Security Information / 2019 / Security Information -- DSA-4416-1 wireshark

Debian Security Advisory

DSA-4416-1 wireshark -- security update

Date Reported:

24 Mar 2019

Affected Packages:

wireshark

Vulnerable:

Yes

Security database references:

In the Debian bugtracking system: Bug 923611.
In Mitre's CVE dictionary: CVE-2019-5716, CVE-2019-5717, CVE-2019-5718, CVE-2019-5719, CVE-2019-9208, CVE-2019-9209, CVE-2019-9214.

More information:

It was discovered that Wireshark, a network traffic analyzer, contained several vulnerabilities in the dissectors for 6LoWPAN, P_MUL, RTSE, ISAKMP, TCAP, ASN.1 BER and RPCAP, which could result in denial of service.

For the stable distribution (stretch), these problems have been fixed in version 2.6.7-1~deb9u1.

We recommend that you upgrade your wireshark packages.

For the detailed security status of wireshark please refer to its security tracker page at: https://security-tracker.debian.org/tracker/wireshark