CVE-2017-5596
25.01.2017, 21:59
In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the ASTERIX dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-asterix.c by changing a data type to avoid an integer overflow.Enginsight
| Vendor | Product | Version |
|---|---|---|
| wireshark | wireshark | 2.0.0 |
| wireshark | wireshark | 2.0.1 |
| wireshark | wireshark | 2.0.2 |
| wireshark | wireshark | 2.0.3 |
| wireshark | wireshark | 2.0.4 |
| wireshark | wireshark | 2.0.5 |
| wireshark | wireshark | 2.0.6 |
| wireshark | wireshark | 2.0.7 |
| wireshark | wireshark | 2.0.8 |
| wireshark | wireshark | 2.0.9 |
| wireshark | wireshark | 2.2.0 |
| wireshark | wireshark | 2.2.1 |
| wireshark | wireshark | 2.2.2 |
| wireshark | wireshark | 2.2.3 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
References