Description
This update to Wireshark 2.2.8 fixes some minor vulnerabilities could be
used to trigger dissector crashes, infinite loops, or cause excessive use
of memory resources by making Wireshark read specially crafted packages
from the network
or a capture file:
- CVE-2017-7702,CVE-2017-11410: WBMXL dissector infinite loop
(wnpa-sec-2017-13)
- CVE-2017-9350,CVE-2017-11411: openSAFETY dissector memory exhaustion
(wnpa-sec-2017-28)
- CVE-2017-11408: AMQP dissector crash (wnpa-sec-2017-34)
- CVE-2017-11407: MQ dissector crash (wnpa-sec-2017-35)
- CVE-2017-11406: DOCSIS infinite loop (wnpa-sec-2017-36)