Security update for wireshark
SUSE Patch
security@suse.de
SUSE Security Team
SUSE-SU-2015:0307-1
Final
1
1
2015-01-22T08:55:12Z
current
2015-01-22T08:55:12Z
2015-01-22T08:55:12Z
cve-database/bin/generate-cvrf.pl
2017-02-24T01:00:00Z
Security update for wireshark
This update fixes the following security issues:
- The following vulnerabilities allowed Wireshark to be crashed by
injecting a malformed packet onto the wire or by convincing someone
to read a malformed packet trace file.
+ The WCCP dissector could crash
wnpa-sec-2015-01 CVE-2015-0559 CVE-2015-0560 [boo#912365]
+ The LPP dissector could crash.
wnpa-sec-2015-02 CVE-2015-0561 [boo#912368]
+ The DEC DNA Routing Protocol dissector could crash.
wnpa-sec-2015-03 CVE-2015-0562 [boo#912369]
+ The SMTP dissector could crash.
wnpa-sec-2015-04 CVE-2015-0563 [boo#912370]
+ Wireshark could crash while decypting TLS/SSL sessions.
wnpa-sec-2015-05 CVE-2015-0564 [boo#912372]
The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
SUSE-SLE-DESKTOP-12-2015-81,SUSE-SLE-SDK-12-2015-81,SUSE-SLE-SERVER-12-2015-81
Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0)
https://www.suse.com/support/update/announcement/2015/suse-su-20150307-1/
Link for SUSE-SU-2015:0307-1
https://lists.suse.com/pipermail/sle-security-updates/2015-February/001234.html
E-Mail link for SUSE-SU-2015:0307-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/912365
SUSE Bug 912365
https://bugzilla.suse.com/912368
SUSE Bug 912368
https://bugzilla.suse.com/912369
SUSE Bug 912369
https://bugzilla.suse.com/912370
SUSE Bug 912370
https://bugzilla.suse.com/912372
SUSE Bug 912372
https://www.suse.com/security/cve/CVE-2015-0559/
SUSE CVE CVE-2015-0559 page
https://www.suse.com/security/cve/CVE-2015-0560/
SUSE CVE CVE-2015-0560 page
https://www.suse.com/security/cve/CVE-2015-0561/
SUSE CVE CVE-2015-0561 page
https://www.suse.com/security/cve/CVE-2015-0562/
SUSE CVE CVE-2015-0562 page
https://www.suse.com/security/cve/CVE-2015-0563/
SUSE CVE CVE-2015-0563 page
https://www.suse.com/security/cve/CVE-2015-0564/
SUSE CVE CVE-2015-0564 page
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server for SAP Applications 12
SUSE Linux Enterprise Software Development Kit 12
wireshark-1.10.12-4.1
wireshark-devel-1.10.12-4.1
wireshark-1.10.12-4.1 as a component of SUSE Linux Enterprise Desktop 12
wireshark-1.10.12-4.1 as a component of SUSE Linux Enterprise Server 12
wireshark-1.10.12-4.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12
wireshark-devel-1.10.12-4.1 as a component of SUSE Linux Enterprise Software Development Kit 12
Multiple use-after-free vulnerabilities in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allow remote attackers to cause a denial of service (application crash) via a crafted packet, related to the use of packet-scope memory instead of pinfo-scope memory.
CVE-2015-0559
SUSE Linux Enterprise Desktop 12:wireshark-1.10.12-4.1
SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1
SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1
SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1
moderate
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2015/suse-su-20150307-1/
https://www.suse.com/security/cve/CVE-2015-0559.html
CVE-2015-0559
https://bugzilla.suse.com/912365
SUSE Bug 912365
The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not initialize certain data structures, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
CVE-2015-0560
SUSE Linux Enterprise Desktop 12:wireshark-1.10.12-4.1
SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1
SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1
SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1
moderate
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2015/suse-su-20150307-1/
https://www.suse.com/security/cve/CVE-2015-0560.html
CVE-2015-0560
https://bugzilla.suse.com/912365
SUSE Bug 912365
asn1/lpp/lpp.cnf in the LPP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not validate a certain index value, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.
CVE-2015-0561
SUSE Linux Enterprise Desktop 12:wireshark-1.10.12-4.1
SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1
SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1
SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1
moderate
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2015/suse-su-20150307-1/
https://www.suse.com/security/cve/CVE-2015-0561.html
CVE-2015-0561
https://bugzilla.suse.com/912368
SUSE Bug 912368
Multiple use-after-free vulnerabilities in epan/dissectors/packet-dec-dnart.c in the DEC DNA Routing Protocol dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allow remote attackers to cause a denial of service (application crash) via a crafted packet, related to the use of packet-scope memory instead of pinfo-scope memory.
CVE-2015-0562
SUSE Linux Enterprise Desktop 12:wireshark-1.10.12-4.1
SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1
SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1
SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1
moderate
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2015/suse-su-20150307-1/
https://www.suse.com/security/cve/CVE-2015-0562.html
CVE-2015-0562
https://bugzilla.suse.com/912369
SUSE Bug 912369
epan/dissectors/packet-smtp.c in the SMTP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 uses an incorrect length value for certain string-append operations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
CVE-2015-0563
SUSE Linux Enterprise Desktop 12:wireshark-1.10.12-4.1
SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1
SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1
SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1
moderate
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2015/suse-su-20150307-1/
https://www.suse.com/security/cve/CVE-2015-0563.html
CVE-2015-0563
https://bugzilla.suse.com/912370
SUSE Bug 912370
Buffer underflow in the ssl_decrypt_record function in epan/dissectors/packet-ssl-utils.c in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet that is improperly handled during decryption of an SSL session.
CVE-2015-0564
SUSE Linux Enterprise Desktop 12:wireshark-1.10.12-4.1
SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1
SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1
SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1
moderate
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2015/suse-su-20150307-1/
https://www.suse.com/security/cve/CVE-2015-0564.html
CVE-2015-0564
https://bugzilla.suse.com/912372
SUSE Bug 912372