Page 102 of 672 results (0.013 seconds)

CVSS: 5.8EPSS: 0%CPEs: 3EXPL: 0

Buffer overflow in the dissect_tlv function in epan/dissectors/packet-ldp.c in the LDP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malformed packet. Desbordamiento de búfer en la función dissect_tlv en epan/dissectors/packet-ldp.c en el "dissector" LDP en Wireshark v1.8.x antiores a v1.8.3 permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) o posiblemente tener otro impacto no especificado a través de un paquete mal formado. • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-ldp.c?r1=44801&r2=44800&pathrev=44801 http://anonsvn.wireshark.org/viewvc?view=revision&revision=44801 http://www.securityfocus.com/bid/55754 http://www.securitytracker.com/id?1027604 http://www.wireshark.org/security/wnpa-sec-2012-29.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7046 https://bugs.wireshark.org/bugzilla/show_bug.cgi? • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 0

epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.3 uses incorrect OUI data structures during the decoding of (1) PPP and (2) LCP data, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a malformed packet. epan/dissectors/packet-ppp.c en el «dissector» PPP en Wireshark v1.8.x anteriores a v1.8.3, usa de forma incorrecta las estructuras de datos OUI, durante el decodificado de datos (1) PPP y (2) LCP, lo que permite a atacantes remotos provocar una denegación de servicio (fallo en la inserción y salida de la aplicación) a través de un paquete mal formado. • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-ppp.c?r1=42989&r2=42988&pathrev=42989 http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-ppp.c?r1=44688&r2=44687&pathrev=44688 http://anonsvn.wireshark.org/viewvc?view=revision&revision=42989 http://anonsvn.wireshark.org/viewvc?view=revision&revision=44688 http://osvdb.org/85883 http://www.securityfocus.com/bid/55754 http://www.securitytracker.com/id? •

CVSS: 4.3EPSS: 0%CPEs: 14EXPL: 1

The dissect_drda function in epan/dissectors/packet-drda.c in Wireshark 1.6.x through 1.6.10 and 1.8.x through 1.8.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a small value for a certain length field in a capture file. La función dissect_drda en epan/dissectors/packet-drda.c en Wireshark v1.6.x hasta v1.6.10 y v1.8.x hasta v1.8.2 permite a atacantes remotos causar una denegación de servicio (ciclo infinito y consumo de memoria) a través de un valor pequeño para una cierta longitud de campo en un fichero de captura. • http://openwall.com/lists/oss-security/2012/08/29/4 http://secunia.com/advisories/54425 http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml http://www.securitytracker.com/id?1027464 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7666 https://bugzilla.redhat.com/show_bug.cgi?id=849926 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15646 • CWE-399: Resource Management Errors •

CVSS: 4.3EPSS: 0%CPEs: 31EXPL: 0

The CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet. El disector CIP en Wireshark v1.4.x antes de v1.4.15, v1.6.x antes de v1.6.10 y v1.8.x antes de v1.8.2 permite a atacantes remotos causar una denegación de servicio (por excesivo consumo de memoria) a través de un paquete con formato erróneo. • http://lists.opensuse.org/opensuse-updates/2012-08/msg00033.html http://rhn.redhat.com/errata/RHSA-2013-0125.html http://secunia.com/advisories/50276 http://secunia.com/advisories/51363 http://secunia.com/advisories/54425 http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml http://www.securityfocus.com/bid/55035 http://www.wireshark.org/security/wnpa-sec-2012-20.html https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_wireshark3 https://bugs.wireshark.or • CWE-399: Resource Management Errors •

CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 1

Array index error in the channelised_fill_sdh_g707_format function in epan/dissectors/packet-erf.c in the ERF dissector in Wireshark 1.8.x before 1.8.2 might allow remote attackers to cause a denial of service (application crash) via a crafted speed (aka rate) value. Error de índice de array en la función channelised_fill_sdh_g707_format en epan/disectores/erf.c en el disector ERF en Wireshark v1.8.x antes de v1.8.2 podría permitir a atacantes remotos provocar una denegación de servicio (por caída de la aplicación) a través de un valor de velocidad (aka rate) modificado. • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-erf.c?r1=44419&r2=44418&pathrev=44419 http://anonsvn.wireshark.org/viewvc?view=revision&revision=44419 http://secunia.com/advisories/50276 http://secunia.com/advisories/51363 http://secunia.com/advisories/54425 http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml http://www.securityfocus.com/bid/55035 http://www.wireshark.org/security/wnpa-sec-2012-16.html https://blogs.oracle.com/sunsecurity/entry/multiple_vulner • CWE-20: Improper Input Validation •