Download
| Alert*
oval:org.mitre.oval:def:11888
Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors. oval:org.mitre.oval:def:7331 The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0 through 1.2.7 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed packet trace file. oval:org.mitre.oval:def:11488 The SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors. oval:org.secpod.oval:def:202012 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A format string flaw was found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running ... oval:org.mitre.oval:def:11836 Buffer overflow in the SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors. oval:org.mitre.oval:def:5625 Unspecified vulnerability in the AFS dissector in Wireshark 0.9.2 through 1.2.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. oval:org.mitre.oval:def:5748 Unspecified vulnerability in Wireshark 0.99.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file. oval:org.mitre.oval:def:11792 The SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.7 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. oval:org.secpod.oval:def:202056 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A format string flaw was found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running ... oval:org.mitre.oval:def:5979 Integer overflow in wiretap/erf.c in Wireshark before 1.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted erf file, related to an "unsigned integer wrap vulnerability." oval:org.mitre.oval:def:5335 The Check Point High-Availability Protocol (CPHAP) dissector in Wireshark 0.9.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FWHA_MY_STATE packet. oval:org.mitre.oval:def:5976 Format string vulnerability in the PROFINET/DCP (PN-DCP) dissector in Wireshark 1.0.6 and earlier allows remote attackers to execute arbitrary code via a PN-DCP packet with format string specifiers in the station name. NOTE: some of these details are obtained from third party information. oval:org.mitre.oval:def:6099 Unspecified vulnerability in the LDAP dissector in Wireshark 0.99.2 through 1.0.6, when running on Windows, allows remote attackers to cause a denial of service (crash) via unknown attack vectors. oval:org.mitre.oval:def:11498 Untrusted search path vulnerability in Wireshark 0.8.4 through 1.0.15 and 1.2.0 through 1.2.10 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse airpcap.dll, and possibly other DLLs, that is located in the same folder as ... oval:org.secpod.oval:def:40766 The host is installed with Wireshark 0.99.6 through 0.99.7 and is prone to a denial of service vulnerability. A flaw is present in the SNMP dissector, which fails to properly handle a malformed packet. Successful exploitation allows attackers to cause a denial of service (crash). oval:org.secpod.oval:def:40767 The host is installed with Wireshark 0.99.5 through 0.99.8 and is prone to a denial of service vulnerability. A flaw is present in the X.509sat and Roofnet dissector, which fails to properly handle a malformed packet. Successful exploitation allows attackers to cause a denial of service (application ... oval:org.secpod.oval:def:40765 The host is installed with Wireshark 0.99.5 through 0.99.7 and is prone to a denial of service vulnerability. A flaw is present in the SCTP dissector, which fails to properly handle a malformed packet. Successful exploitation allows attackers to cause a denial of service (crash). oval:org.secpod.oval:def:40768 The host is installed with Wireshark 0.99.2 through 0.99.8 and is prone to a denial of service vulnerability. A flaw is present in the LDAP dissector, which fails to properly handle a malformed packet. Successful exploitation allows attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:40769 The host is installed with Wireshark 0.99.6 through 0.99.8 and is prone to a denial of service vulnerability. A flaw is present in the SCCP dissector, which fails to properly handle a malformed packet. Successful exploitation allows attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:40770 The host is installed with Wireshark 0.99.2 through 1.0.0 and is prone to a denial of service vulnerability. A flaw is present in the GSM SMS dissector, which fails to properly handle unknown vectors. Successful exploitation allows attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:40771 The host is installed with Wireshark 0.99.3 through 1.0.0 and is prone to a denial of service vulnerability. A flaw is present in the PANA and KISMET dissectors, which fails to properly handle unknown vectors. Successful exploitation allows attackers to cause a denial of service (application stop). oval:org.secpod.oval:def:17141 The host is installed with Wireshark 0.99.2 through 0.99.8 and is prone to denial of service vulnerability. A flaw is present in the LDAP dissector, which fails to handle malformed packet. Successful exploitation allows remote attackers to cause a denial of service. oval:org.secpod.oval:def:17140 The host is installed with Wireshark 0.99.6 through 0.99.8 and is prone to denial of service vulnerability. A flaw is present in the "decode as" feature in packet-bssap.c in the SCCP dissector, which fails to handle malformed packet. Successful exploitation allows remote attackers to cause a denial ... oval:org.secpod.oval:def:17144 The host is installed with Wireshark 0.99.5 through 0.99.7 and is prone to denial of service vulnerability. A flaw is present in the SCTP dissector, which fails to handle malformed packet. Successful exploitation allows remote attackers to cause a denial of service. oval:org.secpod.oval:def:17143 The host is installed with Wireshark 0.99.6 through 0.99.7 and is prone to denial of service vulnerability. A flaw is present in the SNMP dissector, which fails to handle malformed packet. Successful exploitation allows remote attackers to cause a denial of service. oval:org.secpod.oval:def:17142 The host is installed with Wireshark 0.99.5 through 0.99.8 and is prone to multiple unspecified vulnerabilities. The flaws are present in the X.509sat or Roofnet dissectors, which fails to handle malformed packet. Successful exploitation allows remote attackers to cause a denial of service. oval:org.secpod.oval:def:17138 The host is installed with Wireshark 0.99.3 through 1.0.0 and is prone to denial of service vulnerability. A flaw is present in the PANA and KISMET dissectors, which fails to handle malformed packet via unknown vectors. Successful exploitation allows remote attackers to cause a denial of service. oval:org.secpod.oval:def:17139 The host is installed with Wireshark 0.99.2 through 1.0.0 and is prone to denial of service vulnerability. A flaw is present in the GSM SMS dissector, which fails to handle malformed packet via unknown vectors. Successful exploitation allows remote attackers to cause a denial of service. oval:org.secpod.oval:def:40800 The host is installed with Wireshark 0.9.2 through 1.2.0 and is prone to an unspecified vulnerability. A flaw is present in the AFS dissector, which fails to properly handle unspecified vectors. Successful exploitation allows remote attackers to cause a denial of service (crash). oval:org.secpod.oval:def:500672 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Multiple buffer overflow flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malformed dump file, it could crash or, possibly, execute arbitrary code as the us ... oval:org.secpod.oval:def:40809 The host is installed with Wireshark 0.9.0 through 1.2.4 and is prone to a denial of service vulnerability. A flaw is present in the SMB and SMB2 dissectors, which fails to properly handle a crafted packet that triggers a NULL pointer dereference. Successful exploitation allows remote attackers to c ... oval:org.secpod.oval:def:201747 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Multiple buffer overflow flaws were found in the Wireshark SigComp Universal Decompressor Virtual Machine dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, ... oval:org.secpod.oval:def:40774 The host is installed with Wireshark 0.9.5 through 1.0.0 and is prone to an unspecified vulnerability. A flaw is present in the RMI dissector, which fails to properly handle unspecified vectors. Successful exploitation allows remote attackers to read system memory. oval:org.secpod.oval:def:40772 The host is installed with Wireshark 0.99.8 through 1.0.0 and is prone to a denial of service vulnerability. A flaw is present in the RTMPT dissector, which fails to properly handle unknown vectors. Successful exploitation allows attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:17119 The host is installed with Wireshark 0.9.0 through 1.2.4 and is prone to NULL pointer dereference vulnerability. A flaw is present in the application SMB and SMB2 dissectors, which fails to handle a crafted packet that triggers a NULL pointer dereference, as demonstrated by fuzz-2009-12-07-11141.pca ... oval:org.secpod.oval:def:40778 The host is installed with Wireshark 0.10.14 through 1.0.2 and is prone to a denial of service vulnerability. A flaw is present in the tvb_uncompress function, which fails to properly handle a packet with crafted zlib-compressed data that triggers an invalid read. Successful exploitation allows remo ... oval:org.secpod.oval:def:40775 The host is installed with Wireshark 0.8.19 through 1.0.1 and is prone to a denial of service vulnerability. A flaw is present in the fragment_add_work function, which fails to properly handle series of fragmented packets with non-sequential fragmentation offset values. Successful exploitation allow ... oval:org.secpod.oval:def:40776 The host is installed with Wireshark 0.9.7 through 1.0.2 and is prone to an arbitrary code execution vulnerability. A flaw is present in the packet_ncp2222.inc function, which fails to properly handle crafted NCP packet. Successful exploitation allows remote attackers to cause a denial of service (a ... oval:org.secpod.oval:def:40814 The host is installed with Wireshark 0.10.13 through 1.0.13 or 1.2.0 through 1.2.8 and is prone to a buffer overflow vulnerability. A flaw is present in the ASN.1 BER dissectors, which fails to properly handle a unknown vectors. Successful exploitation allows remote attackers to cause unknown impact ... oval:org.secpod.oval:def:40815 The host is installed with Wireshark 0.8.20 through 1.0.13 or 1.2.0 through 1.2.8 and is prone to a denial of service vulnerability. A flaw is present in the SMB PIPE dissectors, which fails to properly handle a unknown vectors. Successful exploitation allows remote attackers to cause denial of serv ... oval:org.secpod.oval:def:40812 The host is installed with Wireshark 0.9.6 through 1.0.12 or 1.2.0 through 1.2.7 and is prone to a denial of service vulnerability. A flaw is present in the DOCSIS dissectors, which fails to properly handle a malformed packet. Successful exploitation allows remote attackers to cause a denial of serv ... oval:org.secpod.oval:def:40816 The host is installed with Wireshark 0.10.7 through 1.0.13 or 1.2.0 through 1.2.8 and is prone to a denial of service vulnerability. A flaw is present in the SigComp Universal Decompressor Virtual Machine dissector, which fails to properly handle a unknown vectors. Successful exploitation allows rem ... oval:org.secpod.oval:def:40817 The host is installed with Wireshark 0.10.8 through 1.0.13 or 1.2.0 through 1.2.8 and is prone to a buffer overflow vulnerability. A flaw is present in the SigComp Universal Decompressor Virtual Machine dissector, which fails to properly handle a unknown vectors. Successful exploitation allows remot ... oval:org.secpod.oval:def:40781 The host is installed with Wireshark 0.99.7 through 1.0.3 and is prone to an unspecified vulnerability. A flaw is present in the RFCOMM dissector, which fails to properly handle unknown packets. Successful exploitation allows remote attackers to cause a denial of service (application crash or abort) ... oval:org.secpod.oval:def:40784 The host is installed with Wireshark 0.99.2 through 1.0.3 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle exceptions thrown by post dissectors. Successful exploitation allows remote attackers to cause a denial of service (applic ... oval:org.secpod.oval:def:40785 The host is installed with Wireshark 0.10.3 through 1.0.3 and is prone to an use-after-free vulnerability. A flaw is present in the Q.931 dissector, which fails to properly handle certain packets that trigger an exception. Successful exploitation allows remote attackers to cause a denial of service ... oval:org.secpod.oval:def:201718 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Multiple buffer overflow flaws were found in the Wireshark SigComp Universal Decompressor Virtual Machine dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, ... oval:org.secpod.oval:def:40783 The host is installed with Wireshark 0.99.2 through 1.0.3 and is prone to a denial of service vulnerability. A flaw is present in the Bluetooth ACL dissector, which fails to properly handle a packet with an invalid length. Successful exploitation allows remote attackers to cause a denial of service ... oval:org.secpod.oval:def:40786 The host is installed with Wireshark through 1.0.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a long SMTP request, which triggers an infinite loop. Successful exploitation allows remote attackers to cause a denial of servic ... oval:org.secpod.oval:def:40791 The host is installed with Wireshark through 1.0.6 and is prone to a format string vulnerability. A flaw is present in the application, which fails to properly handle a PN-DCP packet with format string specifiers. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:40792 The host is installed with Wireshark through 1.0.7 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows remote attackers to have unknown impact and attack vectors. oval:org.secpod.oval:def:40795 The host is installed with Wireshark 0.99.6 through 1.0.6 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle a crafted Tektronix .rf5 file. Successful exploitation allows remote attackers to cause a denial of service (crash). oval:org.secpod.oval:def:40796 The host is installed with Wireshark 0.8.20 through 1.0.7 and is prone to an unspecified vulnerability. A flaw is present in the PCNFSD dissector, which fails to properly handle via crafted PCNFSD packets. Successful exploitation allows remote attackers to cause a denial of service (crash). oval:org.secpod.oval:def:40793 The host is installed with Wireshark 0.99.2 through 1.0.6 and is prone to an unspecified vulnerability. A flaw is present in the LDAP dissector, which fails to properly handle unknown attack vectors. Successful exploitation allows remote attackers to cause a denial of service (crash). oval:org.secpod.oval:def:40794 The host is installed with Wireshark 0.9.6 through 1.0.6 and is prone to a denial of service vulnerability. A flaw is present in the CPHAP dissector, which fails to properly handle a crafted FWHA_MY_STATE packet. Successful exploitation allows remote attackers to cause a denial of service (crash). oval:org.secpod.oval:def:17127 The host is installed with Wireshark 0.99.2 through 1.0.3 and is prone to denial of service vulnerability. A flaw is present in the dissect_btacl function in packet-bthci_acl.c in the Bluetooth ACL dissector, which fails to handle packet with an invalid length, related to an erroneous tvb_memcpy cal ... oval:org.secpod.oval:def:17126 The host is installed with Wireshark 0.99.2 through 1.0.3 and is prone to denial of service vulnerability. A flaw is present in the packet-frame, which fails to handle exceptions thrown by post dissectors, via a certain series of packets, as demonstrated by enabling the (1) PRP or (2) MATE post diss ... oval:org.secpod.oval:def:17125 The host is installed with Wireshark 0.10.3 through 1.0.3 and is prone to use-after-free vulnerability. A flaw is present in the dissect_q931_cause_ie function in packet-q931.c in the Q.931 dissector, which fails to properly handle certain packets that trigger an exception. Successful exploitation a ... oval:org.secpod.oval:def:17124 The host is installed with Wireshark 1.0.4 and earlier and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle long SMTP request, which triggers an infinite loop. Successful exploitation allows attackers to cause a denial of service. oval:org.secpod.oval:def:17129 The host is installed with Wireshark 0.99.7 through 1.0.3 and is prone to unspecified vulnerability. A flaw is present in the packet-usb.c in the Bluetooth RFCOMM dissector, which fails to handle unknown packets. Successful exploitation allows attackers to cause a denial of service (application cras ... oval:org.secpod.oval:def:17121 The host is installed with Wireshark 0.8.20 through 1.0.7 and is prone to unspecified vulnerability. A flaw is present in the PCNFSD dissector, which fails to handle crafted PCNFSD packets. Successful exploitation allows attackers to cause a denial of service (crash). oval:org.secpod.oval:def:500536 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A format string flaw was found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running ... oval:org.secpod.oval:def:17137 The host is installed with Wireshark 0.99.8 through 1.0.0 and is prone to denial of service vulnerability. A flaw is present in the RTMPT dissector, which fails to handle malformed packet via unknown vectors. Successful exploitation allows remote attackers to cause a denial of service. oval:org.secpod.oval:def:17135 The host is installed with Wireshark 0.9.5 through 1.0.0 and is prone to unspecified vulnerability. A flaw is present in the RMI dissector, which fails to properly handle unspecified vectors. Successful exploitation allows remote attackers to obtain potentially sensitive information to disclose syst ... oval:org.secpod.oval:def:17134 The host is installed with Wireshark 0.8.19 through 1.0.1 and is prone to denial of service vulnerability. A flaw is present in the fragment_add_work function in epan/reassemble.c, which fails to handle a series of fragmented packets with non-sequential fragmentation offset values. Successful exploi ... oval:org.secpod.oval:def:17133 The host is installed with Wireshark 0.9.7 through 1.0.2 and is prone to multiple buffer overflows vulnerabilities. The flaws are present in the in the packet_ncp2222.inc, which fails to handle a crafted NCP packet that causes an invalid pointer to be used. Successful exploitation allows attackers t ... oval:org.secpod.oval:def:17131 The host is installed with Wireshark 0.10.14 through 1.0.2 and is prone to denial of service vulnerability. A flaw is present in the tvb_uncompress function, which fails to handle a crafted packet with crafted zlib-compressed data that triggers an invalid read in the tvb_uncompress function. Success ... oval:org.secpod.oval:def:500306 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Multiple buffer overflow flaws were found in the Wireshark SigComp Universal Decompressor Virtual Machine dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, ... oval:org.secpod.oval:def:40826 The host is installed wireshark with before 1.2 and is prone to a heap-based buffer overflow vulnerability. A flaw is present application, which fails to properly handle a crafted capture file. Successful exploitation allows remote attackers to cause a denial of service (application crash) or possib ... oval:org.secpod.oval:def:558 The host is installed with Wireshark and is prone to heap based buffer overflow vulnerability. A flaw is present in wiretap/pcapng.c, which fails to safely read malformed packets. Successful exploitation could allow remote attackers to execute arbitrary code, obtain sensitive information or causes d ... oval:org.secpod.oval:def:40777 The host is installed with Wireshark 0.9.7 through 1.0.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle crafted NCP packet that triggers an infinite loop. Successful exploitation allows remote attackers to cause a denial of ser ... oval:org.secpod.oval:def:17132 The host is installed with Wireshark 0.9.7 through 1.0.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted NCP packet that triggers an infinite loop. Successful exploitation allows attackers to cause a denial of service (crash). oval:org.secpod.oval:def:201744 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. An invalid pointer dereference flaw was found in the Wireshark SMB and SMB2 dissectors. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, ... oval:org.secpod.oval:def:500291 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. An invalid pointer dereference flaw was found in the Wireshark SMB and SMB2 dissectors. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, ... oval:org.secpod.oval:def:201827 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. An invalid pointer dereference flaw was found in the Wireshark SMB and SMB2 dissectors. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, ... oval:org.secpod.oval:def:40807 The host is installed with Wireshark before 1.2.2 and is prone to an integer overflow vulnerability. A flaw is present in the SMB dissector, which fails to properly handle a crafted erf file. Successful exploitation allows remote attackers to execute arbitrary code or cause a denial of service (appl ... oval:org.secpod.oval:def:1500299 Updated wireshark packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, wh ... oval:org.secpod.oval:def:200538 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A heap-based buffer overflow flaw was found in Wireshark. If Wireshark opened a specially-crafted capture file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Sever ... oval:org.secpod.oval:def:17113 The host is installed with Wireshark before 1.4.4 and is prone to denial of service vulnerability. A flaw is present in the NTLMSSP dissector, which fails to handle a crafted .pcap file. Successful exploitation allows attackers to cause a denial of service (NULL pointer dereference and application c ... oval:org.secpod.oval:def:40835 The host is installed Wireshark before 1.4.4 and is prone to a denial of service vulnerability. A flaw is present in the NTLMSSP dissector, which fails to properly handle crafted .pcap file. Successful exploitation allows remote attackers to cause a denial of service (NULL pointer dereference and ap ... oval:org.secpod.oval:def:201677 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A heap-based buffer overflow flaw was found in Wireshark. If Wireshark opened a specially-crafted capture file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Sever ... oval:org.secpod.oval:def:500191 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A heap-based buffer overflow flaw was found in Wireshark. If Wireshark opened a specially-crafted capture file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Sever ... oval:org.secpod.oval:def:500786 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Several flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wiresh ... oval:org.secpod.oval:def:202326 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Several flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wiresh ... |