CVE-2010-3445 – wireshark: stack overflow in BER dissector
https://notcve.org/view.php?id=CVE-2010-3445
Stack consumption vulnerability in the dissect_ber_unknown function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.4.x before 1.4.1 and 1.2.x before 1.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a long string in an unknown ASN.1/BER encoded packet, as demonstrated using SNMP. Vulnerabilidad de consumo de pila en la función dissect_ber_unknown en pan/dissectors/packet-ber.c en el disector BER en Wireshark v1.4.x anterior a v1.4.1 y v1.2.x anterior a v1.2.12 permite a atacantes remotos provocar una denegación de servicio (desreferencia de puntero NULO y el cuelgue) a través de una cadena larga en un paquete codificado ASN.1/BER desconocido, como se ha demostrado mediante SNMP. • http://archives.neohapsis.com/archives/bugtraq/2010-09/0088.html http://blogs.sun.com/security/entry/resource_management_errors_vulnerability_in http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.html http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.html http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html http://lists.opensuse.org/opensuse-security-announce/20 • CWE-399: Resource Management Errors •
CVE-2010-4300 – Wireshark - LDSS Dissector Buffer Overflow
https://notcve.org/view.php?id=CVE-2010-4300
Heap-based buffer overflow in the dissect_ldss_transfer function (epan/dissectors/packet-ldss.c) in the LDSS dissector in Wireshark 1.2.0 through 1.2.12 and 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an LDSS packet with a long digest line that triggers memory corruption. Desbordamiento de búfer basado en memoria dinámica en la función dissect_ldss_transfer (epan/dissectors/packet-ldss.c) en el disector LDSS en Wireshark v1.2.0 hasta v1.2.12 y v1.4.0 hasta v1.4.1 permite a atacantes remotos provocar una denegación de servicio (cuelgue) y posiblemente ejecutar código arbitrario a través de un paquete LDSS con una línea de resumen larga lo cual provoca corrupción en la memoria. • https://www.exploit-db.com/exploits/15676 http://blogs.sun.com/security/entry/buffer_overflow_vulnerability_in_wireshark http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://osvdb.org/69354 http://secunia.com/advisories/42290 http://secunia.com/advisories/42411 http://secunia.com/advisories/42877 http://secunia.com/advisories/43068 http://www.exploit-db.com/exploits/15676 http:/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVE-2010-4301 – Wireshark - ZigBee ZCL Dissector Infinite Loop Denial of Service
https://notcve.org/view.php?id=CVE-2010-4301
epan/dissectors/packet-zbee-zcl.c in the ZigBee ZCL dissector in Wireshark 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted ZCL packet, related to Discover Attributes. epan/dissectors/packet-zbee-zcl.c en el disector de ZigBee ZCL en Wireshark v1.4.0 hasta v1.4.1 permite a atacantes remotos provocar una denegación de servicio (bucle infinito) a través de un paquete ZCL manipulado, relacionado con Discover Attributes. • https://www.exploit-db.com/exploits/15973 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://osvdb.org/69355 http://secunia.com/advisories/42290 http://secunia.com/advisories/42877 http://secunia.com/advisories/43068 http://www.exploit-db.com/exploits/15973 http://www.securityfocus.com/bid/44986 http://www.vupen.com/english/advisories/2010/3038 http://www.vupen.com/ • CWE-399: Resource Management Errors •
CVE-2010-3133 – Wireshark 1.2.10 - 'airpcap.dll' DLL Hijacking
https://notcve.org/view.php?id=CVE-2010-3133
Untrusted search path vulnerability in Wireshark 0.8.4 through 1.0.15 and 1.2.0 through 1.2.10 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse airpcap.dll, and possibly other DLLs, that is located in the same folder as a file that automatically launches Wireshark. Una vulnerabilidad de ruta de búsqueda no confiable en Wireshark versiones 0.8.4 hasta 1.0.15 y versiones 1.2.0 hasta 1.2.10 permite a los usuarios locales, y posiblemente a atacantes remotos, ejecutar código arbitrario y conducir ataques de secuestro de DLL por medio de un archivo airpcap.dll de tipo caballo de Troya, y posiblemente otros DLL, que se encuentra en la misma carpeta que un archivo que inicia automáticamente Wireshark. • https://www.exploit-db.com/exploits/14721 http://secunia.com/advisories/41064 http://www.exploit-db.com/exploits/14721 http://www.vupen.com/english/advisories/2010/2165 http://www.vupen.com/english/advisories/2010/2243 http://www.wireshark.org/security/wnpa-sec-2010-09.html http://www.wireshark.org/security/wnpa-sec-2010-10.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11498 •
CVE-2010-2993
https://notcve.org/view.php?id=CVE-2010-2993
The IPMI dissector in Wireshark 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. El analizador IPMI de Wireshark v1.2.0 hasta la v1.2.9 permite a atacantes remotos provocar una denegación de servicio (bucle infinito) a través de vectores de ataque desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/42877 http://secunia.com/advisories/43068 http://www.vupen.com/english/advisories/2011/0076 http://www.vupen.com/english/advisories/2011/0212 http://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12031 • CWE-20: Improper Input Validation •