CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8741 – Gentoo Linux Security Advisory 201604-05
https://notcve.org/view.php?id=CVE-2015-8741
04 Jan 2016 — The dissect_ppi function in epan/dissectors/packet-ppi.c in the PPI dissector in Wireshark 2.0.x before 2.0.1 does not initialize a packet-header data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. La función dissect_ppi en epan/dissectors/packet-ppi.c en el disector PPI en Wireshark 2.0.x en versiones anteriores a 2.0.1 no inicializa una estructura de datos de cabecera de paquete, lo que permite a atacantes remotos causar una denegación de se... • http://www.securitytracker.com/id/1034551 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 1CVE-2015-8725 – Wireshark - dissect_diameter_base_framed_ipv6_prefix Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2015-8725
04 Jan 2016 — The dissect_diameter_base_framed_ipv6_prefix function in epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the IPv6 prefix length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet. La función dissect_diameter_base_framed_ipv6_prefix en epan/dissectors/packet-diameter.c en el disector DIAMETER en Wireshark 1.12.x en versiones anteriores a 1.12... • https://www.exploit-db.com/exploits/39003 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8742 – Gentoo Linux Security Advisory 201604-05
https://notcve.org/view.php?id=CVE-2015-8742
04 Jan 2016 — The dissect_CPMSetBindings function in epan/dissectors/packet-mswsp.c in the MS-WSP dissector in Wireshark 2.0.x before 2.0.1 does not validate the column size, which allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted packet. La función dissect_CPMSetBindings en epan/dissectors/packet-mswsp.c en el disector MS-WSP en Wireshark 2.0.x en versiones anteriores a 2.0.1 no valida el tamaño de la columna, lo que permite a atacantes remotos causar una denega... • http://www.securitytracker.com/id/1034551 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 1%CPEs: 10EXPL: 1CVE-2015-8726 – Wireshark - find_signature Stack Out-of-Bounds Read
https://notcve.org/view.php?id=CVE-2015-8726
04 Jan 2016 — wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and Modulation and Coding Scheme (MCS) data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file. wiretap/vwr.c en el analizador de archivo VeriWave en Wireshark 1.12.x en versiones anteriores a 1.12.9 y 2.0.x en versiones anteriores a 2.0.1 no valida ciertos datos de firma y Modulation and Coding Scheme (M... • https://www.exploit-db.com/exploits/39004 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2015-8722 – Debian Security Advisory 3505-1
https://notcve.org/view.php?id=CVE-2015-8722
04 Jan 2016 — epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the frame pointer, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet. epan/dissectors/packet-sctp.c en el disector SCTP en Wireshark 1.12.x en versiones anteriores a 1.12.9 y 2.0.x en versiones anteriores a 2.0.1 no valida el puntero del frame, lo que permite a atacantes remotos provocar una denegación de... • http://www.debian.org/security/2016/dsa-3505 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 1%CPEs: 10EXPL: 1CVE-2015-8733 – Wireshark - 'infer_pkt_encap' Heap Out-of-Bounds Read
https://notcve.org/view.php?id=CVE-2015-8733
04 Jan 2016 — The ngsniffer_process_record function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file. La función ngsniffer_process_record en wiretap/ngsniffer.c en el analizador de archivo Sniffer en Wireshark 1.12.x en versiones anteriores a 1.12.9 y 2.0.x en ... • https://www.exploit-db.com/exploits/39076 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 1CVE-2015-8731 – Wireshark - dissct_rsl_ipaccess_msg Static Out-of-Bounds Read
https://notcve.org/view.php?id=CVE-2015-8731
04 Jan 2016 — The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not reject unknown TLV types, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet. La función dissct_rsl_ipaccess_msg en epan/dissectors/packet-rsl.c en el disector RSL en Wireshark 1.12.x en versiones anteriores a 1.12.9 y 2.0.x en versiones anteriores a 2.0.1 no rechaza tipos TLV descon... • https://www.exploit-db.com/exploits/38996 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2015-8711 – Debian Security Advisory 3505-1
https://notcve.org/view.php?id=CVE-2015-8711
04 Jan 2016 — epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate conversation data, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet. epan/dissectors/packet-nbap.c en el disector NBAP en Wireshark 1.12.x en versiones anteriores a 1.12.9 y 2.0.x en versiones anteriores a 2.0.1 no valida datos de conversación, lo que permite a atacantes remotos provocar una denegación d... • http://www.debian.org/security/2016/dsa-3505 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 1%CPEs: 10EXPL: 1CVE-2015-8724 – Wireshark - 'AirPDcapDecryptWPABroadcastKey' Heap Out-of-Bounds Read
https://notcve.org/view.php?id=CVE-2015-8724
04 Jan 2016 — The AirPDcapDecryptWPABroadcastKey function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not verify the WPA broadcast key length, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet. La función AirPDcapDecryptWPABroadcastKey en epan/crypt/airpdcap.c en el disector 802.11 en Wireshark 1.12.x en versiones anteriores a 1.12.9 y 2.0.x en versiones anteriores a 2.0.1 no verific... • https://www.exploit-db.com/exploits/39077 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 1%CPEs: 10EXPL: 1CVE-2015-8728 – Wireshark - my_dgt_tbcd_unpack Static Buffer Overflow
https://notcve.org/view.php?id=CVE-2015-8728
04 Jan 2016 — The Mobile Identity parser in (1) epan/dissectors/packet-ansi_a.c in the ANSI A dissector and (2) epan/dissectors/packet-gsm_a_common.c in the GSM A dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly uses the tvb_bcd_dig_to_wmem_packet_str function, which allows remote attackers to cause a denial of service (buffer overflow and application crash) via a crafted packet. El analizador Mobile Identity en (1) epan/dissectors/packet-ansi_a.c en el disector ANSI A y (2) epan/dissectors/p... • https://www.exploit-db.com/exploits/39000 • CWE-20: Improper Input Validation •