CVE-2015-4651
https://notcve.org/view.php?id=CVE-2015-4651
The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.12.x before 1.12.6 does not properly determine whether enough memory is available for storing IP address strings, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. Vulnerabilidad en la función dissect_wccp2r1_address_table_info en epan/dissectors/packet-wccp.c en el WCCP dissector de Wireshark en su versión 1.12.x anteriores a 1.12.6 no determina adecuadamente si hay suficiente memoria disponible para almacenar cadenas de dirección IP, lo que permite a atacantes remotos causar una denegación de servicio mediante la caída de la aplicación a través de un paquete manipulado. • http://lists.opensuse.org/opensuse-updates/2015-07/msg00020.html http://www.debian.org/security/2015/dsa-3294 http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.securityfocus.com/bid/75317 http://www.securitytracker.com/id/1032662 http://www.wireshark.org/security/wnpa-sec-2015-19.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11153 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=524ed1df6e6126cd63ba419ccb82c83636d77ee4 https:& • CWE-399: Resource Management Errors •
CVE-2015-4652
https://notcve.org/view.php?id=CVE-2015-4652
epan/dissectors/packet-gsm_a_dtap.c in the GSM DTAP dissector in Wireshark 1.12.x before 1.12.6 does not properly validate digit characters, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to the de_emerg_num_list and de_bcd_num functions. Vulnerabilidad en epan/dissectors/packet-gsm_a_dtap.c en el GSM DTAP dissector de Wireshark en su versión 1.12.x anteriores a 1.12.6 no valida correctamente los caracteres de dígitos, lo que permite a atacantes remotos causar una denegación de servicio mediante la caída de la aplicación a través de un paquete manipulado, relacionado con las funciones de_emerg_num_list y de_bcd_num. • http://lists.opensuse.org/opensuse-updates/2015-07/msg00020.html http://www.debian.org/security/2015/dsa-3294 http://www.securityfocus.com/bid/75316 http://www.securitytracker.com/id/1032662 http://www.wireshark.org/security/wnpa-sec-2015-20.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11201 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=d93be95fc0e7011e8b4ade9171e7e66146063296 https://security.gentoo.org/glsa/201510-03 • CWE-20: Improper Input Validation •
CVE-2015-3809
https://notcve.org/view.php?id=CVE-2015-3809
The dissect_lbmr_pser function in epan/dissectors/packet-lbmr.c in the LBMR dissector in Wireshark 1.12.x before 1.12.5 does not properly track the current offset, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. La función dissect_lbmr_pser en epan/dissectors/packet-lbmr.c en el disector LBMR en Wireshark 1.12.x anterior a 1.12.5 no rastrea correctamente el desplazamiento actual, lo que permite a atacantes remotos causar una denegación de servicio (bucle infinito) a través de un paquete manipulado. • http://www.debian.org/security/2015/dsa-3277 http://www.securityfocus.com/bid/74632 http://www.wireshark.org/security/wnpa-sec-2015-12.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11036 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=c19860dba8d158c42865c3d9051b6f318cb41169 https://security.gentoo.org/glsa/201510-03 • CWE-189: Numeric Errors •
CVE-2015-3814
https://notcve.org/view.php?id=CVE-2015-3814
The (1) dissect_tfs_request and (2) dissect_tfs_response functions in epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 interpret a zero value as a length rather than an error condition, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. Las funciones (1) dissect_tfs_request y (2) dissect_tfs_response en epan/dissectors/packet-ieee80211.c en el disector IEEE 802.11 en Wireshark 1.10.x anterior a 1.10.14 y 1.12.x anterior a 1.12.5 interpretan un valor cero como una longitud en lugar de una condición de error, lo que permite a atacantes remotos causar una denegación de servicio (bucle infinito) a través de un paquete manipulado. • http://www.debian.org/security/2015/dsa-3277 http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html http://www.securityfocus.com/bid/74631 http://www.wireshark.org/security/wnpa-sec-2015-17.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11110 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=e243b0041328980a9bbd43bb8a8166d7422f9096 https://security.gentoo.org/glsa/201510-03 • CWE-189: Numeric Errors •
CVE-2015-3810 – wireshark: WebSocket DoS (wnpa-sec-2015-13)
https://notcve.org/view.php?id=CVE-2015-3810
epan/dissectors/packet-websocket.c in the WebSocket dissector in Wireshark 1.12.x before 1.12.5 uses a recursive algorithm, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted packet. epan/dissectors/packet-websocket.c en el disector WebSocket en Wireshark 1.12.x anterior a 1.12.5 utiliza un algoritmo recursivo, lo que permite a atacantes remotos causar una denegación de servicio (consumo de CPU) a través de un paquete manipulado. • http://www.debian.org/security/2015/dsa-3277 http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://www.securityfocus.com/bid/74629 http://www.wireshark.org/security/wnpa-sec-2015-13.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10989 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=4ee6bcbd2e03a25f1e6b0239558d9edeaf8040c0 https://security.gentoo.org/glsa/201510-03 https://access.redhat.com/security/cve/CVE-2015-3810 https:/& • CWE-399: Resource Management Errors CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •