5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
6.8 Medium
AI Score
Confidence
High
0.004 Low
EPSS
Percentile
72.9%
Package : wireshark
Version : 1.8.2-5wheezy15~deb6u1
CVE ID : CVE-2015-2191 CVE-2015-2188 CVE-2015-0564 CVE-2015-0562
CVE-2014-8714 CVE-2014-8713 CVE-2014-8712 CVE-2014-8711
CVE-2014-8710 CVE-2014-6432 CVE-2014-6431 CVE-2014-6430
CVE-2014-6429 CVE-2014-6428 CVE-2014-6423 CVE-2014-6422
The following vulnerabilities were discovered in the Squeeze's Wireshark
version:
CVE-2015-2188 The WCP dissector could crash
CVE-2015-0564 Wireshark could crash while decypting TLS/SSL sessions
CVE-2015-0562 The DEC DNA Routing Protocol dissector could crash
CVE-2014-8714 TN5250 infinite loops
CVE-2014-8713 NCP crashes
CVE-2014-8712 NCP crashes
CVE-2014-8711 AMQP crash
CVE-2014-8710 SigComp UDVM buffer overflow
CVE-2014-6432 Sniffer file parser crash
CVE-2014-6431 Sniffer file parser crash
CVE-2014-6430 Sniffer file parser crash
CVE-2014-6429 Sniffer file parser crash
CVE-2014-6428 SES dissector crash
CVE-2014-6423 MEGACO dissector infinite loop
CVE-2014-6422 RTP dissector crash
Since back-porting upstream patches to 1.2.11-6+squeeze15 did not fix
all the outstanding issues and some issues are not even tracked publicly
the LTS Team decided to sync squeeze-lts's wireshark package with
wheezy-security to provide the best possible security support.
Note that upgrading Wireshark from 1.2.x to 1.8.x introduces
several backward-incompatible changes in package structure, shared
library API/ABI, availability of dissectors and in syntax of command
line parameters.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 7 | all | wireshark | < 1.8.2-5wheezy14 | wireshark_1.8.2-5wheezy14_all.deb |
Debian | 7 | sparc | libwiretap2 | < 1.8.2-5wheezy14 | libwiretap2_1.8.2-5wheezy14_sparc.deb |
Debian | 7 | mips | libwsutil2 | < 1.8.2-5wheezy14 | libwsutil2_1.8.2-5wheezy14_mips.deb |
Debian | 7 | ia64 | libwiretap-dev | < 1.8.2-5wheezy14 | libwiretap-dev_1.8.2-5wheezy14_ia64.deb |
Debian | 7 | mipsel | libwireshark2 | < 1.8.2-5wheezy14 | libwireshark2_1.8.2-5wheezy14_mipsel.deb |
Debian | 7 | armel | wireshark-dbg | < 1.8.2-5wheezy14 | wireshark-dbg_1.8.2-5wheezy14_armel.deb |
Debian | 6 | amd64 | wireshark-dev | < 1.8.2-5wheezy15~deb6u1 | wireshark-dev_1.8.2-5wheezy15~deb6u1_amd64.deb |
Debian | 7 | powerpc | tshark | < 1.8.2-5wheezy14 | tshark_1.8.2-5wheezy14_powerpc.deb |
Debian | 7 | powerpc | libwiretap2 | < 1.8.2-5wheezy14 | libwiretap2_1.8.2-5wheezy14_powerpc.deb |
Debian | 7 | armel | libwireshark2 | < 1.8.2-5wheezy14 | libwireshark2_1.8.2-5wheezy14_armel.deb |