Lucene search

DebianDEBIAN:DLA-714-1:11A9D

HistoryNov 21, 2016 - 11:37 a.m.

[SECURITY] [DLA 714-1] wireshark security update

2016-11-2111:37:39

lists.debian.org

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

6.6

Confidence

High

EPSS

0.005

Percentile

76.7%

JSON

Package : wireshark
Version : 1.12.1+g01b65bf-4+deb8u6~deb7u5
CVE ID : CVE-2016-9373 CVE-2016-9374 CVE-2016-9375 CVE-2016-9376

The following vulnerabilities have been discovered in the Debian
Wheezy's Wireshark version:

CVE-2016-9373

The DCERPC dissector could crash

CVE-2016-9374

The AllJoyn dissector could crash

CVE-2016-9375

The DTN dissector could ender an infinite loop

CVE-2016-9376

The OpenFlow dissector could crash

For Debian 7 "Wheezy", these problems have been fixed in version
1.12.1+g01b65bf-4+deb8u6~deb7u5.

We recommend that you upgrade your wireshark packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

OSVersionArchitecturePackageVersionFilename
Debian7armhfwireshark-dbg< 1.12.1+g01b65bf-4+deb8u6~deb7u5wireshark-dbg_1.12.1+g01b65bf-4+deb8u6~deb7u5_armhf.deb
Debian8kfreebsd-i386libwireshark-dev< 1.12.1+g01b65bf-4+deb8u10libwireshark-dev_1.12.1+g01b65bf-4+deb8u10_kfreebsd-i386.deb
Debian7armellibwsutil4< 1.12.1+g01b65bf-4+deb8u6~deb7u5libwsutil4_1.12.1+g01b65bf-4+deb8u6~deb7u5_armel.deb
Debian8s390xlibwireshark-dev< 1.12.1+g01b65bf-4+deb8u10libwireshark-dev_1.12.1+g01b65bf-4+deb8u10_s390x.deb
Debian8s390xtshark< 1.12.1+g01b65bf-4+deb8u10tshark_1.12.1+g01b65bf-4+deb8u10_s390x.deb
Debian8armhfwireshark-dev< 1.12.1+g01b65bf-4+deb8u10wireshark-dev_1.12.1+g01b65bf-4+deb8u10_armhf.deb
Debian8armelwireshark-qt< 1.12.1+g01b65bf-4+deb8u10wireshark-qt_1.12.1+g01b65bf-4+deb8u10_armel.deb
Debian7armhfwireshark-qt< 1.12.1+g01b65bf-4+deb8u6~deb7u5wireshark-qt_1.12.1+g01b65bf-4+deb8u6~deb7u5_armhf.deb
Debian8kfreebsd-amd64tshark< 1.12.1+g01b65bf-4+deb8u10tshark_1.12.1+g01b65bf-4+deb8u10_kfreebsd-amd64.deb
Debian8ppc64elwireshark-common< 1.12.1+g01b65bf-4+deb8u10wireshark-common_1.12.1+g01b65bf-4+deb8u10_ppc64el.deb

OS	Version	Architecture	Package	Version	Filename
Debian	7	armhf	wireshark-dbg	< 1.12.1+g01b65bf-4+deb8u6~deb7u5	wireshark-dbg_1.12.1+g01b65bf-4+deb8u6~deb7u5_armhf.deb
Debian	8	kfreebsd-i386	libwireshark-dev	< 1.12.1+g01b65bf-4+deb8u10	libwireshark-dev_1.12.1+g01b65bf-4+deb8u10_kfreebsd-i386.deb
Debian	7	armel	libwsutil4	< 1.12.1+g01b65bf-4+deb8u6~deb7u5	libwsutil4_1.12.1+g01b65bf-4+deb8u6~deb7u5_armel.deb
Debian	8	s390x	libwireshark-dev	< 1.12.1+g01b65bf-4+deb8u10	libwireshark-dev_1.12.1+g01b65bf-4+deb8u10_s390x.deb
Debian	8	s390x	tshark	< 1.12.1+g01b65bf-4+deb8u10	tshark_1.12.1+g01b65bf-4+deb8u10_s390x.deb
Debian	8	armhf	wireshark-dev	< 1.12.1+g01b65bf-4+deb8u10	wireshark-dev_1.12.1+g01b65bf-4+deb8u10_armhf.deb
Debian	8	armel	wireshark-qt	< 1.12.1+g01b65bf-4+deb8u10	wireshark-qt_1.12.1+g01b65bf-4+deb8u10_armel.deb
Debian	7	armhf	wireshark-qt	< 1.12.1+g01b65bf-4+deb8u6~deb7u5	wireshark-qt_1.12.1+g01b65bf-4+deb8u6~deb7u5_armhf.deb
Debian	8	kfreebsd-amd64	tshark	< 1.12.1+g01b65bf-4+deb8u10	tshark_1.12.1+g01b65bf-4+deb8u10_kfreebsd-amd64.deb
Debian	8	ppc64el	wireshark-common	< 1.12.1+g01b65bf-4+deb8u10	wireshark-common_1.12.1+g01b65bf-4+deb8u10_ppc64el.deb