Download
| Alert*
oval:org.mitre.oval:def:11608
The SMB dissector in Wireshark 0.99.6 through 1.0.13, and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors. oval:org.mitre.oval:def:11888 Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors. oval:org.mitre.oval:def:7331 The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0 through 1.2.7 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed packet trace file. oval:org.mitre.oval:def:11488 The SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors. oval:org.mitre.oval:def:11836 Buffer overflow in the SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors. oval:org.mitre.oval:def:12049 The SigComp Universal Decompressor Virtual Machine (UDVM) in Wireshark 0.10.8 through 1.0.14 and 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to sigcomp-udvm.c and an off-by-one error, which triggers a buffer ... oval:org.mitre.oval:def:11792 The SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.7 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. oval:org.mitre.oval:def:12047 Stack-based buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.14 and 1.2.0 through 1.2.9 has unknown impact and remote attack vectors. NOTE: this issue exists because of a CVE-2010-2284 regression. oval:org.mitre.oval:def:5979 Integer overflow in wiretap/erf.c in Wireshark before 1.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted erf file, related to an "unsigned integer wrap vulnerability." oval:org.mitre.oval:def:6416 Multiple unspecified vulnerabilities in Wireshark 1.2.0 allow remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace and is processed by the (1) Bluetooth L2CAP, (2) RADIUS, or (3) MIOP dissector. NOTE: it was later reported that the RADIUS ... oval:org.mitre.oval:def:11498 Untrusted search path vulnerability in Wireshark 0.8.4 through 1.0.15 and 1.2.0 through 1.2.10 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse airpcap.dll, and possibly other DLLs, that is located in the same folder as ... oval:org.secpod.oval:def:40809 The host is installed with Wireshark 0.9.0 through 1.2.4 and is prone to a denial of service vulnerability. A flaw is present in the SMB and SMB2 dissectors, which fails to properly handle a crafted packet that triggers a NULL pointer dereference. Successful exploitation allows remote attackers to c ... oval:org.secpod.oval:def:201747 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Multiple buffer overflow flaws were found in the Wireshark SigComp Universal Decompressor Virtual Machine dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, ... oval:org.secpod.oval:def:17119 The host is installed with Wireshark 0.9.0 through 1.2.4 and is prone to NULL pointer dereference vulnerability. A flaw is present in the application SMB and SMB2 dissectors, which fails to handle a crafted packet that triggers a NULL pointer dereference, as demonstrated by fuzz-2009-12-07-11141.pca ... oval:org.secpod.oval:def:40811 The host is installed with Wireshark 0.9.15 through 1.0.10 or 1.2.0 through 1.2.5 and is prone to a buffer overflow vulnerability. A flaw is present in the LWRES dissectors, which fails to properly handle a malformed packet. Successful exploitation allows remote attackers to cause a denial of servic ... oval:org.secpod.oval:def:40814 The host is installed with Wireshark 0.10.13 through 1.0.13 or 1.2.0 through 1.2.8 and is prone to a buffer overflow vulnerability. A flaw is present in the ASN.1 BER dissectors, which fails to properly handle a unknown vectors. Successful exploitation allows remote attackers to cause unknown impact ... oval:org.secpod.oval:def:40815 The host is installed with Wireshark 0.8.20 through 1.0.13 or 1.2.0 through 1.2.8 and is prone to a denial of service vulnerability. A flaw is present in the SMB PIPE dissectors, which fails to properly handle a unknown vectors. Successful exploitation allows remote attackers to cause denial of serv ... oval:org.secpod.oval:def:40812 The host is installed with Wireshark 0.9.6 through 1.0.12 or 1.2.0 through 1.2.7 and is prone to a denial of service vulnerability. A flaw is present in the DOCSIS dissectors, which fails to properly handle a malformed packet. Successful exploitation allows remote attackers to cause a denial of serv ... oval:org.secpod.oval:def:40813 The host is installed with Wireshark 0.99.6 through 1.0.13 or 1.2.0 through 1.2.8 and is prone to a denial of service vulnerability. A flaw is present in the SMB dissectors, which fails to properly handle a unknown vectors. Successful exploitation allows remote attackers to cause a denial of service ... oval:org.secpod.oval:def:40816 The host is installed with Wireshark 0.10.7 through 1.0.13 or 1.2.0 through 1.2.8 and is prone to a denial of service vulnerability. A flaw is present in the SigComp Universal Decompressor Virtual Machine dissector, which fails to properly handle a unknown vectors. Successful exploitation allows rem ... oval:org.secpod.oval:def:40817 The host is installed with Wireshark 0.10.8 through 1.0.13 or 1.2.0 through 1.2.8 and is prone to a buffer overflow vulnerability. A flaw is present in the SigComp Universal Decompressor Virtual Machine dissector, which fails to properly handle a unknown vectors. Successful exploitation allows remot ... oval:org.secpod.oval:def:201718 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Multiple buffer overflow flaws were found in the Wireshark SigComp Universal Decompressor Virtual Machine dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, ... oval:org.secpod.oval:def:40821 The host is installed with Wireshark 0.10.8 through 1.0.14 or 1.2.0 through 1.2.9 and is prone to a denial of service vulnerability. A flaw is present in the SigComp Universal Decompressor Virtual Machine, which fails to properly handle vectors related to sigcomp-udvm.c and an off-by-one error. Succ ... oval:org.secpod.oval:def:40820 The host is installed with Wireshark 0.10.13 through 1.0.14 or 1.2.0 through 1.2.9 and is prone to a stack-based buffer overflow vulnerability. A flaw is present in the ASN.1 BER dissector, which fails to properly handle a unknown vectors. Successful exploitation allows remote attackers to cause unk ... oval:org.secpod.oval:def:40798 The host is installed with Wireshark 1.2.0 or wireshark 0.10.13 through 1.0.9 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle file that records a malformed packet trace. Successful exploitation allows remote attackers to cause a deni ... oval:org.secpod.oval:def:500306 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Multiple buffer overflow flaws were found in the Wireshark SigComp Universal Decompressor Virtual Machine dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, ... oval:org.secpod.oval:def:40826 The host is installed wireshark with before 1.2 and is prone to a heap-based buffer overflow vulnerability. A flaw is present application, which fails to properly handle a crafted capture file. Successful exploitation allows remote attackers to cause a denial of service (application crash) or possib ... oval:org.secpod.oval:def:558 The host is installed with Wireshark and is prone to heap based buffer overflow vulnerability. A flaw is present in wiretap/pcapng.c, which fails to safely read malformed packets. Successful exploitation could allow remote attackers to execute arbitrary code, obtain sensitive information or causes d ... oval:org.secpod.oval:def:40805 The host is installed with Wireshark 0.10.10 through 1.0.9 or 1.2.0 through 1.2.2 and is prone to a denial of service vulnerability. A flaw is present in the DCERPC/NT dissector, which fails to properly handle a file that records a malformed packet trace. Successful exploitation allows remote attack ... oval:org.mitre.oval:def:6005 The DCERPC/NT dissector in Wireshark 0.10.10 through 1.0.9 and 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a file that records a malformed packet trace. NOTE: some of these details are obtained from third party inform ... oval:org.secpod.oval:def:201744 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. An invalid pointer dereference flaw was found in the Wireshark SMB and SMB2 dissectors. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, ... oval:org.secpod.oval:def:201827 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. An invalid pointer dereference flaw was found in the Wireshark SMB and SMB2 dissectors. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, ... oval:org.secpod.oval:def:500291 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. An invalid pointer dereference flaw was found in the Wireshark SMB and SMB2 dissectors. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, ... oval:org.mitre.oval:def:8490 Multiple buffer overflows in the LWRES dissector in Wireshark 0.9.15 through 1.0.10 and 1.2.0 through 1.2.5 allow remote attackers to cause a denial of service (crash) via a malformed packet, as demonstrated using a stack-based buffer overflow to the dissect_getaddrsbyname_request function. oval:org.secpod.oval:def:40807 The host is installed with Wireshark before 1.2.2 and is prone to an integer overflow vulnerability. A flaw is present in the SMB dissector, which fails to properly handle a crafted erf file. Successful exploitation allows remote attackers to execute arbitrary code or cause a denial of service (appl ... oval:org.secpod.oval:def:1500299 Updated wireshark packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, wh ... oval:org.secpod.oval:def:500191 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A heap-based buffer overflow flaw was found in Wireshark. If Wireshark opened a specially-crafted capture file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Sever ... oval:org.secpod.oval:def:200538 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A heap-based buffer overflow flaw was found in Wireshark. If Wireshark opened a specially-crafted capture file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Sever ... oval:org.secpod.oval:def:17113 The host is installed with Wireshark before 1.4.4 and is prone to denial of service vulnerability. A flaw is present in the NTLMSSP dissector, which fails to handle a crafted .pcap file. Successful exploitation allows attackers to cause a denial of service (NULL pointer dereference and application c ... oval:org.secpod.oval:def:390 The host is installed with Wireshark and is prone to memory corruption vulnerability. A flaw is present in the application where large LDAP Filter strings consumes excessive amount of memory. Successful exploitation allows remote attackers to cause denial of service condition. oval:org.secpod.oval:def:392 The host is installed with Wireshark and is prone to multiple stack consumption vulnerabilities. The flaws are present in the application which fails to handle infinite recursion due to large packet length. Successful exploitation allow remote attackers to cause a denial of service. oval:org.secpod.oval:def:40832 The host is installed Wireshark 1.0.x, 1.2.0 through 1.2.14 or 1.4.0 through 1.4.3 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted SMB or CLDAP packet. Successful exploitation allows remote attackers to cause a denial ... oval:org.secpod.oval:def:40833 The host is installed Wireshark 1.0.x, 1.2.0 through 1.2.14 or 1.4.0 through 1.4.3 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle long LDAP filter string. Successful exploitation allows remote attackers to cause a denial of ser ... oval:org.secpod.oval:def:40835 The host is installed Wireshark before 1.4.4 and is prone to a denial of service vulnerability. A flaw is present in the NTLMSSP dissector, which fails to properly handle crafted .pcap file. Successful exploitation allows remote attackers to cause a denial of service (NULL pointer dereference and ap ... oval:org.secpod.oval:def:500148 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A heap-based buffer overflow flaw was found in the Wireshark MAC-LTE dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute ... oval:org.secpod.oval:def:500786 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Several flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wiresh ... oval:org.secpod.oval:def:201677 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A heap-based buffer overflow flaw was found in Wireshark. If Wireshark opened a specially-crafted capture file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Sever ... oval:org.secpod.oval:def:202326 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Several flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wiresh ... |