CVSS: 7.5EPSS: 31%CPEs: 15EXPL: 2CVE-2010-4300 – Wireshark - LDSS Dissector Buffer Overflow
https://notcve.org/view.php?id=CVE-2010-4300
Heap-based buffer overflow in the dissect_ldss_transfer function (epan/dissectors/packet-ldss.c) in the LDSS dissector in Wireshark 1.2.0 through 1.2.12 and 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an LDSS packet with a long digest line that triggers memory corruption. Desbordamiento de búfer basado en memoria dinámica en la función dissect_ldss_transfer (epan/dissectors/packet-ldss.c) en el disector LDSS en Wireshark v1.2.0 hasta v1.2.12 y v1.4.0 hasta v1.4.1 permite a atacantes remotos provocar una denegación de servicio (cuelgue) y posiblemente ejecutar código arbitrario a través de un paquete LDSS con una línea de resumen larga lo cual provoca corrupción en la memoria. • https://www.exploit-db.com/exploits/15676 http://blogs.sun.com/security/entry/buffer_overflow_vulnerability_in_wireshark http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://osvdb.org/69354 http://secunia.com/advisories/42290 http://secunia.com/advisories/42411 http://secunia.com/advisories/42877 http://secunia.com/advisories/43068 http://www.exploit-db.com/exploits/15676 http:/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 2CVE-2010-4301 – Wireshark - ZigBee ZCL Dissector Infinite Loop Denial of Service
https://notcve.org/view.php?id=CVE-2010-4301
epan/dissectors/packet-zbee-zcl.c in the ZigBee ZCL dissector in Wireshark 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted ZCL packet, related to Discover Attributes. epan/dissectors/packet-zbee-zcl.c en el disector de ZigBee ZCL en Wireshark v1.4.0 hasta v1.4.1 permite a atacantes remotos provocar una denegación de servicio (bucle infinito) a través de un paquete ZCL manipulado, relacionado con Discover Attributes. • https://www.exploit-db.com/exploits/15973 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://osvdb.org/69355 http://secunia.com/advisories/42290 http://secunia.com/advisories/42877 http://secunia.com/advisories/43068 http://www.exploit-db.com/exploits/15973 http://www.securityfocus.com/bid/44986 http://www.vupen.com/english/advisories/2010/3038 http://www.vupen.com/ • CWE-399: Resource Management Errors •