CVE-2016-7180
https://notcve.org/view.php?id=CVE-2016-7180
epan/dissectors/packet-ipmi-trace.c in the IPMI trace dissector in Wireshark 2.x before 2.0.6 does not properly consider whether a string is constant, which allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet. epan/dissectors/packet-ipmi-trace.c en el disector de trazo IPMI en Wireshark 2.x en versiones anteriores a 2.0.6 no considera adecuadamente cuándo una cadena es constante. lo que permite a atacantes remotos provocar una denegación de servicio (uso después de liberación y caída de la aplicación) a través de un paquete manipulado. • http://www.debian.org/security/2016/dsa-3671 http://www.securitytracker.com/id/1036760 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12782 https://code.wireshark.org/review/17289 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=5213496250aceff086404c568e3718ebc0060934 https://www.wireshark.org/security/wnpa-sec-2016-55.html • CWE-416: Use After Free •
CVE-2016-7179
https://notcve.org/view.php?id=CVE-2016-7179
Stack-based buffer overflow in epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark 2.x before 2.0.6 allows remote attackers to cause a denial of service (application crash) via a crafted packet. Desbordamiento del búfer basado en pila en epan/dissectors/packet-catapult-dct2000.c en el disector Catapult DCT2000 en Wireshark 2.x en versiones anteriores a 2.0.6 permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) a través de un paquete manipulado. • http://www.debian.org/security/2016/dsa-3671 http://www.securitytracker.com/id/1036760 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12752 https://code.wireshark.org/review/17095 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=3b97fbddc23c065727b0147aab52a27c4aadffe7 https://www.wireshark.org/security/wnpa-sec-2016-54.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2016-7175
https://notcve.org/view.php?id=CVE-2016-7175
epan/dissectors/packet-qnet6.c in the QNX6 QNET dissector in Wireshark 2.x before 2.0.6 mishandles MAC address data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet. epan/dissectors/packet-qnet6.c en el disector QNX6 QNET en Wireshark 2.x en versiones anteriores a 2.0.6 maneja de manera incorrecta datos de la dirección MAC, lo que permite a atacantes remotos provocar una denegación de servicio (lectura fuera de rango y caída de aplicación) a través de un paquete manipulado. • http://www.securitytracker.com/id/1036760 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11850 https://code.wireshark.org/review/16965 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=1396f6ad555178f6b81cc1a65f9cb37b2d99aebf https://www.wireshark.org/security/wnpa-sec-2016-50.html • CWE-125: Out-of-bounds Read •
CVE-2016-7177
https://notcve.org/view.php?id=CVE-2016-7177
epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark 2.x before 2.0.6 does not restrict the number of channels, which allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet. epan/dissectors/packet-catapult-dct2000.c en el disector Catapult DCT2000 en Wireshark 2.x en versiones anteriores a 2.0.6 no restringe el número de canales, lo que permite a atacantes remotos provocar una denegación de servicio (sobrelectura de búfer y caída de la aplicación) a través de un paquete manipulado. • http://www.debian.org/security/2016/dsa-3671 http://www.securitytracker.com/id/1036760 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12750 https://code.wireshark.org/review/17096 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=2e37b271c473e1cbd01d62ebe1f3b011fc9fe638 https://www.wireshark.org/security/wnpa-sec-2016-52.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2016-7176
https://notcve.org/view.php?id=CVE-2016-7176
epan/dissectors/packet-h225.c in the H.225 dissector in Wireshark 2.x before 2.0.6 calls snprintf with one of its input buffers as the output buffer, which allows remote attackers to cause a denial of service (copy overlap and application crash) via a crafted packet. epan/dissectors/packet-h225.c en el disector H.225 en Wireshark 2.x en versiones anteriores a 2.0.6 llama a snprintf con uno de sus búfer de entrada como si fuera un búfer de salida, lo que permite a atacantes remotos provocar una denegación de servicio (superposición de copia y caída de la aplicación) a través de un paquete manipulado. • http://www.debian.org/security/2016/dsa-3671 http://www.securitytracker.com/id/1036760 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12700 https://code.wireshark.org/review/16852 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=6d8261994bb928b7e80e3a2478a3d939ea1ef373 https://www.wireshark.org/security/wnpa-sec-2016-51.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •