CVE-2017-11408

In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the AMQP dissector could crash. This was addressed in epan/dissectors/packet-amqp.c by checking for successful list dissection.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 68%
VendorProductVersion
wiresharkwireshark
2.0.0
wiresharkwireshark
2.0.1
wiresharkwireshark
2.0.2
wiresharkwireshark
2.0.3
wiresharkwireshark
2.0.4
wiresharkwireshark
2.0.5
wiresharkwireshark
2.0.6
wiresharkwireshark
2.0.7
wiresharkwireshark
2.0.8
wiresharkwireshark
2.0.9
wiresharkwireshark
2.0.10
wiresharkwireshark
2.0.11
wiresharkwireshark
2.0.12
wiresharkwireshark
2.0.13
wiresharkwireshark
2.2.0
wiresharkwireshark
2.2.1
wiresharkwireshark
2.2.2
wiresharkwireshark
2.2.3
wiresharkwireshark
2.2.4
wiresharkwireshark
2.2.5
wiresharkwireshark
2.2.6
wiresharkwireshark
2.2.7
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
wireshark
bullseye
3.4.10-0+deb11u1
fixed
bullseye (security)
3.4.16-0+deb11u1
fixed
bookworm
4.0.11-1~deb12u1
fixed
bookworm (security)
4.0.11-1~deb12u1
fixed
trixie
4.4.0-1
fixed
sid
4.4.1-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
wireshark
bionic
Fixed 2.6.3-1~ubuntu18.04.1
released
artful
ignored
zesty
ignored
yakkety
ignored
xenial
Fixed 2.6.3-1~ubuntu16.04.1
released
trusty
Fixed 2.6.3-1~ubuntu14.04.1
released
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/99894
http://www.securitytracker.com/id/1038966
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13780
https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=a102c172b0b2fe231fdb49f4f6694603f5b93b0c
https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=e57c86ef8e3b57b7f90c224f6053d1eacf20e1ba
https://lists.debian.org/debian-lts-announce/2017/12/msg00029.html
https://www.debian.org/security/2017/dsa-4060
https://www.wireshark.org/security/wnpa-sec-2017-34.html
http://www.securityfocus.com/bid/99894
http://www.securitytracker.com/id/1038966
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13780
https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=a102c172b0b2fe231fdb49f4f6694603f5b93b0c
https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=e57c86ef8e3b57b7f90c224f6053d1eacf20e1ba
https://lists.debian.org/debian-lts-announce/2017/12/msg00029.html
https://www.debian.org/security/2017/dsa-4060
https://www.wireshark.org/security/wnpa-sec-2017-34.html