SUSE-SU-2017:1174-1
Vulnerability from csaf_suse - Published: 2017-05-04 10:03 - Updated: 2017-05-04 10:03Summary
Security update for wireshark
Severity
Moderate
Notes
Title of the patch: Security update for wireshark
Description of the patch:
Wireshark was updated to version 2.0.12, which brings several new features, enhancements
and bug fixes.
These security issues were fixed:
- CVE-2017-7700: In Wireshark the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by ensuring a nonzero record size (bsc#1033936).
- CVE-2017-7701: In Wireshark the BGP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-bgp.c by using a different integer data type (bsc#1033937).
- CVE-2017-7702: In Wireshark the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding length validation (bsc#1033938).
- CVE-2017-7703: In Wireshark the IMAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-imap.c by calculating a line's end correctly (bsc#1033939).
- CVE-2017-7704: In Wireshark the DOF dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dof.c by using a different integer data type and adjusting a return value (bsc#1033940).
- CVE-2017-7705: In Wireshark the RPC over RDMA dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-rpcrdma.c by correctly checking for going beyond the maximum offset (bsc#1033941).
- CVE-2017-7745: In Wireshark the SIGCOMP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-sigcomp.c by correcting a memory-size check (bsc#1033942).
- CVE-2017-7746: In Wireshark the SLSK dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-slsk.c by adding checks for the remaining length (bsc#1033943).
- CVE-2017-7747: In Wireshark the PacketBB dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-packetbb.c by restricting additions to the protocol tree (bsc#1033944).
- CVE-2017-7748: In Wireshark the WSP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wsp.c by adding a length check (bsc#1033945).
- CVE-2016-7179: Stack-based buffer overflow in epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark allowed remote attackers to cause a denial of service (application crash) via a crafted packet (bsc#998963).
- CVE-2016-9376: In Wireshark the OpenFlow dissector could crash with memory exhaustion, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-openflow_v5.c by ensuring that certain length values were sufficiently large (bsc#1010735).
- CVE-2016-9375: In Wireshark the DTN dissector could go into an infinite loop, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dtn.c by checking whether SDNV evaluation was successful (bsc#1010740).
- CVE-2016-9374: In Wireshark the AllJoyn dissector could crash with a buffer over-read, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-alljoyn.c by ensuring that a length variable properly tracked the state of a signature variable (bsc#1010752).
- CVE-2016-9373: In Wireshark the DCERPC dissector could crash with a use-after-free, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dcerpc-nt.c and epan/dissectors/packet-dcerpc-spoolss.c by using the wmem file scope for private strings (bsc#1010754).
- CVE-2016-7175: epan/dissectors/packet-qnet6.c in the QNX6 QNET dissector in Wireshark mishandled MAC address data, which allowed remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet (bsc#998761).
- CVE-2016-7176: epan/dissectors/packet-h225.c in the H.225 dissector in Wireshark called snprintf with one of its input buffers as the output buffer, which allowed remote attackers to cause a denial of service (copy overlap and application crash) via a crafted packet (bsc#998762).
- CVE-2016-7177: epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark did not restrict the number of channels, which allowed remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet (bsc#998763).
- CVE-2016-7180: epan/dissectors/packet-ipmi-trace.c in the IPMI trace dissector in Wireshark did not properly consider whether a string is constant, which allowed remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet (bsc#998800).
- CVE-2016-7178: epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark did not ensure that memory is allocated for certain data structures, which allowed remote attackers to cause a denial of service (invalid write access and application crash) via a crafted packet (bsc#998964).
- CVE-2017-6014: In Wireshark a crafted or malformed STANAG 4607 capture file will cause an infinite loop and memory exhaustion. If the packet size field in a packet header is null, the offset to read from will not advance, causing continuous attempts to read the same zero length packet. This will quickly exhaust all system memory (bsc#1025913).
- CVE-2017-5596: In Wireshark the ASTERIX dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-asterix.c by changing a data type to avoid an integer overflow (bsc#1021739).
- CVE-2017-5597: In Wireshark the DHCPv6 dissector could go into a large loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dhcpv6.c by changing a data type to avoid an integer overflow (bsc#1021739).
Patchnames: sdksp4-wireshark-13089,slessp4-wireshark-13089
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.9 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.9 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.9 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.9 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.9 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.9 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.9 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.9 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.9 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.9 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for wireshark",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nWireshark was updated to version 2.0.12, which brings several new features, enhancements\nand bug fixes.\n\nThese security issues were fixed:\n\n- CVE-2017-7700: In Wireshark the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by ensuring a nonzero record size (bsc#1033936).\n- CVE-2017-7701: In Wireshark the BGP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-bgp.c by using a different integer data type (bsc#1033937).\n- CVE-2017-7702: In Wireshark the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding length validation (bsc#1033938).\n- CVE-2017-7703: In Wireshark the IMAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-imap.c by calculating a line\u0027s end correctly (bsc#1033939).\n- CVE-2017-7704: In Wireshark the DOF dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dof.c by using a different integer data type and adjusting a return value (bsc#1033940).\n- CVE-2017-7705: In Wireshark the RPC over RDMA dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-rpcrdma.c by correctly checking for going beyond the maximum offset (bsc#1033941).\n- CVE-2017-7745: In Wireshark the SIGCOMP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-sigcomp.c by correcting a memory-size check (bsc#1033942).\n- CVE-2017-7746: In Wireshark the SLSK dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-slsk.c by adding checks for the remaining length (bsc#1033943).\n- CVE-2017-7747: In Wireshark the PacketBB dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-packetbb.c by restricting additions to the protocol tree (bsc#1033944).\n- CVE-2017-7748: In Wireshark the WSP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wsp.c by adding a length check (bsc#1033945).\n- CVE-2016-7179: Stack-based buffer overflow in epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark allowed remote attackers to cause a denial of service (application crash) via a crafted packet (bsc#998963).\n- CVE-2016-9376: In Wireshark the OpenFlow dissector could crash with memory exhaustion, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-openflow_v5.c by ensuring that certain length values were sufficiently large (bsc#1010735).\n- CVE-2016-9375: In Wireshark the DTN dissector could go into an infinite loop, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dtn.c by checking whether SDNV evaluation was successful (bsc#1010740).\n- CVE-2016-9374: In Wireshark the AllJoyn dissector could crash with a buffer over-read, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-alljoyn.c by ensuring that a length variable properly tracked the state of a signature variable (bsc#1010752).\n- CVE-2016-9373: In Wireshark the DCERPC dissector could crash with a use-after-free, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dcerpc-nt.c and epan/dissectors/packet-dcerpc-spoolss.c by using the wmem file scope for private strings (bsc#1010754).\n- CVE-2016-7175: epan/dissectors/packet-qnet6.c in the QNX6 QNET dissector in Wireshark mishandled MAC address data, which allowed remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet (bsc#998761).\n- CVE-2016-7176: epan/dissectors/packet-h225.c in the H.225 dissector in Wireshark called snprintf with one of its input buffers as the output buffer, which allowed remote attackers to cause a denial of service (copy overlap and application crash) via a crafted packet (bsc#998762).\n- CVE-2016-7177: epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark did not restrict the number of channels, which allowed remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet (bsc#998763).\n- CVE-2016-7180: epan/dissectors/packet-ipmi-trace.c in the IPMI trace dissector in Wireshark did not properly consider whether a string is constant, which allowed remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet (bsc#998800).\n- CVE-2016-7178: epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark did not ensure that memory is allocated for certain data structures, which allowed remote attackers to cause a denial of service (invalid write access and application crash) via a crafted packet (bsc#998964).\n- CVE-2017-6014: In Wireshark a crafted or malformed STANAG 4607 capture file will cause an infinite loop and memory exhaustion. If the packet size field in a packet header is null, the offset to read from will not advance, causing continuous attempts to read the same zero length packet. This will quickly exhaust all system memory (bsc#1025913).\n- CVE-2017-5596: In Wireshark the ASTERIX dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-asterix.c by changing a data type to avoid an integer overflow (bsc#1021739).\n- CVE-2017-5597: In Wireshark the DHCPv6 dissector could go into a large loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dhcpv6.c by changing a data type to avoid an integer overflow (bsc#1021739).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "sdksp4-wireshark-13089,slessp4-wireshark-13089",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_1174-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:1174-1",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20171174-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:1174-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-May/002844.html"
},
{
"category": "self",
"summary": "SUSE Bug 1002981",
"url": "https://bugzilla.suse.com/1002981"
},
{
"category": "self",
"summary": "SUSE Bug 1010735",
"url": "https://bugzilla.suse.com/1010735"
},
{
"category": "self",
"summary": "SUSE Bug 1010740",
"url": "https://bugzilla.suse.com/1010740"
},
{
"category": "self",
"summary": "SUSE Bug 1010752",
"url": "https://bugzilla.suse.com/1010752"
},
{
"category": "self",
"summary": "SUSE Bug 1010754",
"url": "https://bugzilla.suse.com/1010754"
},
{
"category": "self",
"summary": "SUSE Bug 1010911",
"url": "https://bugzilla.suse.com/1010911"
},
{
"category": "self",
"summary": "SUSE Bug 1021739",
"url": "https://bugzilla.suse.com/1021739"
},
{
"category": "self",
"summary": "SUSE Bug 1025913",
"url": "https://bugzilla.suse.com/1025913"
},
{
"category": "self",
"summary": "SUSE Bug 1027998",
"url": "https://bugzilla.suse.com/1027998"
},
{
"category": "self",
"summary": "SUSE Bug 1033936",
"url": "https://bugzilla.suse.com/1033936"
},
{
"category": "self",
"summary": "SUSE Bug 1033937",
"url": "https://bugzilla.suse.com/1033937"
},
{
"category": "self",
"summary": "SUSE Bug 1033938",
"url": "https://bugzilla.suse.com/1033938"
},
{
"category": "self",
"summary": "SUSE Bug 1033939",
"url": "https://bugzilla.suse.com/1033939"
},
{
"category": "self",
"summary": "SUSE Bug 1033940",
"url": "https://bugzilla.suse.com/1033940"
},
{
"category": "self",
"summary": "SUSE Bug 1033941",
"url": "https://bugzilla.suse.com/1033941"
},
{
"category": "self",
"summary": "SUSE Bug 1033942",
"url": "https://bugzilla.suse.com/1033942"
},
{
"category": "self",
"summary": "SUSE Bug 1033943",
"url": "https://bugzilla.suse.com/1033943"
},
{
"category": "self",
"summary": "SUSE Bug 1033944",
"url": "https://bugzilla.suse.com/1033944"
},
{
"category": "self",
"summary": "SUSE Bug 1033945",
"url": "https://bugzilla.suse.com/1033945"
},
{
"category": "self",
"summary": "SUSE Bug 998761",
"url": "https://bugzilla.suse.com/998761"
},
{
"category": "self",
"summary": "SUSE Bug 998762",
"url": "https://bugzilla.suse.com/998762"
},
{
"category": "self",
"summary": "SUSE Bug 998763",
"url": "https://bugzilla.suse.com/998763"
},
{
"category": "self",
"summary": "SUSE Bug 998800",
"url": "https://bugzilla.suse.com/998800"
},
{
"category": "self",
"summary": "SUSE Bug 998963",
"url": "https://bugzilla.suse.com/998963"
},
{
"category": "self",
"summary": "SUSE Bug 998964",
"url": "https://bugzilla.suse.com/998964"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7175 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7175/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7176 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7176/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7177 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7177/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7178 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7178/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7179 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7179/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7180 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7180/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9373 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9373/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9374 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9374/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9375 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9375/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9376 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9376/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5596 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5596/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5597 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5597/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-6014 page",
"url": "https://www.suse.com/security/cve/CVE-2017-6014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7700 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7700/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7701 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7702 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7703 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7704 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7705 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7705/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7745 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7745/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7746 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7746/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7747 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7747/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7748 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7748/"
}
],
"title": "Security update for wireshark",
"tracking": {
"current_release_date": "2017-05-04T10:03:13Z",
"generator": {
"date": "2017-05-04T10:03:13Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:1174-1",
"initial_release_date": "2017-05-04T10:03:13Z",
"revision_history": [
{
"date": "2017-05-04T10:03:13Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "wireshark-2.0.12-36.1.i586",
"product": {
"name": "wireshark-2.0.12-36.1.i586",
"product_id": "wireshark-2.0.12-36.1.i586"
}
},
{
"category": "product_version",
"name": "wireshark-devel-2.0.12-36.1.i586",
"product": {
"name": "wireshark-devel-2.0.12-36.1.i586",
"product_id": "wireshark-devel-2.0.12-36.1.i586"
}
},
{
"category": "product_version",
"name": "wireshark-gtk-2.0.12-36.1.i586",
"product": {
"name": "wireshark-gtk-2.0.12-36.1.i586",
"product_id": "wireshark-gtk-2.0.12-36.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "wireshark-devel-2.0.12-36.1.ia64",
"product": {
"name": "wireshark-devel-2.0.12-36.1.ia64",
"product_id": "wireshark-devel-2.0.12-36.1.ia64"
}
},
{
"category": "product_version",
"name": "wireshark-2.0.12-36.1.ia64",
"product": {
"name": "wireshark-2.0.12-36.1.ia64",
"product_id": "wireshark-2.0.12-36.1.ia64"
}
},
{
"category": "product_version",
"name": "wireshark-gtk-2.0.12-36.1.ia64",
"product": {
"name": "wireshark-gtk-2.0.12-36.1.ia64",
"product_id": "wireshark-gtk-2.0.12-36.1.ia64"
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "wireshark-devel-2.0.12-36.1.ppc64",
"product": {
"name": "wireshark-devel-2.0.12-36.1.ppc64",
"product_id": "wireshark-devel-2.0.12-36.1.ppc64"
}
},
{
"category": "product_version",
"name": "wireshark-2.0.12-36.1.ppc64",
"product": {
"name": "wireshark-2.0.12-36.1.ppc64",
"product_id": "wireshark-2.0.12-36.1.ppc64"
}
},
{
"category": "product_version",
"name": "wireshark-gtk-2.0.12-36.1.ppc64",
"product": {
"name": "wireshark-gtk-2.0.12-36.1.ppc64",
"product_id": "wireshark-gtk-2.0.12-36.1.ppc64"
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "wireshark-devel-2.0.12-36.1.s390x",
"product": {
"name": "wireshark-devel-2.0.12-36.1.s390x",
"product_id": "wireshark-devel-2.0.12-36.1.s390x"
}
},
{
"category": "product_version",
"name": "wireshark-2.0.12-36.1.s390x",
"product": {
"name": "wireshark-2.0.12-36.1.s390x",
"product_id": "wireshark-2.0.12-36.1.s390x"
}
},
{
"category": "product_version",
"name": "wireshark-gtk-2.0.12-36.1.s390x",
"product": {
"name": "wireshark-gtk-2.0.12-36.1.s390x",
"product_id": "wireshark-gtk-2.0.12-36.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "wireshark-2.0.12-36.1.x86_64",
"product": {
"name": "wireshark-2.0.12-36.1.x86_64",
"product_id": "wireshark-2.0.12-36.1.x86_64"
}
},
{
"category": "product_version",
"name": "wireshark-devel-2.0.12-36.1.x86_64",
"product": {
"name": "wireshark-devel-2.0.12-36.1.x86_64",
"product_id": "wireshark-devel-2.0.12-36.1.x86_64"
}
},
{
"category": "product_version",
"name": "wireshark-gtk-2.0.12-36.1.x86_64",
"product": {
"name": "wireshark-gtk-2.0.12-36.1.x86_64",
"product_id": "wireshark-gtk-2.0.12-36.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/a:suse:sle-sdk:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:11:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-2.0.12-36.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586"
},
"product_reference": "wireshark-2.0.12-36.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-2.0.12-36.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64"
},
"product_reference": "wireshark-2.0.12-36.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-devel-2.0.12-36.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586"
},
"product_reference": "wireshark-devel-2.0.12-36.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-devel-2.0.12-36.1.ia64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64"
},
"product_reference": "wireshark-devel-2.0.12-36.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-devel-2.0.12-36.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64"
},
"product_reference": "wireshark-devel-2.0.12-36.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-devel-2.0.12-36.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x"
},
"product_reference": "wireshark-devel-2.0.12-36.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-devel-2.0.12-36.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64"
},
"product_reference": "wireshark-devel-2.0.12-36.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-gtk-2.0.12-36.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586"
},
"product_reference": "wireshark-gtk-2.0.12-36.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-gtk-2.0.12-36.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
},
"product_reference": "wireshark-gtk-2.0.12-36.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-2.0.12-36.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586"
},
"product_reference": "wireshark-2.0.12-36.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-2.0.12-36.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64"
},
"product_reference": "wireshark-2.0.12-36.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-2.0.12-36.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64"
},
"product_reference": "wireshark-2.0.12-36.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-2.0.12-36.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x"
},
"product_reference": "wireshark-2.0.12-36.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-2.0.12-36.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64"
},
"product_reference": "wireshark-2.0.12-36.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-gtk-2.0.12-36.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586"
},
"product_reference": "wireshark-gtk-2.0.12-36.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-gtk-2.0.12-36.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64"
},
"product_reference": "wireshark-gtk-2.0.12-36.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-gtk-2.0.12-36.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64"
},
"product_reference": "wireshark-gtk-2.0.12-36.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-gtk-2.0.12-36.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x"
},
"product_reference": "wireshark-gtk-2.0.12-36.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-gtk-2.0.12-36.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
},
"product_reference": "wireshark-gtk-2.0.12-36.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-2.0.12-36.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586"
},
"product_reference": "wireshark-2.0.12-36.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-2.0.12-36.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64"
},
"product_reference": "wireshark-2.0.12-36.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-2.0.12-36.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64"
},
"product_reference": "wireshark-2.0.12-36.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-2.0.12-36.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x"
},
"product_reference": "wireshark-2.0.12-36.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-2.0.12-36.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64"
},
"product_reference": "wireshark-2.0.12-36.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-gtk-2.0.12-36.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586"
},
"product_reference": "wireshark-gtk-2.0.12-36.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-gtk-2.0.12-36.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64"
},
"product_reference": "wireshark-gtk-2.0.12-36.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-gtk-2.0.12-36.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64"
},
"product_reference": "wireshark-gtk-2.0.12-36.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-gtk-2.0.12-36.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x"
},
"product_reference": "wireshark-gtk-2.0.12-36.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-gtk-2.0.12-36.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
},
"product_reference": "wireshark-gtk-2.0.12-36.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-7175",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7175"
}
],
"notes": [
{
"category": "general",
"text": "epan/dissectors/packet-qnet6.c in the QNX6 QNET dissector in Wireshark 2.x before 2.0.6 mishandles MAC address data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7175",
"url": "https://www.suse.com/security/cve/CVE-2016-7175"
},
{
"category": "external",
"summary": "SUSE Bug 998099 for CVE-2016-7175",
"url": "https://bugzilla.suse.com/998099"
},
{
"category": "external",
"summary": "SUSE Bug 998761 for CVE-2016-7175",
"url": "https://bugzilla.suse.com/998761"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-04T10:03:13Z",
"details": "moderate"
}
],
"title": "CVE-2016-7175"
},
{
"cve": "CVE-2016-7176",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7176"
}
],
"notes": [
{
"category": "general",
"text": "epan/dissectors/packet-h225.c in the H.225 dissector in Wireshark 2.x before 2.0.6 calls snprintf with one of its input buffers as the output buffer, which allows remote attackers to cause a denial of service (copy overlap and application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7176",
"url": "https://www.suse.com/security/cve/CVE-2016-7176"
},
{
"category": "external",
"summary": "SUSE Bug 998099 for CVE-2016-7176",
"url": "https://bugzilla.suse.com/998099"
},
{
"category": "external",
"summary": "SUSE Bug 998762 for CVE-2016-7176",
"url": "https://bugzilla.suse.com/998762"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-04T10:03:13Z",
"details": "moderate"
}
],
"title": "CVE-2016-7176"
},
{
"cve": "CVE-2016-7177",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7177"
}
],
"notes": [
{
"category": "general",
"text": "epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark 2.x before 2.0.6 does not restrict the number of channels, which allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7177",
"url": "https://www.suse.com/security/cve/CVE-2016-7177"
},
{
"category": "external",
"summary": "SUSE Bug 998099 for CVE-2016-7177",
"url": "https://bugzilla.suse.com/998099"
},
{
"category": "external",
"summary": "SUSE Bug 998763 for CVE-2016-7177",
"url": "https://bugzilla.suse.com/998763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-04T10:03:13Z",
"details": "moderate"
}
],
"title": "CVE-2016-7177"
},
{
"cve": "CVE-2016-7178",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7178"
}
],
"notes": [
{
"category": "general",
"text": "epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 2.x before 2.0.6 does not ensure that memory is allocated for certain data structures, which allows remote attackers to cause a denial of service (invalid write access and application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7178",
"url": "https://www.suse.com/security/cve/CVE-2016-7178"
},
{
"category": "external",
"summary": "SUSE Bug 998099 for CVE-2016-7178",
"url": "https://bugzilla.suse.com/998099"
},
{
"category": "external",
"summary": "SUSE Bug 998964 for CVE-2016-7178",
"url": "https://bugzilla.suse.com/998964"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-04T10:03:13Z",
"details": "moderate"
}
],
"title": "CVE-2016-7178"
},
{
"cve": "CVE-2016-7179",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7179"
}
],
"notes": [
{
"category": "general",
"text": "Stack-based buffer overflow in epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark 2.x before 2.0.6 allows remote attackers to cause a denial of service (application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7179",
"url": "https://www.suse.com/security/cve/CVE-2016-7179"
},
{
"category": "external",
"summary": "SUSE Bug 998099 for CVE-2016-7179",
"url": "https://bugzilla.suse.com/998099"
},
{
"category": "external",
"summary": "SUSE Bug 998963 for CVE-2016-7179",
"url": "https://bugzilla.suse.com/998963"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-04T10:03:13Z",
"details": "moderate"
}
],
"title": "CVE-2016-7179"
},
{
"cve": "CVE-2016-7180",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7180"
}
],
"notes": [
{
"category": "general",
"text": "epan/dissectors/packet-ipmi-trace.c in the IPMI trace dissector in Wireshark 2.x before 2.0.6 does not properly consider whether a string is constant, which allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7180",
"url": "https://www.suse.com/security/cve/CVE-2016-7180"
},
{
"category": "external",
"summary": "SUSE Bug 998099 for CVE-2016-7180",
"url": "https://bugzilla.suse.com/998099"
},
{
"category": "external",
"summary": "SUSE Bug 998800 for CVE-2016-7180",
"url": "https://bugzilla.suse.com/998800"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-04T10:03:13Z",
"details": "moderate"
}
],
"title": "CVE-2016-7180"
},
{
"cve": "CVE-2016-9373",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9373"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DCERPC dissector could crash with a use-after-free, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dcerpc-nt.c and epan/dissectors/packet-dcerpc-spoolss.c by using the wmem file scope for private strings.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9373",
"url": "https://www.suse.com/security/cve/CVE-2016-9373"
},
{
"category": "external",
"summary": "SUSE Bug 1010754 for CVE-2016-9373",
"url": "https://bugzilla.suse.com/1010754"
},
{
"category": "external",
"summary": "SUSE Bug 1010911 for CVE-2016-9373",
"url": "https://bugzilla.suse.com/1010911"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-04T10:03:13Z",
"details": "moderate"
}
],
"title": "CVE-2016-9373"
},
{
"cve": "CVE-2016-9374",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9374"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the AllJoyn dissector could crash with a buffer over-read, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-alljoyn.c by ensuring that a length variable properly tracked the state of a signature variable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9374",
"url": "https://www.suse.com/security/cve/CVE-2016-9374"
},
{
"category": "external",
"summary": "SUSE Bug 1010752 for CVE-2016-9374",
"url": "https://bugzilla.suse.com/1010752"
},
{
"category": "external",
"summary": "SUSE Bug 1010911 for CVE-2016-9374",
"url": "https://bugzilla.suse.com/1010911"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-04T10:03:13Z",
"details": "moderate"
}
],
"title": "CVE-2016-9374"
},
{
"cve": "CVE-2016-9375",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9375"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DTN dissector could go into an infinite loop, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dtn.c by checking whether SDNV evaluation was successful.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9375",
"url": "https://www.suse.com/security/cve/CVE-2016-9375"
},
{
"category": "external",
"summary": "SUSE Bug 1010740 for CVE-2016-9375",
"url": "https://bugzilla.suse.com/1010740"
},
{
"category": "external",
"summary": "SUSE Bug 1010911 for CVE-2016-9375",
"url": "https://bugzilla.suse.com/1010911"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-04T10:03:13Z",
"details": "moderate"
}
],
"title": "CVE-2016-9375"
},
{
"cve": "CVE-2016-9376",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9376"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the OpenFlow dissector could crash with memory exhaustion, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-openflow_v5.c by ensuring that certain length values were sufficiently large.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9376",
"url": "https://www.suse.com/security/cve/CVE-2016-9376"
},
{
"category": "external",
"summary": "SUSE Bug 1010735 for CVE-2016-9376",
"url": "https://bugzilla.suse.com/1010735"
},
{
"category": "external",
"summary": "SUSE Bug 1010911 for CVE-2016-9376",
"url": "https://bugzilla.suse.com/1010911"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-04T10:03:13Z",
"details": "moderate"
}
],
"title": "CVE-2016-9376"
},
{
"cve": "CVE-2017-5596",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5596"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the ASTERIX dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-asterix.c by changing a data type to avoid an integer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5596",
"url": "https://www.suse.com/security/cve/CVE-2017-5596"
},
{
"category": "external",
"summary": "SUSE Bug 1021739 for CVE-2017-5596",
"url": "https://bugzilla.suse.com/1021739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-04T10:03:13Z",
"details": "low"
}
],
"title": "CVE-2017-5596"
},
{
"cve": "CVE-2017-5597",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5597"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the DHCPv6 dissector could go into a large loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dhcpv6.c by changing a data type to avoid an integer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5597",
"url": "https://www.suse.com/security/cve/CVE-2017-5597"
},
{
"category": "external",
"summary": "SUSE Bug 1021739 for CVE-2017-5597",
"url": "https://bugzilla.suse.com/1021739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-04T10:03:13Z",
"details": "low"
}
],
"title": "CVE-2017-5597"
},
{
"cve": "CVE-2017-6014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-6014"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.2.4 and earlier, a crafted or malformed STANAG 4607 capture file will cause an infinite loop and memory exhaustion. If the packet size field in a packet header is null, the offset to read from will not advance, causing continuous attempts to read the same zero length packet. This will quickly exhaust all system memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-6014",
"url": "https://www.suse.com/security/cve/CVE-2017-6014"
},
{
"category": "external",
"summary": "SUSE Bug 1025913 for CVE-2017-6014",
"url": "https://bugzilla.suse.com/1025913"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-04T10:03:13Z",
"details": "moderate"
}
],
"title": "CVE-2017-6014"
},
{
"cve": "CVE-2017-7700",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7700"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by ensuring a nonzero record size.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7700",
"url": "https://www.suse.com/security/cve/CVE-2017-7700"
},
{
"category": "external",
"summary": "SUSE Bug 1033936 for CVE-2017-7700",
"url": "https://bugzilla.suse.com/1033936"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-04T10:03:13Z",
"details": "important"
}
],
"title": "CVE-2017-7700"
},
{
"cve": "CVE-2017-7701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7701"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the BGP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-bgp.c by using a different integer data type.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7701",
"url": "https://www.suse.com/security/cve/CVE-2017-7701"
},
{
"category": "external",
"summary": "SUSE Bug 1033937 for CVE-2017-7701",
"url": "https://bugzilla.suse.com/1033937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-04T10:03:13Z",
"details": "important"
}
],
"title": "CVE-2017-7701"
},
{
"cve": "CVE-2017-7702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7702"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding length validation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7702",
"url": "https://www.suse.com/security/cve/CVE-2017-7702"
},
{
"category": "external",
"summary": "SUSE Bug 1033938 for CVE-2017-7702",
"url": "https://bugzilla.suse.com/1033938"
},
{
"category": "external",
"summary": "SUSE Bug 1049255 for CVE-2017-7702",
"url": "https://bugzilla.suse.com/1049255"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-04T10:03:13Z",
"details": "important"
}
],
"title": "CVE-2017-7702"
},
{
"cve": "CVE-2017-7703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7703"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the IMAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-imap.c by calculating a line\u0027s end correctly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7703",
"url": "https://www.suse.com/security/cve/CVE-2017-7703"
},
{
"category": "external",
"summary": "SUSE Bug 1033939 for CVE-2017-7703",
"url": "https://bugzilla.suse.com/1033939"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-04T10:03:13Z",
"details": "important"
}
],
"title": "CVE-2017-7703"
},
{
"cve": "CVE-2017-7704",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7704"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.2.0 to 2.2.5, the DOF dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dof.c by using a different integer data type and adjusting a return value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7704",
"url": "https://www.suse.com/security/cve/CVE-2017-7704"
},
{
"category": "external",
"summary": "SUSE Bug 1033940 for CVE-2017-7704",
"url": "https://bugzilla.suse.com/1033940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-04T10:03:13Z",
"details": "important"
}
],
"title": "CVE-2017-7704"
},
{
"cve": "CVE-2017-7705",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7705"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the RPC over RDMA dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-rpcrdma.c by correctly checking for going beyond the maximum offset.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7705",
"url": "https://www.suse.com/security/cve/CVE-2017-7705"
},
{
"category": "external",
"summary": "SUSE Bug 1033941 for CVE-2017-7705",
"url": "https://bugzilla.suse.com/1033941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-04T10:03:13Z",
"details": "important"
}
],
"title": "CVE-2017-7705"
},
{
"cve": "CVE-2017-7745",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7745"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SIGCOMP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-sigcomp.c by correcting a memory-size check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7745",
"url": "https://www.suse.com/security/cve/CVE-2017-7745"
},
{
"category": "external",
"summary": "SUSE Bug 1033942 for CVE-2017-7745",
"url": "https://bugzilla.suse.com/1033942"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-04T10:03:13Z",
"details": "important"
}
],
"title": "CVE-2017-7745"
},
{
"cve": "CVE-2017-7746",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7746"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SLSK dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-slsk.c by adding checks for the remaining length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7746",
"url": "https://www.suse.com/security/cve/CVE-2017-7746"
},
{
"category": "external",
"summary": "SUSE Bug 1033943 for CVE-2017-7746",
"url": "https://bugzilla.suse.com/1033943"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-04T10:03:13Z",
"details": "important"
}
],
"title": "CVE-2017-7746"
},
{
"cve": "CVE-2017-7747",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7747"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the PacketBB dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-packetbb.c by restricting additions to the protocol tree.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7747",
"url": "https://www.suse.com/security/cve/CVE-2017-7747"
},
{
"category": "external",
"summary": "SUSE Bug 1033944 for CVE-2017-7747",
"url": "https://bugzilla.suse.com/1033944"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-04T10:03:13Z",
"details": "important"
}
],
"title": "CVE-2017-7747"
},
{
"cve": "CVE-2017-7748",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7748"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WSP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wsp.c by adding a length check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7748",
"url": "https://www.suse.com/security/cve/CVE-2017-7748"
},
{
"category": "external",
"summary": "SUSE Bug 1033945 for CVE-2017-7748",
"url": "https://bugzilla.suse.com/1033945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-2.0.12-36.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-gtk-2.0.12-36.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-04T10:03:13Z",
"details": "important"
}
],
"title": "CVE-2017-7748"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…