.html
URL http://www.wireshark.org/security/wnpa-sec-2012-17.html
URL http://www.wireshark.org/security/wnpa-sec-2012-18.html
URL http://www.wireshark.org/security/wnpa-sec-2012-19.html
URL http://www.wireshark.org/security/wnpa-sec-2012-20.html
URL http://www.wireshark.org/security/wnpa-sec-2012-21.html
URL http://www.wireshark.org/security/wnpa-sec-2012-22.html
URL http://www.wireshark.org/security/wnpa-sec-2012-23.html
URL http://www.wireshark.org/security/wnpa-sec-2012-24.html
URL http://www.wireshark.org/security/wnpa-sec-2012-25.html