CVE-2018-5336 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 77%

Affected Products (NVD)

Vendor	Product	Version
wireshark	wireshark	2.2.0 ≤ 𝑥 ≤ 2.2.11
wireshark	wireshark	2.4.0 ≤ 𝑥 ≤ 2.4.3
debian	debian_linux	7.0
debian	debian_linux	8.0
debian	debian_linux	9.0

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

wireshark

bookworm	4.0.11-1~deb12u1 fixed
bookworm (security)	4.0.11-1~deb12u1 fixed
bullseye	3.4.10-0+deb11u1 fixed
bullseye (security)	3.4.16-0+deb11u1 fixed
sid	4.4.1-1 fixed
trixie	4.4.0-1 fixed

Ubuntu Releases

Ubuntu Product

Codename

wireshark

artful	ignored
bionic	Fixed 2.6.3-1~ubuntu18.04.1 released
trusty	Fixed 2.6.3-1~ubuntu14.04.1 released
xenial	Fixed 2.6.3-1~ubuntu16.04.1 released
zesty	ignored

openSUSE / SLES Releases

openSUSE Product

Release

libwireshark13

suse enterprise desktop 15 SP2	3.2.2-3.35.2 fixed
suse enterprise desktop 15 SP3	3.2.8-3.44.1 fixed
suse enterprise sap 15 SP2	3.2.2-3.35.2 fixed
suse enterprise sap 15 SP3	3.2.8-3.44.1 fixed
suse enterprise server 15 SP2	3.2.2-3.35.2 fixed
suse enterprise server 15 SP3	3.2.8-3.44.1 fixed

libwireshark15

suse enterprise desktop 15 SP4	3.6.2-3.71.1 fixed
suse enterprise desktop 15 SP5	3.6.13-150000.3.89.1 fixed
suse enterprise desktop 15 SP6	3.6.20-150600.16.5 fixed
suse enterprise sap 15 SP4	3.6.2-3.71.1 fixed
suse enterprise sap 15 SP5	3.6.13-150000.3.89.1 fixed
suse enterprise sap 15 SP6	3.6.20-150600.16.5 fixed
suse enterprise server 15 SP4	3.6.2-3.71.1 fixed
suse enterprise server 15 SP5	3.6.13-150000.3.89.1 fixed
suse enterprise server 15 SP6	3.6.20-150600.16.5 fixed

libwireshark17

suse enterprise desktop 15 SP7	4.2.11-150600.18.20.1 fixed
suse enterprise sap 15 SP7	4.2.11-150600.18.20.1 fixed
suse enterprise server 15 SP7	4.2.11-150600.18.20.1 fixed

libwireshark8

suse enterprise sap 12 SP2	2.2.12-48.18.1 fixed
suse enterprise sap 12 SP3	2.2.12-48.18.1 fixed
suse enterprise server 12 SP2	2.2.12-48.18.1 fixed
suse enterprise server 12 SP3	2.2.12-48.18.1 fixed

libwireshark9

suse enterprise desktop 15	2.4.6-1.31 fixed
suse enterprise desktop 15 SP1	2.4.14-3.25.2 fixed
suse enterprise sap 12 SP5	2.4.16-48.51.1 fixed
suse enterprise sap 15	2.4.6-1.31 fixed
suse enterprise sap 15 SP1	2.4.14-3.25.2 fixed
suse enterprise server 12 SP5	2.4.16-48.51.1 fixed
suse enterprise server 15	2.4.6-1.31 fixed
suse enterprise server 15 SP1	2.4.14-3.25.2 fixed

libwiretap10

suse enterprise desktop 15 SP2	3.2.2-3.35.2 fixed
suse enterprise desktop 15 SP3	3.2.8-3.44.1 fixed
suse enterprise sap 15 SP2	3.2.2-3.35.2 fixed
suse enterprise sap 15 SP3	3.2.8-3.44.1 fixed
suse enterprise server 15 SP2	3.2.2-3.35.2 fixed
suse enterprise server 15 SP3	3.2.8-3.44.1 fixed

libwiretap12

suse enterprise desktop 15 SP4	3.6.2-3.71.1 fixed
suse enterprise desktop 15 SP5	3.6.13-150000.3.89.1 fixed
suse enterprise desktop 15 SP6	3.6.20-150600.16.5 fixed
suse enterprise sap 15 SP4	3.6.2-3.71.1 fixed
suse enterprise sap 15 SP5	3.6.13-150000.3.89.1 fixed
suse enterprise sap 15 SP6	3.6.20-150600.16.5 fixed
suse enterprise server 15 SP4	3.6.2-3.71.1 fixed
suse enterprise server 15 SP5	3.6.13-150000.3.89.1 fixed
suse enterprise server 15 SP6	3.6.20-150600.16.5 fixed

libwiretap14

suse enterprise desktop 15 SP7	4.2.11-150600.18.20.1 fixed
suse enterprise sap 15 SP7	4.2.11-150600.18.20.1 fixed
suse enterprise server 15 SP7	4.2.11-150600.18.20.1 fixed

libwiretap6

suse enterprise sap 12 SP2	2.2.12-48.18.1 fixed
suse enterprise sap 12 SP3	2.2.12-48.18.1 fixed
suse enterprise server 12 SP2	2.2.12-48.18.1 fixed
suse enterprise server 12 SP3	2.2.12-48.18.1 fixed

libwiretap7

suse enterprise desktop 15	2.4.6-1.31 fixed
suse enterprise desktop 15 SP1	2.4.14-3.25.2 fixed
suse enterprise sap 12 SP5	2.4.16-48.51.1 fixed
suse enterprise sap 15	2.4.6-1.31 fixed
suse enterprise sap 15 SP1	2.4.14-3.25.2 fixed
suse enterprise server 12 SP5	2.4.16-48.51.1 fixed
suse enterprise server 15	2.4.6-1.31 fixed
suse enterprise server 15 SP1	2.4.14-3.25.2 fixed

libwscodecs1

suse enterprise desktop 15	2.4.6-1.31 fixed
suse enterprise desktop 15 SP1	2.4.14-3.25.2 fixed
suse enterprise desktop 15 SP2	2.4.16-3.31.1 fixed
suse enterprise desktop 15 SP3	2.4.16-3.31.1 fixed
suse enterprise desktop 15 SP4	2.4.16-3.31.1 fixed
suse enterprise desktop 15 SP5	2.4.16-3.31.1 fixed
suse enterprise desktop 15 SP6	2.4.16-3.31.1 fixed
suse enterprise desktop 15 SP7	2.4.16-3.31.1 fixed
suse enterprise sap 12 SP2	2.2.12-48.18.1 fixed
suse enterprise sap 12 SP3	2.2.12-48.18.1 fixed
suse enterprise sap 12 SP5	2.4.16-48.51.1 fixed
suse enterprise sap 15	2.4.6-1.31 fixed
suse enterprise sap 15 SP1	2.4.14-3.25.2 fixed
suse enterprise sap 15 SP2	2.4.16-3.31.1 fixed
suse enterprise sap 15 SP3	2.4.16-3.31.1 fixed
suse enterprise sap 15 SP4	2.4.16-3.31.1 fixed
suse enterprise sap 15 SP5	2.4.16-3.31.1 fixed
suse enterprise sap 15 SP6	2.4.16-3.31.1 fixed
suse enterprise sap 15 SP7	2.4.16-3.31.1 fixed
suse enterprise server 12 SP2	2.2.12-48.18.1 fixed
suse enterprise server 12 SP3	2.2.12-48.18.1 fixed
suse enterprise server 12 SP5	2.4.16-48.51.1 fixed
suse enterprise server 15	2.4.6-1.31 fixed
suse enterprise server 15 SP1	2.4.14-3.25.2 fixed
suse enterprise server 15 SP2	2.4.16-3.31.1 fixed
suse enterprise server 15 SP3	2.4.16-3.31.1 fixed
suse enterprise server 15 SP4	2.4.16-3.31.1 fixed
suse enterprise server 15 SP5	2.4.16-3.31.1 fixed
suse enterprise server 15 SP6	2.4.16-3.31.1 fixed
suse enterprise server 15 SP7	2.4.16-3.31.1 fixed

libwsutil11

suse enterprise desktop 15 SP2	3.2.2-3.35.2 fixed
suse enterprise desktop 15 SP3	3.2.8-3.44.1 fixed
suse enterprise sap 15 SP2	3.2.2-3.35.2 fixed
suse enterprise sap 15 SP3	3.2.8-3.44.1 fixed
suse enterprise server 15 SP2	3.2.2-3.35.2 fixed
suse enterprise server 15 SP3	3.2.8-3.44.1 fixed

libwsutil13

suse enterprise desktop 15 SP4	3.6.2-3.71.1 fixed
suse enterprise desktop 15 SP5	3.6.13-150000.3.89.1 fixed
suse enterprise desktop 15 SP6	3.6.20-150600.16.5 fixed
suse enterprise sap 15 SP4	3.6.2-3.71.1 fixed
suse enterprise sap 15 SP5	3.6.13-150000.3.89.1 fixed
suse enterprise sap 15 SP6	3.6.20-150600.16.5 fixed
suse enterprise server 15 SP4	3.6.2-3.71.1 fixed
suse enterprise server 15 SP5	3.6.13-150000.3.89.1 fixed
suse enterprise server 15 SP6	3.6.20-150600.16.5 fixed

libwsutil15

suse enterprise desktop 15 SP7	4.2.11-150600.18.20.1 fixed
suse enterprise sap 15 SP7	4.2.11-150600.18.20.1 fixed
suse enterprise server 15 SP7	4.2.11-150600.18.20.1 fixed

libwsutil7

suse enterprise sap 12 SP2	2.2.12-48.18.1 fixed
suse enterprise sap 12 SP3	2.2.12-48.18.1 fixed
suse enterprise server 12 SP2	2.2.12-48.18.1 fixed
suse enterprise server 12 SP3	2.2.12-48.18.1 fixed

libwsutil8

suse enterprise desktop 15	2.4.6-1.31 fixed
suse enterprise desktop 15 SP1	2.4.14-3.25.2 fixed
suse enterprise desktop 15 SP2	2.4.16-3.31.1 fixed
suse enterprise desktop 15 SP3	2.4.16-3.31.1 fixed
suse enterprise desktop 15 SP4	2.4.16-3.31.1 fixed
suse enterprise desktop 15 SP5	2.4.16-3.31.1 fixed
suse enterprise desktop 15 SP6	2.4.16-3.31.1 fixed
suse enterprise desktop 15 SP7	2.4.16-3.31.1 fixed
suse enterprise sap 12 SP5	2.4.16-48.51.1 fixed
suse enterprise sap 15	2.4.6-1.31 fixed
suse enterprise sap 15 SP1	2.4.14-3.25.2 fixed
suse enterprise sap 15 SP2	2.4.16-3.31.1 fixed
suse enterprise sap 15 SP3	2.4.16-3.31.1 fixed
suse enterprise sap 15 SP4	2.4.16-3.31.1 fixed
suse enterprise sap 15 SP5	2.4.16-3.31.1 fixed
suse enterprise sap 15 SP6	2.4.16-3.31.1 fixed
suse enterprise sap 15 SP7	2.4.16-3.31.1 fixed
suse enterprise server 12 SP5	2.4.16-48.51.1 fixed
suse enterprise server 15	2.4.6-1.31 fixed
suse enterprise server 15 SP1	2.4.14-3.25.2 fixed
suse enterprise server 15 SP2	2.4.16-3.31.1 fixed
suse enterprise server 15 SP3	2.4.16-3.31.1 fixed
suse enterprise server 15 SP4	2.4.16-3.31.1 fixed
suse enterprise server 15 SP5	2.4.16-3.31.1 fixed
suse enterprise server 15 SP6	2.4.16-3.31.1 fixed
suse enterprise server 15 SP7	2.4.16-3.31.1 fixed

wireshark

suse enterprise desktop 15	2.4.6-1.31 fixed
suse enterprise desktop 15 SP1	2.4.14-3.25.2 fixed
suse enterprise desktop 15 SP2	3.2.2-3.35.2 fixed
suse enterprise desktop 15 SP3	3.2.8-3.44.1 fixed
suse enterprise desktop 15 SP4	3.6.2-3.71.1 fixed
suse enterprise desktop 15 SP5	3.6.13-150000.3.89.1 fixed
suse enterprise desktop 15 SP6	3.6.20-150600.16.5 fixed
suse enterprise desktop 15 SP7	4.2.11-150600.18.20.1 fixed
suse enterprise sap 12 SP2	2.2.12-48.18.1 fixed
suse enterprise sap 12 SP3	2.2.12-48.18.1 fixed
suse enterprise sap 12 SP5	2.4.16-48.51.1 fixed
suse enterprise sap 15	2.4.6-1.31 fixed
suse enterprise sap 15 SP1	2.4.14-3.25.2 fixed
suse enterprise sap 15 SP2	3.2.2-3.35.2 fixed
suse enterprise sap 15 SP3	3.2.8-3.44.1 fixed
suse enterprise sap 15 SP4	3.6.2-3.71.1 fixed
suse enterprise sap 15 SP5	3.6.13-150000.3.89.1 fixed
suse enterprise sap 15 SP6	3.6.20-150600.16.5 fixed
suse enterprise sap 15 SP7	4.2.11-150600.18.20.1 fixed
suse enterprise server 12 SP2	2.2.12-48.18.1 fixed
suse enterprise server 12 SP3	2.2.12-48.18.1 fixed
suse enterprise server 12 SP5	2.4.16-48.51.1 fixed
suse enterprise server 15	2.4.6-1.31 fixed
suse enterprise server 15 SP1	2.4.14-3.25.2 fixed
suse enterprise server 15 SP2	3.2.2-3.35.2 fixed
suse enterprise server 15 SP3	3.2.8-3.44.1 fixed
suse enterprise server 15 SP4	3.6.2-3.71.1 fixed
suse enterprise server 15 SP5	3.6.13-150000.3.89.1 fixed
suse enterprise server 15 SP6	3.6.20-150600.16.5 fixed
suse enterprise server 15 SP7	4.2.11-150600.18.20.1 fixed

wireshark-devel

suse enterprise desktop 15	2.4.6-1.31 fixed
suse enterprise desktop 15 SP1	2.4.14-3.25.2 fixed
suse enterprise desktop 15 SP2	3.2.2-3.35.2 fixed
suse enterprise desktop 15 SP3	3.2.8-3.44.1 fixed
suse enterprise desktop 15 SP4	3.6.2-3.71.1 fixed
suse enterprise desktop 15 SP5	3.6.13-150000.3.89.1 fixed
suse enterprise desktop 15 SP6	3.6.20-150600.16.5 fixed
suse enterprise desktop 15 SP7	4.2.11-150600.18.20.1 fixed
suse enterprise sap 15	2.4.6-1.31 fixed
suse enterprise sap 15 SP1	2.4.14-3.25.2 fixed
suse enterprise sap 15 SP2	3.2.2-3.35.2 fixed
suse enterprise sap 15 SP3	3.2.8-3.44.1 fixed
suse enterprise sap 15 SP4	3.6.2-3.71.1 fixed
suse enterprise sap 15 SP5	3.6.13-150000.3.89.1 fixed
suse enterprise sap 15 SP6	3.6.20-150600.16.5 fixed
suse enterprise sap 15 SP7	4.2.11-150600.18.20.1 fixed
suse enterprise server 15	2.4.6-1.31 fixed
suse enterprise server 15 SP1	2.4.14-3.25.2 fixed
suse enterprise server 15 SP2	3.2.2-3.35.2 fixed
suse enterprise server 15 SP3	3.2.8-3.44.1 fixed
suse enterprise server 15 SP4	3.6.2-3.71.1 fixed
suse enterprise server 15 SP5	3.6.13-150000.3.89.1 fixed
suse enterprise server 15 SP6	3.6.20-150600.16.5 fixed
suse enterprise server 15 SP7	4.2.11-150600.18.20.1 fixed

wireshark-gtk

suse enterprise sap 12 SP2	2.2.12-48.18.1 fixed
suse enterprise sap 12 SP3	2.2.12-48.18.1 fixed
suse enterprise sap 12 SP5	2.4.16-48.51.1 fixed
suse enterprise server 12 SP2	2.2.12-48.18.1 fixed
suse enterprise server 12 SP3	2.2.12-48.18.1 fixed
suse enterprise server 12 SP5	2.4.16-48.51.1 fixed

wireshark-ui-qt

suse enterprise desktop 15	2.4.6-1.31 fixed
suse enterprise desktop 15 SP1	2.4.14-3.25.2 fixed
suse enterprise desktop 15 SP2	3.2.2-3.35.2 fixed
suse enterprise desktop 15 SP3	3.2.8-3.44.1 fixed
suse enterprise desktop 15 SP4	3.6.2-3.71.1 fixed
suse enterprise desktop 15 SP5	3.6.13-150000.3.89.1 fixed
suse enterprise desktop 15 SP6	3.6.20-150600.16.5 fixed
suse enterprise desktop 15 SP7	4.2.11-150600.18.20.1 fixed
suse enterprise sap 15	2.4.6-1.31 fixed
suse enterprise sap 15 SP1	2.4.14-3.25.2 fixed
suse enterprise sap 15 SP2	3.2.2-3.35.2 fixed
suse enterprise sap 15 SP3	3.2.8-3.44.1 fixed
suse enterprise sap 15 SP4	3.6.2-3.71.1 fixed
suse enterprise sap 15 SP5	3.6.13-150000.3.89.1 fixed
suse enterprise sap 15 SP6	3.6.20-150600.16.5 fixed
suse enterprise sap 15 SP7	4.2.11-150600.18.20.1 fixed
suse enterprise server 15	2.4.6-1.31 fixed
suse enterprise server 15 SP1	2.4.14-3.25.2 fixed
suse enterprise server 15 SP2	3.2.2-3.35.2 fixed
suse enterprise server 15 SP3	3.2.8-3.44.1 fixed
suse enterprise server 15 SP4	3.6.2-3.71.1 fixed
suse enterprise server 15 SP5	3.6.13-150000.3.89.1 fixed
suse enterprise server 15 SP6	3.6.20-150600.16.5 fixed
suse enterprise server 15 SP7	4.2.11-150600.18.20.1 fixed

Common Weakness Enumeration

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

References

http://www.securityfocus.com/bid/102504

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14253

https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=4f4c95cf46ba6adbd10b09747e10742801bc706b

https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=f6702e49a9720d173246668495eece6d77eca5b0

https://lists.debian.org/debian-lts-announce/2018/01/msg00032.html

https://www.debian.org/security/2018/dsa-4101

https://www.wireshark.org/security/wnpa-sec-2018-01.html

http://www.securityfocus.com/bid/102504

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14253

https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=4f4c95cf46ba6adbd10b09747e10742801bc706b

https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=f6702e49a9720d173246668495eece6d77eca5b0

https://lists.debian.org/debian-lts-announce/2018/01/msg00032.html

https://www.debian.org/security/2018/dsa-4101

https://www.wireshark.org/security/wnpa-sec-2018-01.html