Page 13 of 93 results (0.004 seconds)

CVSS: 6.8EPSS: 0%CPEs: 9EXPL: 0

CVE-2015-7830 – Wireshark PCAPNG if_filter Arbitrary Free Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2015-7830

The pcapng_read_if_descr_block function in wiretap/pcapng.c in the pcapng parser in Wireshark 1.12.x before 1.12.8 uses too many levels of pointer indirection, which allows remote attackers to cause a denial of service (incorrect free and application crash) via a crafted packet that triggers interface-filter copying. La función pcapng_read_if_descr_block en wiretap/pcapng.c en el analizador pcapng en Wireshark 1.12.x en versiones anteriores a 1.12.8 utiliza demasiados niveles de indirección de puntero, lo que permite a atacantes remotos provocar una denegación de servicio (liberación de memoria incorrecta y caída de aplicación) a través de un paquete manipulado que desencadena el copiado del filtro de interfaz. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Wireshark. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of PCAPNG files. The issue lies in the handling of the if_filter section within next-generation PCAP files. • http://lists.opensuse.org/opensuse-updates/2015-10/msg00053.html http://www.debian.org/security/2016/dsa-3505 http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.securityfocus.com/bid/77101 http://www.securityfocus.com/bid/78723 http://www.securitytracker.com/id/1033953 http://www.wireshark.org/security/wnpa-sec-2015-30.html http://www.zerodayinitiative.com/advisories/ZDI-15-624 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11455 https: • CWE-20: Improper Input Validation •

CVSS: 4.3EPSS: 0%CPEs: 9EXPL: 0

CVE-2015-6246 – wireshark: WaveAgent dissector crash (wnpa-sec-2015-26)

https://notcve.org/view.php?id=CVE-2015-6246

The dissect_wa_payload function in epan/dissectors/packet-waveagent.c in the WaveAgent dissector in Wireshark 1.12.x before 1.12.7 mishandles large tag values, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. Vulnerabilidad en la función dissect_wa_payload en epan/dissectors/packet-waveagent.c en el disector WaveAgent en Wireshark 1.12.x en versiones anteriores a 1.12.7, no maneja adecuadamente los valores de etiqueta grandes, lo que permite a atacantes remotos causar una denegación de servicio (caída de la aplicación) a través de un paquete manipulado. • http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168837.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165509.html http://lists.opensuse.org/opensuse-updates/2015-10/msg00053.html http://www.debian.org/security/2015/dsa-3367 http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://www.securityfocus.com/bid/76381 http://www.securitytracker.com/id&# • CWE-20: Improper Input Validation •

CVSS: 4.3EPSS: 0%CPEs: 9EXPL: 0

CVE-2015-6248 – wireshark: Ptvcursor crash (wnpa-sec-2015-28)

https://notcve.org/view.php?id=CVE-2015-6248

The ptvcursor_add function in the ptvcursor implementation in epan/proto.c in Wireshark 1.12.x before 1.12.7 does not check whether the expected amount of data is available, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. Vulnerabilidad en la función ptvcursor_add en la implementación ptvcursor en epan/proto.c en Wireshark 1.12.x en versiones anteriores a 1.12.7, no comprueba si la cantidad de datos esperada está disponible, lo que permite a atacantes remotos causar una denegación de servicio (caída de la aplicación) a través de un paquete manipulado. • http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168837.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165509.html http://lists.opensuse.org/opensuse-updates/2015-10/msg00053.html http://www.debian.org/security/2015/dsa-3367 http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://www.securityfocus.com/bid/76387 http://www.securitytracker.com/id&# • CWE-20: Improper Input Validation •

CVSS: 4.3EPSS: 0%CPEs: 8EXPL: 0

CVE-2015-6249

https://notcve.org/view.php?id=CVE-2015-6249

The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.12.x before 1.12.7 does not prevent the conflicting use of a table for both IPv4 and IPv6 addresses, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. Vulnerabilidad en la función dissect_wccp2r1_address_table_info en epan/dissectors/packet-wccp.c en el disector WCCP en Wireshark 1.12.x en versiones anteriores a 1.12.7, no impide el uso conflictivo de una tabla para las direcciones IPv4 y IPv6, lo que permite a atacantes remotos causar una denegación de servicio (caída de la aplicación) a través de un paquete manipulado. • http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168837.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165509.html http://lists.opensuse.org/opensuse-updates/2015-10/msg00053.html http://www.debian.org/security/2015/dsa-3367 http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.securitytracker.com/id/1033272 http://www.wireshark.org/security/wnpa-sec-2015-29.html https://bugs.wireshark.org/bugzilla/show_bug.cgi& • CWE-20: Improper Input Validation •

CVSS: 4.3EPSS: 0%CPEs: 9EXPL: 0

CVE-2015-6245 – wireshark: GSM RLC/MAC dissector infinite loop (wnpa-sec-2015-25)

https://notcve.org/view.php?id=CVE-2015-6245

epan/dissectors/packet-gsm_rlcmac.c in the GSM RLC/MAC dissector in Wireshark 1.12.x before 1.12.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. Vulnerabilidad en epan/dissectors/packet-gsm_rlcmac.c en el disector GSM RLC/MAC en Wireshark 1.12.x en versiones anteriores a 1.12.7, usa tipos de datos de enteros incorrectos, lo que permite a atacantes remotos causar una denegación de servicio (bucle infinito) a través de un paquete manipulado. • http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168837.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165509.html http://lists.opensuse.org/opensuse-updates/2015-10/msg00053.html http://www.debian.org/security/2015/dsa-3367 http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://www.securityfocus.com/bid/76382 http://www.securitytracker.com/id&# • CWE-20: Improper Input Validation CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •