Download
| Alert*
|
oval:org.mitre.oval:def:11888
Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors. oval:org.mitre.oval:def:7331 The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0 through 1.2.7 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed packet trace file. oval:org.mitre.oval:def:11488 The SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors. oval:org.mitre.oval:def:12049 The SigComp Universal Decompressor Virtual Machine (UDVM) in Wireshark 0.10.8 through 1.0.14 and 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to sigcomp-udvm.c and an off-by-one error, which triggers a buffer ... oval:org.mitre.oval:def:12047 Stack-based buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.14 and 1.2.0 through 1.2.9 has unknown impact and remote attack vectors. NOTE: this issue exists because of a CVE-2010-2284 regression. oval:org.secpod.oval:def:202012 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A format string flaw was found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running ... oval:org.mitre.oval:def:11608 The SMB dissector in Wireshark 0.99.6 through 1.0.13, and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors. oval:org.mitre.oval:def:11836 Buffer overflow in the SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors. oval:org.mitre.oval:def:6162 Unspecified vulnerability in the OpcUa (OPC UA) dissector in Wireshark 0.99.6 through 1.0.8 and 1.2.0 through 1.2.1 allows remote attackers to cause a denial of service (memory and CPU consumption) via malformed OPCUA Service CallRequest packets. oval:org.mitre.oval:def:5625 Unspecified vulnerability in the AFS dissector in Wireshark 0.9.2 through 1.2.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. oval:org.mitre.oval:def:5748 Unspecified vulnerability in Wireshark 0.99.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file. oval:org.mitre.oval:def:11792 The SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.7 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. oval:org.secpod.oval:def:202056 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A format string flaw was found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running ... oval:org.mitre.oval:def:5979 Integer overflow in wiretap/erf.c in Wireshark before 1.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted erf file, related to an "unsigned integer wrap vulnerability." oval:org.mitre.oval:def:5335 The Check Point High-Availability Protocol (CPHAP) dissector in Wireshark 0.9.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FWHA_MY_STATE packet. oval:org.mitre.oval:def:5976 Format string vulnerability in the PROFINET/DCP (PN-DCP) dissector in Wireshark 1.0.6 and earlier allows remote attackers to execute arbitrary code via a PN-DCP packet with format string specifiers in the station name. NOTE: some of these details are obtained from third party information. oval:org.mitre.oval:def:6099 Unspecified vulnerability in the LDAP dissector in Wireshark 0.99.2 through 1.0.6, when running on Windows, allows remote attackers to cause a denial of service (crash) via unknown attack vectors. oval:org.mitre.oval:def:6416 Multiple unspecified vulnerabilities in Wireshark 1.2.0 allow remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace and is processed by the (1) Bluetooth L2CAP, (2) RADIUS, or (3) MIOP dissector. NOTE: it was later reported that the RADIUS ... oval:org.mitre.oval:def:11498 Untrusted search path vulnerability in Wireshark 0.8.4 through 1.0.15 and 1.2.0 through 1.2.10 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse airpcap.dll, and possibly other DLLs, that is located in the same folder as ... oval:org.secpod.oval:def:40800 The host is installed with Wireshark 0.9.2 through 1.2.0 and is prone to an unspecified vulnerability. A flaw is present in the AFS dissector, which fails to properly handle unspecified vectors. Successful exploitation allows remote attackers to cause a denial of service (crash). oval:org.secpod.oval:def:40802 The host is installed with Wireshark 0.99.6 through 1.0.8 or 1.2.0 through 1.2.1 and is prone to an unspecified vulnerability. A flaw is present in the OpcUa dissector, which fails to properly handle malformed OPCUA Service CallRequest packets. Successful exploitation allows remote attackers to caus ... oval:org.secpod.oval:def:500672 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Multiple buffer overflow flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malformed dump file, it could crash or, possibly, execute arbitrary code as the us ... oval:org.secpod.oval:def:40809 The host is installed with Wireshark 0.9.0 through 1.2.4 and is prone to a denial of service vulnerability. A flaw is present in the SMB and SMB2 dissectors, which fails to properly handle a crafted packet that triggers a NULL pointer dereference. Successful exploitation allows remote attackers to c ... oval:org.secpod.oval:def:201747 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Multiple buffer overflow flaws were found in the Wireshark SigComp Universal Decompressor Virtual Machine dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, ... oval:org.secpod.oval:def:17119 The host is installed with Wireshark 0.9.0 through 1.2.4 and is prone to NULL pointer dereference vulnerability. A flaw is present in the application SMB and SMB2 dissectors, which fails to handle a crafted packet that triggers a NULL pointer dereference, as demonstrated by fuzz-2009-12-07-11141.pca ... oval:org.secpod.oval:def:40811 The host is installed with Wireshark 0.9.15 through 1.0.10 or 1.2.0 through 1.2.5 and is prone to a buffer overflow vulnerability. A flaw is present in the LWRES dissectors, which fails to properly handle a malformed packet. Successful exploitation allows remote attackers to cause a denial of servic ... oval:org.secpod.oval:def:40814 The host is installed with Wireshark 0.10.13 through 1.0.13 or 1.2.0 through 1.2.8 and is prone to a buffer overflow vulnerability. A flaw is present in the ASN.1 BER dissectors, which fails to properly handle a unknown vectors. Successful exploitation allows remote attackers to cause unknown impact ... oval:org.secpod.oval:def:40815 The host is installed with Wireshark 0.8.20 through 1.0.13 or 1.2.0 through 1.2.8 and is prone to a denial of service vulnerability. A flaw is present in the SMB PIPE dissectors, which fails to properly handle a unknown vectors. Successful exploitation allows remote attackers to cause denial of serv ... oval:org.secpod.oval:def:40812 The host is installed with Wireshark 0.9.6 through 1.0.12 or 1.2.0 through 1.2.7 and is prone to a denial of service vulnerability. A flaw is present in the DOCSIS dissectors, which fails to properly handle a malformed packet. Successful exploitation allows remote attackers to cause a denial of serv ... oval:org.secpod.oval:def:40813 The host is installed with Wireshark 0.99.6 through 1.0.13 or 1.2.0 through 1.2.8 and is prone to a denial of service vulnerability. A flaw is present in the SMB dissectors, which fails to properly handle a unknown vectors. Successful exploitation allows remote attackers to cause a denial of service ... oval:org.secpod.oval:def:40816 The host is installed with Wireshark 0.10.7 through 1.0.13 or 1.2.0 through 1.2.8 and is prone to a denial of service vulnerability. A flaw is present in the SigComp Universal Decompressor Virtual Machine dissector, which fails to properly handle a unknown vectors. Successful exploitation allows rem ... oval:org.secpod.oval:def:40817 The host is installed with Wireshark 0.10.8 through 1.0.13 or 1.2.0 through 1.2.8 and is prone to a buffer overflow vulnerability. A flaw is present in the SigComp Universal Decompressor Virtual Machine dissector, which fails to properly handle a unknown vectors. Successful exploitation allows remot ... oval:org.secpod.oval:def:201718 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Multiple buffer overflow flaws were found in the Wireshark SigComp Universal Decompressor Virtual Machine dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, ... oval:org.secpod.oval:def:40788 The host is installed with Wireshark 0.99.7 through 1.0.5 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a malformed NetScreen snoop file. Successful exploitation allows user-assisted remote attackers to cause a denial of service ... oval:org.secpod.oval:def:40821 The host is installed with Wireshark 0.10.8 through 1.0.14 or 1.2.0 through 1.2.9 and is prone to a denial of service vulnerability. A flaw is present in the SigComp Universal Decompressor Virtual Machine, which fails to properly handle vectors related to sigcomp-udvm.c and an off-by-one error. Succ ... oval:org.secpod.oval:def:40789 The host is installed with Wireshark 0.99.6 through 1.0.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted Tektronix K12 text capture file. Successful exploitation allows user-assisted remote attackers to cause a denial ... oval:org.secpod.oval:def:40820 The host is installed with Wireshark 0.10.13 through 1.0.14 or 1.2.0 through 1.2.9 and is prone to a stack-based buffer overflow vulnerability. A flaw is present in the ASN.1 BER dissector, which fails to properly handle a unknown vectors. Successful exploitation allows remote attackers to cause unk ... oval:org.secpod.oval:def:40791 The host is installed with Wireshark through 1.0.6 and is prone to a format string vulnerability. A flaw is present in the application, which fails to properly handle a PN-DCP packet with format string specifiers. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:40792 The host is installed with Wireshark through 1.0.7 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows remote attackers to have unknown impact and attack vectors. oval:org.secpod.oval:def:40790 The host is installed with Wireshark 0.99.8 through 1.0.5 and is prone to a format string vulnerability. A flaw is present in the application, which fails to properly handle format string specifiers. Successful exploitation allows remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:40795 The host is installed with Wireshark 0.99.6 through 1.0.6 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle a crafted Tektronix .rf5 file. Successful exploitation allows remote attackers to cause a denial of service (crash). oval:org.secpod.oval:def:40796 The host is installed with Wireshark 0.8.20 through 1.0.7 and is prone to an unspecified vulnerability. A flaw is present in the PCNFSD dissector, which fails to properly handle via crafted PCNFSD packets. Successful exploitation allows remote attackers to cause a denial of service (crash). oval:org.secpod.oval:def:40793 The host is installed with Wireshark 0.99.2 through 1.0.6 and is prone to an unspecified vulnerability. A flaw is present in the LDAP dissector, which fails to properly handle unknown attack vectors. Successful exploitation allows remote attackers to cause a denial of service (crash). oval:org.secpod.oval:def:40794 The host is installed with Wireshark 0.9.6 through 1.0.6 and is prone to a denial of service vulnerability. A flaw is present in the CPHAP dissector, which fails to properly handle a crafted FWHA_MY_STATE packet. Successful exploitation allows remote attackers to cause a denial of service (crash). oval:org.secpod.oval:def:40798 The host is installed with Wireshark 1.2.0 or wireshark 0.10.13 through 1.0.9 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle file that records a malformed packet trace. Successful exploitation allows remote attackers to cause a deni ... oval:org.secpod.oval:def:17123 The host is installed with Wireshark 0.99.7 through 1.0.5 and is prone to buffer overflow vulnerability. A flaw is present in the wiretap/netscreen.c, which fails to handle a malformed NetScreen snoop file. Successful exploitation allows attackers to cause a denial of service (crash). oval:org.secpod.oval:def:17122 The host is installed with Wireshark 0.99.6 through 1.0.5 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted Tektronix K12 text capture file, as demonstrated by a file with exactly one frame. Successful exploitation allows attackers ... oval:org.secpod.oval:def:17121 The host is installed with Wireshark 0.8.20 through 1.0.7 and is prone to unspecified vulnerability. A flaw is present in the PCNFSD dissector, which fails to handle crafted PCNFSD packets. Successful exploitation allows attackers to cause a denial of service (crash). oval:org.secpod.oval:def:500536 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A format string flaw was found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running ... oval:org.secpod.oval:def:500306 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Multiple buffer overflow flaws were found in the Wireshark SigComp Universal Decompressor Virtual Machine dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, ... oval:org.secpod.oval:def:40826 The host is installed wireshark with before 1.2 and is prone to a heap-based buffer overflow vulnerability. A flaw is present application, which fails to properly handle a crafted capture file. Successful exploitation allows remote attackers to cause a denial of service (application crash) or possib ... oval:org.secpod.oval:def:558 The host is installed with Wireshark and is prone to heap based buffer overflow vulnerability. A flaw is present in wiretap/pcapng.c, which fails to safely read malformed packets. Successful exploitation could allow remote attackers to execute arbitrary code, obtain sensitive information or causes d ... oval:org.secpod.oval:def:40805 The host is installed with Wireshark 0.10.10 through 1.0.9 or 1.2.0 through 1.2.2 and is prone to a denial of service vulnerability. A flaw is present in the DCERPC/NT dissector, which fails to properly handle a file that records a malformed packet trace. Successful exploitation allows remote attack ... oval:org.mitre.oval:def:6005 The DCERPC/NT dissector in Wireshark 0.10.10 through 1.0.9 and 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a file that records a malformed packet trace. NOTE: some of these details are obtained from third party inform ... oval:org.secpod.oval:def:201744 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. An invalid pointer dereference flaw was found in the Wireshark SMB and SMB2 dissectors. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, ... oval:org.secpod.oval:def:500291 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. An invalid pointer dereference flaw was found in the Wireshark SMB and SMB2 dissectors. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, ... oval:org.mitre.oval:def:8490 Multiple buffer overflows in the LWRES dissector in Wireshark 0.9.15 through 1.0.10 and 1.2.0 through 1.2.5 allow remote attackers to cause a denial of service (crash) via a malformed packet, as demonstrated using a stack-based buffer overflow to the dissect_getaddrsbyname_request function. oval:org.secpod.oval:def:201827 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. An invalid pointer dereference flaw was found in the Wireshark SMB and SMB2 dissectors. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, ... oval:org.secpod.oval:def:40807 The host is installed with Wireshark before 1.2.2 and is prone to an integer overflow vulnerability. A flaw is present in the SMB dissector, which fails to properly handle a crafted erf file. Successful exploitation allows remote attackers to execute arbitrary code or cause a denial of service (appl ... oval:org.secpod.oval:def:1500299 Updated wireshark packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, wh ... oval:org.secpod.oval:def:200538 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A heap-based buffer overflow flaw was found in Wireshark. If Wireshark opened a specially-crafted capture file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Sever ... oval:org.secpod.oval:def:17113 The host is installed with Wireshark before 1.4.4 and is prone to denial of service vulnerability. A flaw is present in the NTLMSSP dissector, which fails to handle a crafted .pcap file. Successful exploitation allows attackers to cause a denial of service (NULL pointer dereference and application c ... oval:org.secpod.oval:def:390 The host is installed with Wireshark and is prone to memory corruption vulnerability. A flaw is present in the application where large LDAP Filter strings consumes excessive amount of memory. Successful exploitation allows remote attackers to cause denial of service condition. oval:org.secpod.oval:def:392 The host is installed with Wireshark and is prone to multiple stack consumption vulnerabilities. The flaws are present in the application which fails to handle infinite recursion due to large packet length. Successful exploitation allow remote attackers to cause a denial of service. oval:org.secpod.oval:def:40832 The host is installed Wireshark 1.0.x, 1.2.0 through 1.2.14 or 1.4.0 through 1.4.3 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted SMB or CLDAP packet. Successful exploitation allows remote attackers to cause a denial ... oval:org.secpod.oval:def:40833 The host is installed Wireshark 1.0.x, 1.2.0 through 1.2.14 or 1.4.0 through 1.4.3 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle long LDAP filter string. Successful exploitation allows remote attackers to cause a denial of ser ... oval:org.secpod.oval:def:40835 The host is installed Wireshark before 1.4.4 and is prone to a denial of service vulnerability. A flaw is present in the NTLMSSP dissector, which fails to properly handle crafted .pcap file. Successful exploitation allows remote attackers to cause a denial of service (NULL pointer dereference and ap ... oval:org.secpod.oval:def:201677 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A heap-based buffer overflow flaw was found in Wireshark. If Wireshark opened a specially-crafted capture file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Sever ... oval:org.secpod.oval:def:500191 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A heap-based buffer overflow flaw was found in Wireshark. If Wireshark opened a specially-crafted capture file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Sever ... oval:org.secpod.oval:def:500148 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A heap-based buffer overflow flaw was found in the Wireshark MAC-LTE dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute ... oval:org.secpod.oval:def:500786 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Several flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wiresh ... oval:org.secpod.oval:def:202326 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Several flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wiresh ... |
