CVE-2013-2488
https://notcve.org/view.php?id=CVE-2013-2488
The DTLS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not validate the fragment offset before invoking the reassembly state machine, which allows remote attackers to cause a denial of service (application crash) via a large offset value that triggers write access to an invalid memory location. El disector DTLS en Wireshark v1.6.x anterior a v1.6.14 y v1.8.x anterior a v1.8.6 no valida el offset del fragmento antes de invocar el estado de la máquina, permitiendo a atacantes remotos provocar una denegación de servicio (caída de la aplicación) a través de un gran valor de desplazamiento que desencadena el acceso de escritura a una ubicación de memoria no válida. • http://anonsvn.wireshark.org/viewvc?view=revision&revision=48011 http://lists.opensuse.org/opensuse-updates/2013-03/msg00065.html http://lists.opensuse.org/opensuse-updates/2013-03/msg00077.html http://secunia.com/advisories/52471 http://www.debian.org/security/2013/dsa-2644 http://www.wireshark.org/docs/relnotes/wireshark-1.6.14.html http://www.wireshark.org/docs/relnotes/wireshark-1.8.6.html http://www.wireshark.org/security/wnpa-sec-2013-22.html https://bugs.wireshark.org • CWE-20: Improper Input Validation •
CVE-2013-1572
https://notcve.org/view.php?id=CVE-2013-1572
The dissect_oampdu_event_notification function in epan/dissectors/packet-slowprotocols.c in the IEEE 802.3 Slow Protocols dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle certain short lengths, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. La funciíon dissect_oampdu_event_notification en epan/dissectors/packet-slowprotocols.c en el dissector IEEE 802.3 Slow Protocols en Wireshark v1.6.x anterior a v1.6.13 y v1.8.x anterior a v1.8.5 no maneja correctamente ciertas longitudes cortas, lo cual permite a atacantes remotos causar una denegación de servicio (loop infinito) mediante un paquete malformado. • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-slowprotocols.c?r1=46336&r2=46335&pathrev=46336 http://anonsvn.wireshark.org/viewvc?view=revision&revision=46336 http://lists.opensuse.org/opensuse-updates/2013-02/msg00028.html http://lists.opensuse.org/opensuse-updates/2013-02/msg00037.html http://www.wireshark.org/security/wnpa-sec-2013-01.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8036 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3A • CWE-20: Improper Input Validation •
CVE-2013-1573
https://notcve.org/view.php?id=CVE-2013-1573
The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle a large number of padding bits, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. La función csnStreamDissector enepan/dissectors/packet-csn1.c en el dissector CSN.1 en Wireshark v1.6.x anterior a v1.6.13 y v1.8.x anterior a v1.8.5 no gestiona correctamente un relleno largo de bits, permitiendo a atacantes remotos causar una denegación de servicio (loop infinito) mediante un paquete malformado. • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-csn1.c?r1=46335&r2=46334&pathrev=46335 http://anonsvn.wireshark.org/viewvc?view=revision&revision=46335 http://lists.opensuse.org/opensuse-updates/2013-02/msg00028.html http://lists.opensuse.org/opensuse-updates/2013-02/msg00037.html http://www.wireshark.org/security/wnpa-sec-2013-01.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8037 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3 • CWE-20: Improper Input Validation •
CVE-2013-1574
https://notcve.org/view.php?id=CVE-2013-1574
The dissect_bthci_eir_ad_data function in epan/dissectors/packet-bthci_cmd.c in the Bluetooth HCI dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 uses an incorrect data type for a counter variable, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. La función dissect_bthci_eir_ad_data en epan/dissectors/packet-bthci_cmd.c en el dissector Bluetooth HCI en Wireshark v1.6.x anterior a v1.6.13 y v1.8.x anterior a v1.8.5 usa un tipo de datos incorrectos para una variable contador, permitiendo a atacantes remotos causar una denegación de servicio (loop infinito) mediante un paquete malformado. • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-bthci_cmd.c?r1=46345&r2=46344&pathrev=46345 http://anonsvn.wireshark.org/viewvc?view=revision&revision=46345 http://lists.opensuse.org/opensuse-updates/2013-02/msg00028.html http://lists.opensuse.org/opensuse-updates/2013-02/msg00037.html http://www.wireshark.org/security/wnpa-sec-2013-01.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8038 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3A • CWE-20: Improper Input Validation •
CVE-2013-1575
https://notcve.org/view.php?id=CVE-2013-1575
The dissect_r3_cmd_alarmconfigure function in epan/dissectors/packet-assa_r3.c in the R3 dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle a certain alarm length, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. La función dissect_r3_cmd_alarmconfigure en epan/dissectors/packet-assa_r3.c en el dissector R3 en Wireshark v1.6.x anterior a v1.6.13 y v1.8.x anterior a v1.8.5 no maneja correctamente cierta longitud de alarma, permitiendo a atacantes remotso causar una denegación de servicio (bucle infinito) mediante un paquete malformado. • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-assa_r3.c?r1=46415&r2=46414&pathrev=46415 http://anonsvn.wireshark.org/viewvc?view=revision&revision=46415 http://lists.opensuse.org/opensuse-updates/2013-02/msg00028.html http://lists.opensuse.org/opensuse-updates/2013-02/msg00037.html http://www.wireshark.org/security/wnpa-sec-2013-01.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8040 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Ade • CWE-20: Improper Input Validation •