CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 1CVE-2015-8724 – Wireshark - 'AirPDcapDecryptWPABroadcastKey' Heap Out-of-Bounds Read
https://notcve.org/view.php?id=CVE-2015-8724
The AirPDcapDecryptWPABroadcastKey function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not verify the WPA broadcast key length, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet. La función AirPDcapDecryptWPABroadcastKey en epan/crypt/airpdcap.c en el disector 802.11 en Wireshark 1.12.x en versiones anteriores a 1.12.9 y 2.0.x en versiones anteriores a 2.0.1 no verifica la longitud de clave de difusión WPA, lo que permite a atacantes remotos provocar una denegación de servicio (lectura fuera de rango y caída de aplicación) a través de un paquete manipulado. • https://www.exploit-db.com/exploits/39077 http://www.debian.org/security/2016/dsa-3505 http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html http://www.securityfocus.com/bid/79382 http://www.securitytracker.com/id/1034551 http://www.wireshark.org/security/wnpa-sec-2015-42.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11826 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=83f2818118ae255db949bb3a4b3a26ebd1c5f7c5 https://security.gentoo.o • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 1CVE-2015-8725 – Wireshark - dissect_diameter_base_framed_ipv6_prefix Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2015-8725
The dissect_diameter_base_framed_ipv6_prefix function in epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the IPv6 prefix length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet. La función dissect_diameter_base_framed_ipv6_prefix en epan/dissectors/packet-diameter.c en el disector DIAMETER en Wireshark 1.12.x en versiones anteriores a 1.12.9 y 2.0.x en versiones anteriores a 2.0.1 no valida la longitud del prefijo IPv6, lo que permite a atacantes remotos provocar una denegación de servicio (desbordamiento de buffer basado en pila y caída de aplicación) a través de un paquete manipulado. • https://www.exploit-db.com/exploits/39003 http://www.debian.org/security/2016/dsa-3505 http://www.securityfocus.com/bid/79382 http://www.securitytracker.com/id/1034551 http://www.wireshark.org/security/wnpa-sec-2015-43.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11792 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=aaa28a9d39158ca1033bbd3372cf423abbf4f202 https://security.gentoo.org/glsa/201604-05 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 1CVE-2015-8726 – Wireshark - find_signature Stack Out-of-Bounds Read
https://notcve.org/view.php?id=CVE-2015-8726
wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and Modulation and Coding Scheme (MCS) data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file. wiretap/vwr.c en el analizador de archivo VeriWave en Wireshark 1.12.x en versiones anteriores a 1.12.9 y 2.0.x en versiones anteriores a 2.0.1 no valida ciertos datos de firma y Modulation and Coding Scheme (MCS), lo que permite a atacantes remotos provocar una denegación de servicio (lectura fuera de rango y caída de aplicación) a través de un archivo manipulado. • https://www.exploit-db.com/exploits/39004 http://www.debian.org/security/2016/dsa-3505 http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html http://www.securityfocus.com/bid/79382 http://www.securitytracker.com/id/1034551 http://www.wireshark.org/security/wnpa-sec-2015-44.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11789 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11791 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=c • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 1CVE-2015-8727 – Wireshark - addresses_equal 'dissect_rsvp_common' Use-After-Free
https://notcve.org/view.php?id=CVE-2015-8727
The dissect_rsvp_common function in epan/dissectors/packet-rsvp.c in the RSVP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not properly maintain request-key data, which allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet. La función dissect_rsvp_common en epan/dissectors/packet-rsvp.c en el disector RSVP en Wireshark 1.12.x en versiones anteriores a 1.12.9 y 2.0.x en versiones anteriores a 2.0.1 no mantiene adecuadmante los datos de petición de clave, lo que permite a atacantes remotos provocar una denegación de servicio (uso depués de liberación de memoria y caída de aplicación) a través de un paquete manipulado. • https://www.exploit-db.com/exploits/39002 http://www.debian.org/security/2016/dsa-3505 http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html http://www.securityfocus.com/bid/79382 http://www.securitytracker.com/id/1034551 http://www.wireshark.org/security/wnpa-sec-2015-45.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11793 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=56baca60271379cb97f6a4a6bf72eb526e8b52d0 https://security.gentoo.o • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 1CVE-2015-8728 – Wireshark - my_dgt_tbcd_unpack Static Buffer Overflow
https://notcve.org/view.php?id=CVE-2015-8728
The Mobile Identity parser in (1) epan/dissectors/packet-ansi_a.c in the ANSI A dissector and (2) epan/dissectors/packet-gsm_a_common.c in the GSM A dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly uses the tvb_bcd_dig_to_wmem_packet_str function, which allows remote attackers to cause a denial of service (buffer overflow and application crash) via a crafted packet. El analizador Mobile Identity en (1) epan/dissectors/packet-ansi_a.c en el disector ANSI A y (2) epan/dissectors/packet-gsm_a_common.c en el disector GSM A en Wireshark 1.12.x en versiones anteriores a 1.12.9 y 2.0.x en versiones anteriores a 2.0.1 utiliza indebidamente la función tvb_bcd_dig_to_wmem_packet_str, lo que permite a atacantes remotos provocar una denegación de servicio (desbordamiento de buffer y caída de aplicación) a través de un paquete manipulado. • https://www.exploit-db.com/exploits/39000 http://www.debian.org/security/2016/dsa-3505 http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html http://www.securityfocus.com/bid/79382 http://www.securitytracker.com/id/1034551 http://www.wireshark.org/security/wnpa-sec-2015-46.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11797 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=15edc8d714b11dcff3a04e5d00b8db9adfdb81ed https://security.gentoo.o • CWE-20: Improper Input Validation •