Download
| Alert*
oval:org.mitre.oval:def:11888
Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors. oval:org.mitre.oval:def:5795 Unspecified vulnerability in the sFlow dissector in Wireshark 1.2.0 allows remote attackers to cause a denial of service (CPU and memory consumption) via unspecified vectors. oval:org.mitre.oval:def:7331 The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0 through 1.2.7 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed packet trace file. oval:org.mitre.oval:def:11488 The SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors. oval:org.mitre.oval:def:12049 The SigComp Universal Decompressor Virtual Machine (UDVM) in Wireshark 0.10.8 through 1.0.14 and 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to sigcomp-udvm.c and an off-by-one error, which triggers a buffer ... oval:org.mitre.oval:def:5423 Unspecified vulnerability in packet.c in the GSM A RR dissector in Wireshark 1.2.0 and 1.2.1 allows remote attackers to cause a denial of service (application crash) via unknown vectors related to "an uninitialized dissector handle," which triggers an assertion failure. oval:org.mitre.oval:def:12047 Stack-based buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.14 and 1.2.0 through 1.2.9 has unknown impact and remote attack vectors. NOTE: this issue exists because of a CVE-2010-2284 regression. oval:org.secpod.oval:def:14330 Wireshark 1.2.x is installed oval:org.mitre.oval:def:12031 The IPMI dissector in Wireshark 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. oval:org.mitre.oval:def:11608 The SMB dissector in Wireshark 0.99.6 through 1.0.13, and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors. oval:org.mitre.oval:def:6321 Unspecified vulnerability in the Infiniband dissector in Wireshark 1.0.6 through 1.2.0, when running on unspecified platforms, allows remote attackers to cause a denial of service (crash) via unknown vectors. oval:org.mitre.oval:def:11836 Buffer overflow in the SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors. oval:org.mitre.oval:def:6162 Unspecified vulnerability in the OpcUa (OPC UA) dissector in Wireshark 0.99.6 through 1.0.8 and 1.2.0 through 1.2.1 allows remote attackers to cause a denial of service (memory and CPU consumption) via malformed OPCUA Service CallRequest packets. oval:org.mitre.oval:def:5625 Unspecified vulnerability in the AFS dissector in Wireshark 0.9.2 through 1.2.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. oval:org.mitre.oval:def:11792 The SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.7 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. oval:org.mitre.oval:def:6391 packet-paltalk.c in the Paltalk dissector in Wireshark 1.2.0 through 1.2.2, on SPARC and certain other platforms, allows remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace. oval:org.mitre.oval:def:5979 Integer overflow in wiretap/erf.c in Wireshark before 1.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted erf file, related to an "unsigned integer wrap vulnerability." oval:org.mitre.oval:def:6379 Buffer overflow in the IPMI dissector in Wireshark 1.2.0 allows remote attackers to cause a denial of service (crash) via unspecified vectors related to an array index error. NOTE: some of these details are obtained from third party information. oval:org.mitre.oval:def:6413 Unspecified vulnerability in the TLS dissector in Wireshark 1.2.0 and 1.2.1, when running on Windows, allows remote attackers to cause a denial of service (application crash) via unknown vectors related to TLS 1.2 conversations. oval:org.mitre.oval:def:11651 packet-gsm_a_rr.c in the GSM A RR dissector in Wireshark 1.2.2 through 1.2.9 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger a NULL pointer dereference. oval:org.mitre.oval:def:6416 Multiple unspecified vulnerabilities in Wireshark 1.2.0 allow remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace and is processed by the (1) Bluetooth L2CAP, (2) RADIUS, or (3) MIOP dissector. NOTE: it was later reported that the RADIUS ... oval:org.mitre.oval:def:11498 Untrusted search path vulnerability in Wireshark 0.8.4 through 1.0.15 and 1.2.0 through 1.2.10 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse airpcap.dll, and possibly other DLLs, that is located in the same folder as ... oval:org.secpod.oval:def:40804 The host is installed with Wireshark 1.2.0 through 1.2.2 and is prone to an unspecified vulnerability. A flaw is present in the Paltalk dissector, which fails to properly handle a file that records a malformed packet trace. Successful exploitation allows remote attackers to cause a denial of service ... oval:org.secpod.oval:def:40802 The host is installed with Wireshark 0.99.6 through 1.0.8 or 1.2.0 through 1.2.1 and is prone to an unspecified vulnerability. A flaw is present in the OpcUa dissector, which fails to properly handle malformed OPCUA Service CallRequest packets. Successful exploitation allows remote attackers to caus ... oval:org.secpod.oval:def:40809 The host is installed with Wireshark 0.9.0 through 1.2.4 and is prone to a denial of service vulnerability. A flaw is present in the SMB and SMB2 dissectors, which fails to properly handle a crafted packet that triggers a NULL pointer dereference. Successful exploitation allows remote attackers to c ... oval:org.mitre.oval:def:7576 The IPMI dissector in Wireshark 1.2.0 through 1.2.4, when running on Windows, allows remote attackers to cause a denial of service (crash) via a crafted packet, related to "formatting a date/time using strftime." oval:org.secpod.oval:def:201747 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Multiple buffer overflow flaws were found in the Wireshark SigComp Universal Decompressor Virtual Machine dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, ... oval:org.secpod.oval:def:17116 The host is installed with Wireshark 1.2.0 through 1.2.13 or 1.4.0 through 1.4.2 and is prone to buffer overflow vulnerability. A flaw is present in the MAC-LTE dissector (epan/dissectors/packet-mac-lte.c), which fails to handle large number of RARs. Successful exploitation allows attackers to cause ... oval:org.secpod.oval:def:1263 The host is installed with Wireshark and is prone to denial of service vulnerability. A flaw is present in the application, which is due to double free vulnerability in tvb_uncompress function in epan/tvbuff.c. Successful exploitation could allow attackers to crash the application via packet with ma ... oval:org.secpod.oval:def:17119 The host is installed with Wireshark 0.9.0 through 1.2.4 and is prone to NULL pointer dereference vulnerability. A flaw is present in the application SMB and SMB2 dissectors, which fails to handle a crafted packet that triggers a NULL pointer dereference, as demonstrated by fuzz-2009-12-07-11141.pca ... oval:org.secpod.oval:def:40811 The host is installed with Wireshark 0.9.15 through 1.0.10 or 1.2.0 through 1.2.5 and is prone to a buffer overflow vulnerability. A flaw is present in the LWRES dissectors, which fails to properly handle a malformed packet. Successful exploitation allows remote attackers to cause a denial of servic ... oval:org.secpod.oval:def:17118 The host is installed with Wireshark 1.4.x before 1.4.1 or 1.2.x before 1.2.12 and is prone to stack consumption vulnerability. A flaw is present in the dissect_ber_unknown function in epan/dissectors/packet-ber.c in the BER dissector, which fails to handle a long string in an unknown ASN.1/BER enco ... oval:org.secpod.oval:def:40819 The host is installed with Wireshark 1.2.0 through 1.2.9 and is prone to a denial of service vulnerability. A flaw is present in the IPMI dissector, which fails to properly handle a unknown vectors. Successful exploitation allows remote attackers to cause a denial of service (infinite loop). oval:org.secpod.oval:def:201718 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Multiple buffer overflow flaws were found in the Wireshark SigComp Universal Decompressor Virtual Machine dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, ... oval:org.secpod.oval:def:40821 The host is installed with Wireshark 0.10.8 through 1.0.14 or 1.2.0 through 1.2.9 and is prone to a denial of service vulnerability. A flaw is present in the SigComp Universal Decompressor Virtual Machine, which fails to properly handle vectors related to sigcomp-udvm.c and an off-by-one error. Succ ... oval:org.secpod.oval:def:40820 The host is installed with Wireshark 0.10.13 through 1.0.14 or 1.2.0 through 1.2.9 and is prone to a stack-based buffer overflow vulnerability. A flaw is present in the ASN.1 BER dissector, which fails to properly handle a unknown vectors. Successful exploitation allows remote attackers to cause unk ... oval:org.secpod.oval:def:1517 The host is installed with Wireshark and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle Lucent/Ascend file parser when processing malformed packets. Successful exploitation allows remote attacker to cause denial of service condition. oval:org.secpod.oval:def:40827 The host is installed Wireshark 1.2.0 through 1.2.13 or 1.4.0 through 1.4.2 and is prone to a buffer overflow vulnerability. A flaw is present MAC-LTE dissector, which fails to properly handle a large number of RARs. Successful exploitation allows remote attackers to cause a denial of service (crash ... oval:org.secpod.oval:def:40844 The host is installed Wireshark 1.2.x before 1.2.18, 1.4.x through 1.4.7 or 1.6.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle malformed packets. Successful exploitation allows remote attackers to cause a denial of service (i ... oval:org.secpod.oval:def:40842 The host is installed Wireshark 1.2.x before 1.2.17 or 1.4.x before 1.4.7 and is prone to a double free vulnerability. A flaw is present in the application, which fails to properly handle a packet with malformed data. Successful exploitation allows remote attackers to cause a denial of service (appl ... oval:org.secpod.oval:def:17145 The host is installed with Wireshark 1.2.0 through 1.2.12 or 1.4.0 through 1.4.1 and is prone to heap based buffer overflow vulnerability. A flaw is present in the application, which fails to handle an LDSS packet with a long digest line in the dissect_ldss_transfer function (epan/dissectors/packet- ... oval:org.secpod.oval:def:17120 The host is installed with Wireshark 1.2.0 through 1.2.4 and is prone to buffer overflow vulnerability. A flaw is present in the daintree_sna_read function in the Daintree SNA file parser, which fails to handle crafted packet. Successful exploitation allows attackers to cause a denial of service (cr ... oval:org.secpod.oval:def:500306 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Multiple buffer overflow flaws were found in the Wireshark SigComp Universal Decompressor Virtual Machine dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, ... oval:org.secpod.oval:def:1260 The host is installed with Wireshark and is prone to denial of service vulnerability. A flaw is present in the application which is due to an error in DICOM dissector when processing certain malformed packets. Successful exploitation allows remote attacker to cause denial of service condition. oval:org.secpod.oval:def:40839 The host is installed Wireshark 1.2.x before 1.2.17 or 1.4.x before 1.4.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle invalid PDU length. Successful exploitation allows remote attackers to cause a denial of service (applicat ... oval:org.secpod.oval:def:945 The host is installed with Wireshark and is prone to denial of service vulnerability. A flaw is present in the X.509if dissector, which fails to properly initialize certain global variables. Successful exploitation could allow remote attackers to cause a denial of service via crafted .pcap files. oval:org.secpod.oval:def:558 The host is installed with Wireshark and is prone to heap based buffer overflow vulnerability. A flaw is present in wiretap/pcapng.c, which fails to safely read malformed packets. Successful exploitation could allow remote attackers to execute arbitrary code, obtain sensitive information or causes d ... oval:org.secpod.oval:def:40805 The host is installed with Wireshark 0.10.10 through 1.0.9 or 1.2.0 through 1.2.2 and is prone to a denial of service vulnerability. A flaw is present in the DCERPC/NT dissector, which fails to properly handle a file that records a malformed packet trace. Successful exploitation allows remote attack ... oval:org.secpod.oval:def:40806 The host is installed with Wireshark 1.2.0 through 1.2.2 and is prone to a denial of service vulnerability. A flaw is present in the SMB dissector, which fails to properly handle a file that records a malformed packet trace. Successful exploitation allows remote attackers to cause a denial of servic ... oval:org.mitre.oval:def:6005 The DCERPC/NT dissector in Wireshark 0.10.10 through 1.0.9 and 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a file that records a malformed packet trace. NOTE: some of these details are obtained from third party inform ... oval:org.secpod.oval:def:201744 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. An invalid pointer dereference flaw was found in the Wireshark SMB and SMB2 dissectors. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, ... oval:org.secpod.oval:def:500291 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. An invalid pointer dereference flaw was found in the Wireshark SMB and SMB2 dissectors. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, ... oval:org.mitre.oval:def:8490 Multiple buffer overflows in the LWRES dissector in Wireshark 0.9.15 through 1.0.10 and 1.2.0 through 1.2.5 allow remote attackers to cause a denial of service (crash) via a malformed packet, as demonstrated using a stack-based buffer overflow to the dissect_getaddrsbyname_request function. oval:org.mitre.oval:def:6049 Off-by-one error in the dissect_negprot_response function in packet-smb.c in the SMB dissector in Wireshark 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace. NOTE: some of these details are obtained from th ... oval:org.secpod.oval:def:201827 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. An invalid pointer dereference flaw was found in the Wireshark SMB and SMB2 dissectors. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, ... oval:org.secpod.oval:def:40807 The host is installed with Wireshark before 1.2.2 and is prone to an integer overflow vulnerability. A flaw is present in the SMB dissector, which fails to properly handle a crafted erf file. Successful exploitation allows remote attackers to execute arbitrary code or cause a denial of service (appl ... oval:org.secpod.oval:def:1261 The host is installed with Wireshark and is prone to NULL pointer dereference vulnerability. A flaw is present in the application which is due to an error in the handling of corrupted Diameter dictionary file. Successful exploitation allows remote attacker to cause denial of service condition. oval:org.secpod.oval:def:1262 The host is installed with Wireshark and is prone to denial of service vulnerability. A flaw is present in the application which fails in the handling of corrupted snoop files. Successful exploitation allows remote attacker to cause application crash. oval:org.secpod.oval:def:1264 The host is installed with Wireshark and is prone to denial of service vulnerability. A flaw is present in the application, which is caused due an integer overflow in the visual_read function in wiretap/visual.c. Successful exploitation could allow an attacker to create denial of service conditions ... oval:org.secpod.oval:def:202528 Wireshark, previously known as Ethereal, is a network protocol analyzer. It is used to capture and browse the traffic running on a computer network. A heap-based buffer overflow flaw was found in the way Wireshark handled Endace ERF capture files. If Wireshark opened a specially-crafted ERF capture ... oval:org.secpod.oval:def:40840 The host is installed Wireshark 1.2.x before 1.2.17 or 1.4.x before 1.4.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle crafted Diameter dictionary file. Successful exploitation allows remote attackers to cause a denial of ser ... oval:org.secpod.oval:def:40843 The host is installed Wireshark 1.2.x before 1.2.17 or 1.4.x before 1.4.7 and is prone to an integer underflow vulnerability. A flaw is present in the application, which fails to properly handle a malformed Visual Networks file. Successful exploitation allows remote attackers to cause a denial of se ... oval:org.secpod.oval:def:40841 The host is installed Wireshark 1.2.x before 1.2.17 or 1.4.x before 1.4.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle certain virtualizable buffers. Successful exploitation allows remote attackers to cause a denial of servic ... oval:org.secpod.oval:def:1500080 Updated wireshark packages that fix several security issues, three bugs,and add one enhancement are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderatesecurity impact. Common Vulnerability Scoring System base scores,which give de ... oval:org.secpod.oval:def:600584 Huzaifa Sidhpurwala, David Maciejak and others discovered several vulnerabilities in the X.509if and DICOM dissectors and in the code to process various capture and dictionary files, which could lead to denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:500936 Wireshark, previously known as Ethereal, is a network protocol analyzer. It is used to capture and browse the traffic running on a computer network. A heap-based buffer overflow flaw was found in the way Wireshark handled Endace ERF capture files. If Wireshark opened a specially-crafted ERF capture ... oval:org.secpod.oval:def:200538 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A heap-based buffer overflow flaw was found in Wireshark. If Wireshark opened a specially-crafted capture file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Sever ... oval:org.secpod.oval:def:17114 The host is installed with Wireshark 1.2.0 through 1.2.14 or 1.4.0 through 1.4.3, and is prone to heap-based buffer overflow vulnerability. A flaw is present in the wiretap/dct3trace.c, which fails to handle a long record in a Nokia DCT3 trace file. Successful exploitation allows attackers to cause ... oval:org.secpod.oval:def:17113 The host is installed with Wireshark before 1.4.4 and is prone to denial of service vulnerability. A flaw is present in the NTLMSSP dissector, which fails to handle a crafted .pcap file. Successful exploitation allows attackers to cause a denial of service (NULL pointer dereference and application c ... oval:org.secpod.oval:def:390 The host is installed with Wireshark and is prone to memory corruption vulnerability. A flaw is present in the application where large LDAP Filter strings consumes excessive amount of memory. Successful exploitation allows remote attackers to cause denial of service condition. oval:org.secpod.oval:def:392 The host is installed with Wireshark and is prone to multiple stack consumption vulnerabilities. The flaws are present in the application which fails to handle infinite recursion due to large packet length. Successful exploitation allow remote attackers to cause a denial of service. oval:org.secpod.oval:def:391 The host is installed with Wireshark and is prone to stack consumption vulnerability. A flaw is present in the application while handling ASN description with a recursive definition of a CHOICE. Successful exploitation allow remote attackers to cause a denial of service condition. oval:org.secpod.oval:def:393 The host is installed with Wireshark and is prone to denial of service vulnerability. A flaw is present in the application which fails to properly handle large packet lengths. Successful exploitation allow remote attackers to cause application to crash. oval:org.secpod.oval:def:40835 The host is installed Wireshark before 1.4.4 and is prone to a denial of service vulnerability. A flaw is present in the NTLMSSP dissector, which fails to properly handle crafted .pcap file. Successful exploitation allows remote attackers to cause a denial of service (NULL pointer dereference and ap ... oval:org.secpod.oval:def:1503465 Updated wireshark packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are avai ... oval:org.secpod.oval:def:201677 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A heap-based buffer overflow flaw was found in Wireshark. If Wireshark opened a specially-crafted capture file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Sever ... oval:org.secpod.oval:def:500191 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A heap-based buffer overflow flaw was found in Wireshark. If Wireshark opened a specially-crafted capture file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Sever ... oval:org.secpod.oval:def:1601333 Several flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark.Several denial of service flaws were found in Wireshark. Wireshark could crash or stop respondi ... oval:org.secpod.oval:def:1503764 Updated wireshark packages that fix several security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are avail ... oval:org.secpod.oval:def:190 The host is installed with Wireshark 1.5.0 or before 1.4.3 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to handle a specially-crafted .pcap file. Successful exploitation could allow remote attackers to corrupt memory by executing arbitrary code o ... oval:org.secpod.oval:def:500148 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A heap-based buffer overflow flaw was found in the Wireshark MAC-LTE dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute ... oval:org.secpod.oval:def:500786 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Several flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wiresh ... oval:org.secpod.oval:def:202326 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Several flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wiresh ... |