What Are You Looking For?

Sign Up

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2423-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                          Adrian Bunk
October 31, 2020                              https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : wireshark
Version        : 2.6.8-1.1~deb9u1
CVE ID         : CVE-2019-10894 CVE-2019-10895 CVE-2019-10896 CVE-2019-10899 
                 CVE-2019-10901 CVE-2019-10903 CVE-2019-12295
Debian Bug     : 926718 929446

Several vulnerabilities were fixed in the Wireshark network
protocol analyzer.

CVE-2019-10894

    GSS-API dissector crash

CVE-2019-10895

    NetScaler file parser crash

CVE-2019-10896

    DOF dissector crash

CVE-2019-10899

    SRVLOC dissector crash

CVE-2019-10901

    LDSS dissector crash

CVE-2019-10903

    DCERPC SPOOLSS dissector crash

CVE-2019-12295

    Dissection engine could crash

For Debian 9 stretch, these problems have been fixed in version
2.6.8-1.1~deb9u1.

We recommend that you upgrade your wireshark packages.

For the detailed security status of wireshark please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/wireshark

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

Debian LTS: DLA-2423-1: wireshark security update

October 31, 2020
Several vulnerabilities were fixed in the Wireshark network protocol analyzer

Summary

CVE-2019-10894

GSS-API dissector crash

CVE-2019-10895

NetScaler file parser crash

CVE-2019-10896

DOF dissector crash

CVE-2019-10899

SRVLOC dissector crash

CVE-2019-10901

LDSS dissector crash

CVE-2019-10903

DCERPC SPOOLSS dissector crash

CVE-2019-12295

Dissection engine could crash

For Debian 9 stretch, these problems have been fixed in version
2.6.8-1.1~deb9u1.

We recommend that you upgrade your wireshark packages.

For the detailed security status of wireshark please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/wireshark

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS


Severity
Package : wireshark
Version : 2.6.8-1.1~deb9u1
CVE ID : CVE-2019-10894 CVE-2019-10895 CVE-2019-10896 CVE-2019-10899
Debian Bug : 926718 929446

Related News

Widespread Xorg DoS, Privilege Escalation Vulns Fixed

Nov 13, 2023

Critical Exim RCE, Info Disclosure Bugs Fixed

Oct 8, 2023

Linux Tries to Dump Windows' Notoriously Insecure RNDIS Protocol

Oct 5, 2023

Critical Node.js Info Disclosure, Code Execution Bugs Fixed

Oct 5, 2023

News

Advisories

HOWTOs

Features

Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024
Cloud Security Basics for Small Businesses
Scanning and Defending Networks with Nmap
CISA Issues Urgent Warning Over Active Exploitation of Looney Tunables glibc Bug

About Us

Powered By

Footer Logo