CVE-2009-2560 – Wireshark: various flaws in a) RADIUS, b) Bluetooth L2CAP, c) MIOP dissectors (DoS)
https://notcve.org/view.php?id=CVE-2009-2560
Multiple unspecified vulnerabilities in Wireshark 1.2.0 allow remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace and is processed by the (1) Bluetooth L2CAP, (2) RADIUS, or (3) MIOP dissector. NOTE: it was later reported that the RADIUS issue also affects 0.10.13 through 1.0.9. Múltiples vulnerabilidades no especificadas en Wireshark versión 1.2.0, permiten a los atacantes remotos causar una denegación de servicio (bloqueo de aplicación) por medio de un archivo que registra un seguimiento de paquetes malformados y es procesado por el (1) Bluetooth L2CAP, (2) RADIUS o (3) disector de MIOP. NOTA: fue señalado más adelante que el problema de RADIUS también afecta a versiones 0.10.13 hasta 1.0.9. • http://secunia.com/advisories/35884 http://secunia.com/advisories/37175 http://secunia.com/advisories/37409 http://secunia.com/advisories/37477 http://www.debian.org/security/2009/dsa-1942 http://www.mandriva.com/security/advisories?name=MDVSA-2009:194 http://www.openwall.com/lists/oss-security/2009/07/22/2 http://www.securityfocus.com/bid/35748 http://www.securityfocus.com/bid/36846 http://www.vupen.com/english/advisories/2009/1970 http://www.vupen.com/english/ •
CVE-2009-2563 – Wireshark: Null-ptr dereference in the InfiniBand dissector
https://notcve.org/view.php?id=CVE-2009-2563
Unspecified vulnerability in the Infiniband dissector in Wireshark 1.0.6 through 1.2.0, when running on unspecified platforms, allows remote attackers to cause a denial of service (crash) via unknown vectors. Vulnerabilidad no especificada en el analizador Infiniband en Wireshark v1.0.6 a v1.2.0, cuando es ejecutado en plataformas no especificadas, permite a atacantes remotos provocar una denegación de servicio (caída) mediante vectores desconocidos. • http://secunia.com/advisories/35884 http://www.mandriva.com/security/advisories?name=MDVSA-2009:194 http://www.mandriva.com/security/advisories?name=MDVSA-2010:031 http://www.openwall.com/lists/oss-security/2009/09/17/15 http://www.openwall.com/lists/oss-security/2009/09/18/2 http://www.securityfocus.com/bid/35748 http://www.vupen.com/english/advisories/2009/1970 http://www.wireshark.org/docs/relnotes/wireshark-1.0.9.html http://www.wireshark.org/security/wnpa-sec& •
CVE-2009-2559
https://notcve.org/view.php?id=CVE-2009-2559
Buffer overflow in the IPMI dissector in Wireshark 1.2.0 allows remote attackers to cause a denial of service (crash) via unspecified vectors related to an array index error. NOTE: some of these details are obtained from third party information. Desbordamiento de bufer en IPMI dissector en Wireshark 1.2.0 permite a atacantes remotos causar una denegación de servicio (caída) a tra´ves de vectores no especificados referidos a un error de una cadena indexada. NOTA: Algunos de estos detalles se obtienen a partir de información de terceros. • http://secunia.com/advisories/35884 http://www.securityfocus.com/bid/35748 http://www.vupen.com/english/advisories/2009/1970 http://www.wireshark.org/security/wnpa-sec-2009-04.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6379 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2009-2562 – Wireshark: Integer overflow in the AFS dissector
https://notcve.org/view.php?id=CVE-2009-2562
Unspecified vulnerability in the AFS dissector in Wireshark 0.9.2 through 1.2.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. Vulnerabilidad no especificada en el analizador AFS en Wireshark v0.9.2 a v1.2.0 permite a atacantes remotos provocar una denegación de servicio (caída) mediante vectores desconocidos. • http://secunia.com/advisories/35884 http://secunia.com/advisories/37477 http://www.debian.org/security/2009/dsa-1942 http://www.mandriva.com/security/advisories?name=MDVSA-2009:194 http://www.openwall.com/lists/oss-security/2009/09/17/15 http://www.openwall.com/lists/oss-security/2009/09/18/2 http://www.securityfocus.com/bid/35748 http://www.vupen.com/english/advisories/2009/1970 http://www.wireshark.org/docs/relnotes/wireshark-1.0.9.html http://www.wireshar • CWE-190: Integer Overflow or Wraparound •