Download
| Alert*
oval:org.secpod.oval:def:2186
The host is installed with Wireshark 1.6.1 and is prone to a denial of service vulnerability. A flaw is present in an application, which fails to validate the IKE packet. Successful exploitation could allow attackers to crash the application. oval:org.secpod.oval:def:2508 The host is installed with Wireshark 1.4.x before 1.4.9 or 1.6.x before 1.6.2 and is prone to an Untrusted search path vulnerability. A flaw is present in the application, which fails to prevent local users from gaining privileges. Successful exploitation could allow attackers to run arbitrary Lua s ... oval:org.secpod.oval:def:394 The host is installed with Wireshark and is prone to denial of service vulnerability. A flaw is present in the application which contains an off-by-one error. Successful exploitation allow remote attackers to cause application to crash. oval:org.secpod.oval:def:944 The host is installed with Wireshark and is prone to Denial of service vulnerability. A flaw is present in the NFS dissector, which fails to handle incorrect integer data type during decoding of SETCLIENTID calls. Successful exploitation could allow remote attackers to cause denial of service. oval:org.secpod.oval:def:943 The host is installed with Wireshark and is prone to buffer overflow vulnerability. A flaw is present in the DECT dissector, which fails to handle malicious packets. Successful exploitation could allow remote attackers to cause denial of service. oval:org.secpod.oval:def:600692 The Microsoft Vulnerability Research group discovered that insecure load path handling could lead to execution of arbitrary Lua script code. oval:org.secpod.oval:def:600931 Bjorn Mork and Laurent Butti discovered crashes in the PPP and RTPS2 dissectors, which could potentially result in the execution of arbitrary code. oval:org.secpod.oval:def:2184 The host is installed with Wireshark 1.6.1 and is prone to a denial of service vulnerability. A flaw is present in an application, which fails to validate the IKE packet. Successful exploitation could allow attackers to crash the application. oval:org.secpod.oval:def:2504 The host is installed with Wireshark 1.4.x before 1.4.9 or 1.6.x before 1.6.2 and is prone to an Untrusted search path vulnerability. A flaw is present in the application, which fails to prevent local users from gaining privileges. Successful exploitation could allow attackers to run arbitrary Lua s ... oval:org.secpod.oval:def:3000 The host is installed with Wireshark 1.4.0 through 1.4.9 or 1.6.x before 1.6.3 and is prone to denial of service vulnerability. A flaw is present in the application which is caused due to an error in the Infiniband dissector that can allow a NULL pointer to be dereferenced when processing certain ma ... oval:org.secpod.oval:def:3003 The host is installed with Wireshark 1.4.0 through 1.4.9 or 1.6.x before 1.6.3 and is prone to denial of service vulnerability. A flaw is present in the application which is caused due to an error in the Infiniband dissector that can allow a NULL pointer to be dereferenced when processing certain ma ... oval:org.secpod.oval:def:17116 The host is installed with Wireshark 1.2.0 through 1.2.13 or 1.4.0 through 1.4.2 and is prone to buffer overflow vulnerability. A flaw is present in the MAC-LTE dissector (epan/dissectors/packet-mac-lte.c), which fails to handle large number of RARs. Successful exploitation allows attackers to cause ... oval:org.secpod.oval:def:17115 The host is installed with Wireshark 1.4.0 through 1.4.2 and is prone to denial of service vulnerability. A flaw is present in the ASN.1 BER dissector, which fails to handle crafted packets, as demonstrated by fuzz-2010-12-30-28473.pcap. Successful exploitation allows attackers to cause a denial of ... oval:org.secpod.oval:def:1263 The host is installed with Wireshark and is prone to denial of service vulnerability. A flaw is present in the application, which is due to double free vulnerability in tvb_uncompress function in epan/tvbuff.c. Successful exploitation could allow attackers to crash the application via packet with ma ... oval:org.secpod.oval:def:17117 The host is installed with Wireshark 1.4.2 and is prone to buffer overflow vulnerability. A flaw is present in the sect_enttec_dmx_da function in epan/dissectors/packet-enttec.c, which fails to handle a crafted ENTTEC DMX packet with Run Length Encoding (RLE) compression. Successful exploitation all ... oval:org.secpod.oval:def:40825 The host is installed with Wireshark 1.4.2 and is prone to a buffer overflow vulnerability. A flaw is present application, which fails to properly handle a crafted ENTTEC DMX packet. Successful exploitation allows remote attackers to cause a denial of service (application crash) or possibly execute ... oval:org.secpod.oval:def:1517 The host is installed with Wireshark and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle Lucent/Ascend file parser when processing malformed packets. Successful exploitation allows remote attacker to cause denial of service condition. oval:org.secpod.oval:def:40827 The host is installed Wireshark 1.2.0 through 1.2.13 or 1.4.0 through 1.4.2 and is prone to a buffer overflow vulnerability. A flaw is present MAC-LTE dissector, which fails to properly handle a large number of RARs. Successful exploitation allows remote attackers to cause a denial of service (crash ... oval:org.secpod.oval:def:40828 The host is installed Wireshark 1.4.0 through 1.4.2 and is prone to a denial of service vulnerability. A flaw is present ASN.1 BER dissector, which fails to properly handle crafted packets. Successful exploitation allows remote attackers to cause a denial of service (assertion failure). oval:org.secpod.oval:def:40837 The host is installed Wireshark 1.4.x before 1.4.5 and is prone to a stack based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle crafted .pcap file. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:40844 The host is installed Wireshark 1.2.x before 1.2.18, 1.4.x through 1.4.7 or 1.6.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle malformed packets. Successful exploitation allows remote attackers to cause a denial of service (i ... oval:org.secpod.oval:def:40842 The host is installed Wireshark 1.2.x before 1.2.17 or 1.4.x before 1.4.7 and is prone to a double free vulnerability. A flaw is present in the application, which fails to properly handle a packet with malformed data. Successful exploitation allows remote attackers to cause a denial of service (appl ... oval:org.secpod.oval:def:500260 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. An array index error, leading to a stack-based buffer overflow, was found in the Wireshark ENTTEC dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could ... oval:org.secpod.oval:def:1260 The host is installed with Wireshark and is prone to denial of service vulnerability. A flaw is present in the application which is due to an error in DICOM dissector when processing certain malformed packets. Successful exploitation allows remote attacker to cause denial of service condition. oval:org.secpod.oval:def:40839 The host is installed Wireshark 1.2.x before 1.2.17 or 1.4.x before 1.4.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle invalid PDU length. Successful exploitation allows remote attackers to cause a denial of service (applicat ... oval:org.secpod.oval:def:945 The host is installed with Wireshark and is prone to denial of service vulnerability. A flaw is present in the X.509if dissector, which fails to properly initialize certain global variables. Successful exploitation could allow remote attackers to cause a denial of service via crafted .pcap files. oval:org.secpod.oval:def:40836 The host is installed Wireshark 1.2.x before 1.2.16 or 1.4.x before 1.4.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle crafted .pcap file. Successful exploitation allows remote attackers to cause a denial of service (applicat ... oval:org.secpod.oval:def:5177 The host is installed with Wireshark 1.4.x before 1.4.12 or 1.6.x before 1.6.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle epan/dissectors/packet-ansi_a.c in the ANSI A dissector. Successful exploitation could allow remote attackers to ... oval:org.secpod.oval:def:5187 The host is installed with Wireshark 1.4.x before 1.4.12 or 1.6.x before 1.6.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle epan/dissectors/packet-ansi_a.c in the ANSI A dissector. Successful exploitation could allow remote attackers to ... oval:org.secpod.oval:def:5180 The host is installed with Wireshark 1.4.x before 1.4.12 or 1.6.x before 1.6.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the mp2t_process_fragmented_payload function in epan/dissectors/packet-mp2t.c in the MP2T dissector. Successful ... oval:org.secpod.oval:def:5190 The host is installed with Wireshark 1.4.x before 1.4.12 or 1.6.x before 1.6.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the mp2t_process_fragmented_payload function in epan/dissectors/packet-mp2t.c in the MP2T dissector. Successful ... oval:org.secpod.oval:def:6298 The host is installed with Wireshark 1.4.x before 1.4.13 or 1.6.x before 1.6.8 and is prone to multiple integer underflow vulnerabilities. The flaws are present in the application, which fails to handle vectors related to the R3 dissector. Successful exploitation allows remote attackers to cause a d ... oval:org.secpod.oval:def:6294 The host is installed with Wireshark 1.4.x before 1.4.13 or 1.6.x before 1.6.8 and is prone to multiple integer underflow vulnerabilities. The flaws are present in the application, which fails to handle vectors related to the R3 dissector. Successful exploitation allows remote attackers to cause a d ... oval:org.secpod.oval:def:6300 The host is installed with Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly construct certain array data structures. Successful exploitation allows remote attackers to cause application ... oval:org.secpod.oval:def:6296 The host is installed with Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly construct certain array data structures. Successful exploitation allows remote attackers to cause application ... oval:org.secpod.oval:def:6419 The host is installed with Wireshark 1.4.x before 1.4.14 or 1.6.x before 1.6.9 or 1.8.x before 1.8.1 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the PPP dissector. Successful exploitation allows remote attackers to cause a denial of se ... oval:org.secpod.oval:def:6417 The host is installed with Wireshark 1.4.x before 1.4.14 or 1.6.x before 1.6.9 or 1.8.x before 1.8.1 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the PPP dissector. Successful exploitation allows remote attackers to cause a denial of se ... oval:org.secpod.oval:def:6420 The host is installed with Wireshark 1.4.x before 1.4.14 or 1.6.x before 1.6.9 or 1.8.x before 1.8.1 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the epan/dissectors/packet-nfs.c in the NFS dissector. Successful exploitation allows remo ... oval:org.secpod.oval:def:6418 The host is installed with Wireshark 1.4.x before 1.4.14 or 1.6.x before 1.6.9 or 1.8.x before 1.8.1 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the epan/dissectors/packet-nfs.c in the NFS dissector. Successful exploitation allows remo ... oval:org.secpod.oval:def:2185 The host is installed with Wireshark 1.4.x before 1.4.8 or 1.6.x before 1.6.1 and is prone to a denial of service vulnerability. A flaw is present in an application, which fails to handle an invalid packet. Successful exploitation could allow attackers to crash the application. oval:org.secpod.oval:def:5179 The host is installed with Wireshark 1.4.x before 1.4.12 or 1.6.x before 1.6.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the pcap_process_pseudo_header function in wiretap/pcap-common.c. Successful exploitation could allow remote att ... oval:org.secpod.oval:def:2187 The host is installed with Wireshark 1.4.x before 1.4.8 or 1.6.x before 1.6.1 and is prone to a denial of service vulnerability. A flaw is present in an application, which fails to handle an invalid packet. Successful exploitation could allow attackers to crash the application. oval:org.secpod.oval:def:5176 The host is installed with Wireshark 1.4.x before 1.4.11 or 1.6.x before 1.6.5 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the lanalyzer_read function in wiretap/lanalyzer.c. Successful exploitation could allow remote attackers to caus ... oval:org.secpod.oval:def:600711 Laurent Butti discovered a buffer underflow in the LANalyzer dissector of the Wireshark network traffic analyzer, which could lead to the execution of arbitrary code This update also addresses several bugs, which can lead to crashes of Wireshark. These are not treated as security issues, but are fi ... oval:org.secpod.oval:def:5171 The host is installed with Wireshark 1.4.x before 1.4.11 or 1.6.x before 1.6.5 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the dissect_packet function in epan/packet.c file. Successful exploitation could allow remote attackers to cause ... oval:org.secpod.oval:def:5175 The host is installed with Wireshark 1.4.x before 1.4.11 or 1.6.x before 1.6.5 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle wiretap/iptrace.c file. Successful exploitation could allow remote attackers to cause denial of service or appli ... oval:org.secpod.oval:def:5174 The host is installed with Wireshark 1.4.x before 1.4.11 or 1.6.x before 1.6.5 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a long packet in a Accellent 5Views (aka .5vw) file or I4B trace file or NETMON 2 capture file. Successful explo ... oval:org.secpod.oval:def:5173 The host is installed with Wireshark 1.4.x before 1.4.11 or 1.6.x before 1.6.5 and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to handle reassemble_message function in epan/dissectors/packet-rlc.c in the RLC dissector. Successful exploitation could al ... oval:org.secpod.oval:def:5172 The host is installed with Wireshark 1.4.x before 1.4.11 or 1.6.x before 1.6.5 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly perform certain string conversions. Successful exploitation could allow remote attackers to cause denial of se ... oval:org.secpod.oval:def:1261 The host is installed with Wireshark and is prone to NULL pointer dereference vulnerability. A flaw is present in the application which is due to an error in the handling of corrupted Diameter dictionary file. Successful exploitation allows remote attacker to cause denial of service condition. oval:org.secpod.oval:def:5189 The host is installed with Wireshark 1.4.x before 1.4.12 or 1.6.x before 1.6.6 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the pcap_process_pseudo_header function in wiretap/pcap-common.c. Successful exploitation could allow remote att ... oval:org.secpod.oval:def:1262 The host is installed with Wireshark and is prone to denial of service vulnerability. A flaw is present in the application which fails in the handling of corrupted snoop files. Successful exploitation allows remote attacker to cause application crash. oval:org.secpod.oval:def:1264 The host is installed with Wireshark and is prone to denial of service vulnerability. A flaw is present in the application, which is caused due an integer overflow in the visual_read function in wiretap/visual.c. Successful exploitation could allow an attacker to create denial of service conditions ... oval:org.secpod.oval:def:2999 The host is installed with Wireshark 1.4.0 through 1.4.9 or 1.6.x before 1.6.3 and is prone to heap-based buffer overflow vulnerability. A flaw is present in the application, which is caused due to an error in ERF file parser when processing certain malformed file. Successful exploitation allows rem ... oval:org.secpod.oval:def:5182 The host is installed with Wireshark 1.4.x before 1.4.11 or 1.6.x before 1.6.5 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly perform certain string conversions. Successful exploitation could allow remote attackers to cause denial of se ... oval:org.secpod.oval:def:5181 The host is installed with Wireshark 1.4.x before 1.4.11 or 1.6.x before 1.6.5 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the dissect_packet function in epan/packet.c file. Successful exploitation could allow remote attackers to cause ... oval:org.secpod.oval:def:5186 The host is installed with Wireshark 1.4.x before 1.4.11 or 1.6.x before 1.6.5 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the lanalyzer_read function in wiretap/lanalyzer.c. Successful exploitation could allow remote attackers to caus ... oval:org.secpod.oval:def:5185 The host is installed with Wireshark 1.4.x before 1.4.11 or 1.6.x before 1.6.5 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle wiretap/iptrace.c file. Successful exploitation could allow remote attackers to cause denial of service or appli ... oval:org.secpod.oval:def:5184 The host is installed with Wireshark 1.4.x before 1.4.11 or 1.6.x before 1.6.5 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a long packet in a Accellent 5Views (aka .5vw) file or I4B trace file or NETMON 2 capture file. Successful explo ... oval:org.secpod.oval:def:5183 The host is installed with Wireshark 1.4.x before 1.4.11 or 1.6.x before 1.6.5 and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to handle reassemble_message function in epan/dissectors/packet-rlc.c in the RLC dissector. Successful exploitation could al ... oval:org.secpod.oval:def:6768 The host is installed with Wireshark 1.4.x before 1.4.15 or 1.6.x before 1.6.10 or 1.8.x before 1.8.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector. ... oval:org.secpod.oval:def:501147 Wireshark, previously known as Ethereal, is a network protocol analyzer. It is used to capture and browse the traffic running on a computer network. Two flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, exe ... oval:org.secpod.oval:def:6774 The host is installed with Wireshark 1.4.x before 1.4.15 or 1.6.x before 1.6.10 or 1.8.x before 1.8.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the CIP dissector. Successful exploitation allows remote attackers to cause a denial of s ... oval:org.secpod.oval:def:6773 The host is installed with Wireshark 1.4.x before 1.4.15 or 1.6.x before 1.6.10 or 1.8.x before 1.8.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the CTDB dissector. Successful exploitation allows remote attackers to cause a denial of ... oval:org.secpod.oval:def:6772 The host is installed with Wireshark 1.4.x before 1.4.15 or 1.6.x before 1.6.10 or 1.8.x before 1.8.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a large number of ACL entries. Successful exploitation allows remote attackers to cause a ... oval:org.secpod.oval:def:6776 The host is installed with Wireshark 1.4.x before 1.4.15 or 1.6.x before 1.6.10 or 1.8.x before 1.8.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle certain integer fields. Successful exploitation allows remote attackers to cause ... oval:org.secpod.oval:def:600685 Huzaifa Sidhpurwala discovered a buffer overflow in Wireshark"s ERF dissector, which could lead to the execution of arbitrary code. oval:org.secpod.oval:def:6779 The host is installed with Wireshark 1.4.x before 1.4.15 or 1.6.x before 1.6.10 or 1.8.x before 1.8.2 and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to handle the epan/dissectors/packet-rtps2.c in the RTPS2 dissector. Successful exploitation allows r ... oval:org.secpod.oval:def:202528 Wireshark, previously known as Ethereal, is a network protocol analyzer. It is used to capture and browse the traffic running on a computer network. A heap-based buffer overflow flaw was found in the way Wireshark handled Endace ERF capture files. If Wireshark opened a specially-crafted ERF capture ... oval:org.secpod.oval:def:40840 The host is installed Wireshark 1.2.x before 1.2.17 or 1.4.x before 1.4.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle crafted Diameter dictionary file. Successful exploitation allows remote attackers to cause a denial of ser ... oval:org.secpod.oval:def:40843 The host is installed Wireshark 1.2.x before 1.2.17 or 1.4.x before 1.4.7 and is prone to an integer underflow vulnerability. A flaw is present in the application, which fails to properly handle a malformed Visual Networks file. Successful exploitation allows remote attackers to cause a denial of se ... oval:org.secpod.oval:def:40841 The host is installed Wireshark 1.2.x before 1.2.17 or 1.4.x before 1.4.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle certain virtualizable buffers. Successful exploitation allows remote attackers to cause a denial of servic ... oval:org.secpod.oval:def:6906 The host is installed with Wireshark 1.4.x before 1.4.15 or 1.6.x before 1.6.10 or 1.8.x before 1.8.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector. ... oval:org.secpod.oval:def:1500080 Updated wireshark packages that fix several security issues, three bugs,and add one enhancement are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderatesecurity impact. Common Vulnerability Scoring System base scores,which give de ... oval:org.secpod.oval:def:3004 The host is installed with Wireshark 1.4.0 through 1.4.9 or 1.6.x before 1.6.3 and is prone to heap-based buffer overflow vulnerability. A flaw is present in the application, which is caused due to an error in ERF file parser when processing certain malformed file. Successful exploitation allows rem ... oval:org.secpod.oval:def:6910 The host is installed with Wireshark 1.4.x before 1.4.15 or 1.6.x before 1.6.10 or 1.8.x before 1.8.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the CTDB dissector. Successful exploitation allows remote attackers to cause a denial of ... oval:org.secpod.oval:def:600584 Huzaifa Sidhpurwala, David Maciejak and others discovered several vulnerabilities in the X.509if and DICOM dissectors and in the code to process various capture and dictionary files, which could lead to denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:6913 The host is installed with Wireshark 1.4.x before 1.4.15 or 1.6.x before 1.6.10 or 1.8.x before 1.8.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle certain integer fields. Successful exploitation allows remote attackers to cause ... oval:org.secpod.oval:def:6911 The host is installed with Wireshark 1.4.x before 1.4.15 or 1.6.x before 1.6.10 or 1.8.x before 1.8.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the CIP dissector. Successful exploitation allows remote attackers to cause a denial of s ... oval:org.secpod.oval:def:6916 The host is installed with Wireshark 1.4.x before 1.4.15 or 1.6.x before 1.6.10 or 1.8.x before 1.8.2 and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to handle the epan/dissectors/packet-rtps2.c in the RTPS2 dissector. Successful exploitation allows r ... oval:org.secpod.oval:def:6909 The host is installed with Wireshark 1.4.x before 1.4.15 or 1.6.x before 1.6.10 or 1.8.x before 1.8.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the epan/dissectors/packet-afp.c in the AFP dissector. Successful exploitation allows rem ... oval:org.secpod.oval:def:500936 Wireshark, previously known as Ethereal, is a network protocol analyzer. It is used to capture and browse the traffic running on a computer network. A heap-based buffer overflow flaw was found in the way Wireshark handled Endace ERF capture files. If Wireshark opened a specially-crafted ERF capture ... oval:org.secpod.oval:def:6301 The host is installed with Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle vectors related to the ANSI MAP, ASF, IEEE 802.11, IEEE 802.3 and LTP dissectors. Successful exploitation allow ... oval:org.secpod.oval:def:1500299 Updated wireshark packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, wh ... oval:org.secpod.oval:def:6771 The host is installed with Wireshark 1.4.x before 1.4.15 or 1.6.x before 1.6.10 or 1.8.x before 1.8.2 and is prone to integer overflow vulnerability. A flaw is present in the application, which fails to handle the dissect_xtp_ecntl function in epan/dissectors/packet-xtp.c in the XTP dissector. Succe ... oval:org.secpod.oval:def:1600294 Two flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding ... oval:org.secpod.oval:def:6775 The host is installed with Wireshark 1.4.x before 1.4.15 or 1.6.x before 1.6.10 or 1.8.x before 1.8.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the dissect_stun_message function in epan/dissectors/packet-stun.c in the STUN dissector. ... oval:org.secpod.oval:def:6912 The host is installed with Wireshark 1.4.x before 1.4.15 or 1.6.x before 1.6.10 or 1.8.x before 1.8.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the dissect_stun_message function in epan/dissectors/packet-stun.c in the STUN dissector. ... oval:org.secpod.oval:def:6908 The host is installed with Wireshark 1.4.x before 1.4.15 or 1.6.x before 1.6.10 or 1.8.x before 1.8.2 and is prone to integer overflow vulnerability. A flaw is present in the application, which fails to handle the dissect_xtp_ecntl function in epan/dissectors/packet-xtp.c in the XTP dissector. Succe ... oval:org.secpod.oval:def:6299 The host is installed with Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 and is prone to multiple integer overflow vulnerabilities. The flaws are present in the application, which fails to handle vectors related to the BACapp and Bluetooth HCI dissectors. Successful exploitation allows remote ... oval:org.secpod.oval:def:6297 The host is installed with Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle vectors related to the ANSI MAP, ASF, IEEE 802.11, IEEE 802.3 and LTP dissectors. Successful exploitation allow ... oval:org.secpod.oval:def:6295 The host is installed with Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 and is prone to multiple integer overflow vulnerabilities. The flaws are present in the application, which fails to handle vectors related to the BACapp and Bluetooth HCI dissectors. Successful exploitation allows remote ... oval:org.secpod.oval:def:200538 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A heap-based buffer overflow flaw was found in Wireshark. If Wireshark opened a specially-crafted capture file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Sever ... oval:org.secpod.oval:def:17114 The host is installed with Wireshark 1.2.0 through 1.2.14 or 1.4.0 through 1.4.3, and is prone to heap-based buffer overflow vulnerability. A flaw is present in the wiretap/dct3trace.c, which fails to handle a long record in a Nokia DCT3 trace file. Successful exploitation allows attackers to cause ... oval:org.secpod.oval:def:17113 The host is installed with Wireshark before 1.4.4 and is prone to denial of service vulnerability. A flaw is present in the NTLMSSP dissector, which fails to handle a crafted .pcap file. Successful exploitation allows attackers to cause a denial of service (NULL pointer dereference and application c ... oval:org.secpod.oval:def:390 The host is installed with Wireshark and is prone to memory corruption vulnerability. A flaw is present in the application where large LDAP Filter strings consumes excessive amount of memory. Successful exploitation allows remote attackers to cause denial of service condition. oval:org.secpod.oval:def:392 The host is installed with Wireshark and is prone to multiple stack consumption vulnerabilities. The flaws are present in the application which fails to handle infinite recursion due to large packet length. Successful exploitation allow remote attackers to cause a denial of service. oval:org.secpod.oval:def:391 The host is installed with Wireshark and is prone to stack consumption vulnerability. A flaw is present in the application while handling ASN description with a recursive definition of a CHOICE. Successful exploitation allow remote attackers to cause a denial of service condition. oval:org.secpod.oval:def:40829 The host is installed Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3 or 1.5.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a malformed file. Successful exploitation allows remote attackers to cause a denial of service (m ... oval:org.secpod.oval:def:393 The host is installed with Wireshark and is prone to denial of service vulnerability. A flaw is present in the application which fails to properly handle large packet lengths. Successful exploitation allow remote attackers to cause application to crash. oval:org.secpod.oval:def:40832 The host is installed Wireshark 1.0.x, 1.2.0 through 1.2.14 or 1.4.0 through 1.4.3 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted SMB or CLDAP packet. Successful exploitation allows remote attackers to cause a denial ... oval:org.secpod.oval:def:40833 The host is installed Wireshark 1.0.x, 1.2.0 through 1.2.14 or 1.4.0 through 1.4.3 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle long LDAP filter string. Successful exploitation allows remote attackers to cause a denial of ser ... oval:org.secpod.oval:def:40830 The host is installed Wireshark 1.2.0 through 1.2.14 or 1.4.0 through 1.4.3 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a long record in a Nokia DCT3 trace file. Successful exploitation allows remote attackers to ca ... oval:org.secpod.oval:def:40831 The host is installed Wireshark 1.2.0 through 1.2.14 or 1.4.0 through 1.4.3 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a pcap-ng file. Successful exploitation allows remote attackers to cause a denial of service (applicatio ... oval:org.secpod.oval:def:40834 The host is installed Wireshark 1.2.x through 1.2.15 or 1.4.x through 1.4.4 and is prone to a stack consumption vulnerability. A flaw is present in the application, which fails to properly handle vectors involving self-referential ASN.1 CHOICE values. Successful exploitation allows remote attackers ... oval:org.secpod.oval:def:40835 The host is installed Wireshark before 1.4.4 and is prone to a denial of service vulnerability. A flaw is present in the NTLMSSP dissector, which fails to properly handle crafted .pcap file. Successful exploitation allows remote attackers to cause a denial of service (NULL pointer dereference and ap ... oval:org.secpod.oval:def:201677 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A heap-based buffer overflow flaw was found in Wireshark. If Wireshark opened a specially-crafted capture file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Sever ... oval:org.secpod.oval:def:500191 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A heap-based buffer overflow flaw was found in Wireshark. If Wireshark opened a specially-crafted capture file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Sever ... oval:org.secpod.oval:def:190 The host is installed with Wireshark 1.5.0 or before 1.4.3 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to handle a specially-crafted .pcap file. Successful exploitation could allow remote attackers to corrupt memory by executing arbitrary code o ... oval:org.secpod.oval:def:500148 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A heap-based buffer overflow flaw was found in the Wireshark MAC-LTE dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute ... oval:org.secpod.oval:def:500786 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Several flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wiresh ... oval:org.secpod.oval:def:202326 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Several flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wiresh ... |