CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2007-6439 – wireshark IPv6 and USB dissector crash
https://notcve.org/view.php?id=CVE-2007-6439
Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (infinite or large loop) via the (1) IPv6 or (2) USB dissector, which can trigger resource consumption or a crash. NOTE: this identifier originally included Firebird/Interbase, but it is already covered by CVE-2007-6116. The DCP ETSI issue is already covered by CVE-2007-6119. Wireshark (anteriormente Ethereal) versión 0.99.6, permite a los atacantes remotos causar una denegación de servicio (bucle infinito o largo) por medio del disector de (1) IPv6 o (2) USB, que puede desencadenar el consumo de recursos o un bloqueo. NOTA: este identificador originalmente incluía Firebird/Interbase, pero ya está cubierto por CVE-2007-6116. • http://bugs.gentoo.org/show_bug.cgi?id=199958 http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.html http://secunia.com/advisories/27777 http://secunia.com/advisories/28288 http://secunia.com/advisories/28304 http://secunia.com/advisories/28325 http://secunia.com/advisories/28564 http://secunia.com/advisories/29048 http://security.gentoo.org/glsa/glsa-200712-23.xml http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0004 http://www.mandriva.com/security/ad • CWE-399: Resource Management Errors •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2007-6438 – wireshark SMB dissector crash
https://notcve.org/view.php?id=CVE-2007-6438
Unspecified vulnerability in the SMB dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service via unknown vectors. NOTE: this identifier originally included MP3 and NCP, but those issues are already covered by CVE-2007-6111. Una vulnerabilidad no especificada en el disector del SMB en Wireshark (anteriormente Ethereal) versión 0.99.6, permite a los atacantes remotos causar una denegación de servicio por medio de vectores de ataque desconocidos. NOTA: este identificador originalmente incluía MP3 y NCP, pero esos problemas ya están cubiertos por CVE-2007-6111. • http://bugs.gentoo.org/show_bug.cgi?id=199958 http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.html http://secunia.com/advisories/27777 http://secunia.com/advisories/28288 http://secunia.com/advisories/28304 http://secunia.com/advisories/28325 http://secunia.com/advisories/28564 http://secunia.com/advisories/29048 http://security.gentoo.org/glsa/glsa-200712-23.xml http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0004 http://www.mandriva.com/security/ad • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2007-6441 – wireshark WiMAX dissector possible crash
https://notcve.org/view.php?id=CVE-2007-6441
The WiMAX dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) via unknown vectors related to "unaligned access on some platforms." El disector de WiMAX en Wireshark (anteriormente Ethereal) versión 0.99.6, permite a los atacantes remotos causar una denegación de servicio (bloqueo) por medio de vectores de ataque desconocidos relacionados con el "unaligned access on some platforms". • http://bugs.gentoo.org/show_bug.cgi?id=199958 http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.html http://secunia.com/advisories/27777 http://secunia.com/advisories/28288 http://secunia.com/advisories/28304 http://secunia.com/advisories/28325 http://secunia.com/advisories/28564 http://secunia.com/advisories/29048 http://security.gentoo.org/glsa/glsa-200712-23.xml http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0004 http://www.mandriva.com/security/ad • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.3EPSS: 0%CPEs: 10EXPL: 0CVE-2007-6451 – wireshark CIP dissector crash
https://notcve.org/view.php?id=CVE-2007-6451
Unspecified vulnerability in the CIP dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger allocation of large amounts of memory. Vulnerabilidad no especificada en el analizador CIP de Wireshark (antiguamente Ethereal) 0.9.14 a 0.99.6 permite a atacantes remotos provocar una denegación de servicio (caída) mediante vectores desconocidos que provocan la reserva de grandes cantidades de memoria. • http://bugs.gentoo.org/show_bug.cgi?id=199958 http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.html http://secunia.com/advisories/27777 http://secunia.com/advisories/28288 http://secunia.com/advisories/28304 http://secunia.com/advisories/28315 http://secunia.com/advisories/28325 http://secunia.com/advisories/28564 http://secunia.com/advisories/28583 http://secunia.com/advisories/29048 http://security.gentoo.org/glsa/glsa-200712-23.xml http://wiki.rp • CWE-399: Resource Management Errors •
CVSS: 5.0EPSS: 7%CPEs: 9EXPL: 0CVE-2007-6117 – wireshark HTTP dissector flaws
https://notcve.org/view.php?id=CVE-2007-6117
Unspecified vulnerability in the HTTP dissector for Wireshark (formerly Ethereal) 0.10.14 to 0.99.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted chunked messages. Una vulnerabilidad no especificada en el disector de HTTP para Wireshark (anteriormente Ethereal) versiones 0.10.14 hasta 0.99.6, permite a atacantes remotos causar una denegación de servicio (bloqueo) y probablemente ejecutar código arbitrario por medio de mensajes fragmentados diseñados. • http://bugs.gentoo.org/show_bug.cgi?id=199958 http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.html http://secunia.com/advisories/27777 http://secunia.com/advisories/27817 http://secunia.com/advisories/28197 http://secunia.com/advisories/28207 http://secunia.com/advisories/28288 http://secunia.com/advisories/28304 http://secunia.com/advisories/28325 http://secunia.com/advisories/28564 http://secunia.com/advisories/28583 http://secunia.com/advisories/29048 •