4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0.004 Low
EPSS
Percentile
72.6%
Severity: Medium
Date : 2019-01-10
CVE-ID : CVE-2019-5716 CVE-2019-5717 CVE-2019-5718 CVE-2019-5719
Package : wireshark-cli
Type : multiple issues
Remote : Yes
Link : https://security.archlinux.org/AVG-844
The package wireshark-cli before version 2.6.6-1 is vulnerable to
multiple issues including information disclosure and denial of service.
Upgrade to 2.6.6-1.
The problems have been fixed upstream in version 2.6.6.
None.
An assertion failure has been found in the 6LoWPAN dissector of
Wireshark versions prior to 2.6.6, which could be triggered by
injecting a malformed packet onto the wire or by convincing someone to
read a malformed packet trace file.
A NULL-pointer dereference has been found in the P_MUL dissector of
Wireshark versions prior to 2.6.6, which could be triggered by
injecting a malformed packet onto the wire or by convincing someone to
read a malformed packet trace file.
An out-of-bounds read has been found in the RTSE dissector of Wireshark
versions prior to 2.6.6, which could be triggered by injecting a
malformed packet onto the wire or by convincing someone to read a
malformed packet trace file.
A NULL-pointer dereference has been found in the ISAKMP dissector of
Wireshark versions prior to 2.6.6, which could be triggered by
injecting a malformed packet onto the wire or by convincing someone to
read a malformed packet trace file.
A remote attacker can crash wireshark or access sensitive information
via a crafted PCAP file or network packet.
https://www.wireshark.org/docs/relnotes/wireshark-2.6.6.html
https://www.wireshark.org/security/wnpa-sec-2019-01
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15217
https://code.wireshark.org/review/#/c/31311/
https://www.wireshark.org/security/wnpa-sec-2019-02
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15337
https://code.wireshark.org/review/#/c/30986/
https://www.wireshark.org/security/wnpa-sec-2019-03
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15373
https://code.wireshark.org/review/#/c/31439/
https://www.wireshark.org/security/wnpa-sec-2019-04
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15374
https://code.wireshark.org/review/#/c/31219/
https://security.archlinux.org/CVE-2019-5716
https://security.archlinux.org/CVE-2019-5717
https://security.archlinux.org/CVE-2019-5718
https://security.archlinux.org/CVE-2019-5719
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ArchLinux | any | any | wireshark-cli | < 2.6.6-1 | UNKNOWN |
bugs.wireshark.org/bugzilla/show_bug.cgi?id=15217
bugs.wireshark.org/bugzilla/show_bug.cgi?id=15337
bugs.wireshark.org/bugzilla/show_bug.cgi?id=15373
bugs.wireshark.org/bugzilla/show_bug.cgi?id=15374
code.wireshark.org/review/#/c/30986/
code.wireshark.org/review/#/c/31219/
code.wireshark.org/review/#/c/31311/
code.wireshark.org/review/#/c/31439/
security.archlinux.org/AVG-844
security.archlinux.org/CVE-2019-5716
security.archlinux.org/CVE-2019-5717
security.archlinux.org/CVE-2019-5718
security.archlinux.org/CVE-2019-5719
www.wireshark.org/docs/relnotes/wireshark-2.6.6.html
www.wireshark.org/security/wnpa-sec-2019-01
www.wireshark.org/security/wnpa-sec-2019-02
www.wireshark.org/security/wnpa-sec-2019-03
www.wireshark.org/security/wnpa-sec-2019-04
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0.004 Low
EPSS
Percentile
72.6%