Magnus Stubman

**Name of the Vulnerable Software and Affected Versions** NTP versions through 4.2.8p12 **Description** The issue is related to a NULL pointer dereference in the ntpd daemon implementation of the NTP protocol. This could allow a remote attacker to cause a denial of service. By sending specially crafted mode 6 packets, an attacker could exploit this vulnerability to cause the ntpd daemon to crash. **Recommendations** For NTP versions through 4.2.8p12, consider restricting access to mode 6 packets to minimize the risk of exploitation until a patch is available. As a temporary workaround, monitor the ntpd daemon for SIGSEGV signals and restart the service if necessary to maintain availability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 2.2.0 through 2.2.12 Wireshark versions 2.4.0 through 2.4.4 **Description** The issue is related to the pcapng file parser, which could crash due to a lack of block-size check for sysdig event blocks. This could potentially allow an attacker to cause a denial of service by using a malformed packet trace file. **Recommendations** For Wireshark versions 2.2.0 through 2.2.12, update to a version that includes the fix in wiretap/pcapng.c. For Wireshark versions 2.4.0 through 2.4.4, update to a version that includes the fix in wiretap/pcapng.c. As a temporary workaround, consider avoiding the use of pcapng files from untrusted sources until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 1.12.x through 1.12.6 **Description** The issue is related to the `dissect zbee secure` function in the ZigBee dissector, which improperly relies on length fields contained in packet data. This allows remote attackers to cause a denial of service, resulting in an application crash, via a crafted packet. No information is provided about the estimated number of potentially affected devices or real-world incidents where this issue was exploited. **Recommendations** For Wireshark versions 1.12.x through 1.12.6, update to version 1.12.7 or later to resolve the issue. As a temporary workaround, consider disabling the `dissect zbee secure` function in the ZigBee dissector to minimize the risk of exploitation.