CVE-2006-4805
https://notcve.org/view.php?id=CVE-2006-4805
epan/dissectors/packet-xot.c in the XOT dissector (dissect_xot_pdu) in Wireshark (formerly Ethereal) 0.9.8 through 0.99.3 allows remote attackers to cause a denial of service (memory consumption and crash) via an encoded XOT packet that produces a zero length value when it is decoded. epan/dissectors/packet-xot.c en el separador XOT (dissect_xot_pdu) en Wireshark (antes conocido como Ethereal) 0.9.8 hasta la 0.99.3 permite a un atacante remoto provocar denegación de servicio (consumo de memoria y caida) a través de un paquete XOT codificado que crea un valor de longitud zero cuando está codificado. • ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P http://secunia.com/advisories/22590 http://secunia.com/advisories/22659 http://secunia.com/advisories/22672 http://secunia.com/advisories/22692 http://secunia.com/advisories/22797 http://secunia.com/advisories/22841 http://secunia.com/advisories/22929 http://secunia.com/advisories/23096 http://securitytracker.com/id?1017129 http://support.avaya.com/elmodocs2/security/ASA-2006-255.htm http://www.kb.cert. •
CVE-2006-4333
https://notcve.org/view.php?id=CVE-2006-4333
The SSCOP dissector in Wireshark (formerly Ethereal) before 0.99.3 allows remote attackers to cause a denial of service (resource consumption) via malformed packets that cause the Q.2391 dissector to use excessive memory. El analizador SSCOP en Wireshark (anteriormente Ethereal) anterior a 0.99.3 permite a atacantes ermotos provocar una denegación de servicio (agotamiento de recursos) mediante paquetes mal formados que provocan que el analizador Q.2391 utilice demasiada memoria. • http://secunia.com/advisories/21597 http://secunia.com/advisories/21619 http://secunia.com/advisories/21649 http://secunia.com/advisories/21682 http://secunia.com/advisories/21813 http://secunia.com/advisories/21885 http://secunia.com/advisories/22378 http://security.gentoo.org/glsa/glsa-200608-26.xml http://securitytracker.com/id?1016736 http://support.avaya.com/elmodocs2/security/ASA-2006-227.htm http://www.debian.org/security/2006/dsa-1171 http://www.kb.cert.org • CWE-399: Resource Management Errors •
CVE-2006-4332
https://notcve.org/view.php?id=CVE-2006-4332
Unspecified vulnerability in the DHCP dissector in Wireshark (formerly Ethereal) 0.10.13 through 0.99.2, when run on Windows, allows remote attackers to cause a denial of service (crash) via unspecified vectors that trigger a bug in Glib. Vulnerabiliadd no especificada en el analizador DHCP en Wireshark (anteriormente Ethereal) 0.10.13 hasta 0.99.2, cuando se ejecuta en Windows, permite a aatacantes remotos provocar una denegación de servicio (caída) a través de vectores no especificados que disparan un bug en Glib. • http://secunia.com/advisories/21597 http://secunia.com/advisories/21619 http://secunia.com/advisories/21649 http://secunia.com/advisories/21682 http://security.gentoo.org/glsa/glsa-200608-26.xml http://securitytracker.com/id?1016736 http://www.kb.cert.org/vuls/id/335656 http://www.mandriva.com/security/advisories?name=MDKSA-2006:152 http://www.securityfocus.com/bid/19690 http://www.vupen.com/english/advisories/2006/3370 http://www.wireshark.org/security/wnpa-sec-2006 •
CVE-2006-3631
https://notcve.org/view.php?id=CVE-2006-3631
Unspecified vulnerability in the SSH dissector in Wireshark (aka Ethereal) 0.9.10 to 0.99.0 allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors. Vulnerabilidad no especificada en en el analizador de SSH de Wireshark (aka Ethereal) 0.9.10 hasta 0.99.0 permite a atacantes remotos provocar una denegación de servicio (bucle infinito) a través de vectores de ataque desconocidos. • ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P http://rhn.redhat.com/errata/RHSA-2006-0602.html http://secunia.com/advisories/21078 http://secunia.com/advisories/21107 http://secunia.com/advisories/21121 http://secunia.com/advisories/21204 http://secunia.com/advisories/21249 http://secunia.com/advisories/21467 http://secunia.com/advisories/21488 http://secunia.com/advisories/21598 http://secunia.com/advisories/22089 http://security.gentoo.org/glsa/ • CWE-399: Resource Management Errors •
CVE-2006-3628
https://notcve.org/view.php?id=CVE-2006-3628
Multiple format string vulnerabilities in Wireshark (aka Ethereal) 0.10.x to 0.99.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) ANSI MAP, (2) Checkpoint FW-1, (3) MQ, (4) XML, and (5) NTP dissectors. Múltiples vulnerabilidades de formato de cadena en Wireshark (atmbién conocido como Ethereal) 0.10.x a 0.99.0 permite a atacantes remotos provocar denegación de servicio y posiblemente ejecutar código de su eleccción a través de los disectores (1) ANSI MAP, (2) Checkpoint FW-1, (3) MQ, (4) XML, y (5) NTP. • ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P http://rhn.redhat.com/errata/RHSA-2006-0602.html http://secunia.com/advisories/21078 http://secunia.com/advisories/21107 http://secunia.com/advisories/21121 http://secunia.com/advisories/21204 http://secunia.com/advisories/21249 http://secunia.com/advisories/21467 http://secunia.com/advisories/21488 http://secunia.com/advisories/21598 http://secunia.com/advisories/22089 http://security.gentoo.org/glsa/ • CWE-134: Use of Externally-Controlled Format String •