CVSS: 7.5EPSS: 1%CPEs: 41EXPL: 0CVE-2010-2286 – wireshark: SigComp UDVM dissector infinite loop
https://notcve.org/view.php?id=CVE-2010-2286
15 Jun 2010 — The SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.7 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. El analizador de protocolo SigComp Universal Decompressor Virtual Machine en Wireshark v0.10.7 hasta v1.0.13 y v1.2.0 hasta v1.2.8 permite a atacantes remotos provocar una denegación de servicio (búcle infinito) a través de vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html • CWE-399: Resource Management Errors CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 9.3EPSS: 1%CPEs: 36EXPL: 2CVE-2009-4377 – wireshark: invalid pointer dereference in SMB/SMB2 dissectors
https://notcve.org/view.php?id=CVE-2009-4377
21 Dec 2009 — The (1) SMB and (2) SMB2 dissectors in Wireshark 0.9.0 through 1.2.4 allow remote attackers to cause a denial of service (crash) via a crafted packet that triggers a NULL pointer dereference, as demonstrated by fuzz-2009-12-07-11141.pcap. El analizador (1) SMB y (2) SMB2 en Wireshark v0.9.0 hasta v1.2.4 permite a atacantes remotos provocar una denegación de servicio (caída) mediante un paquete modificado, como se ha demostrado por fuzz-2009-12-07-11141.pcap. • http://osvdb.org/61178 •
CVSS: 9.8EPSS: 5%CPEs: 53EXPL: 0CVE-2009-3829 – wireshark: unsigned integer wrap vulnerability in ERF reader (VU#676492)
https://notcve.org/view.php?id=CVE-2009-3829
30 Oct 2009 — Integer overflow in wiretap/erf.c in Wireshark before 1.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted erf file, related to an "unsigned integer wrap vulnerability." Desbordamiento de entero en wiretap/erf.c en Wireshark en versiones anteriores a v1.2.2 permite a atacantes remotos ejecutar código arbitrario o producir una denegación de servicio (caída de aplicación) a través de un fichero erf manipulado, relacionado con la vulnerabilidad ... • http://anonsvn.wireshark.org/viewvc/trunk/wiretap/erf.c?view=markup&pathrev=29364 • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 1%CPEs: 30EXPL: 0CVE-2009-2562 – Wireshark: Integer overflow in the AFS dissector
https://notcve.org/view.php?id=CVE-2009-2562
21 Jul 2009 — Unspecified vulnerability in the AFS dissector in Wireshark 0.9.2 through 1.2.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. Vulnerabilidad no especificada en el analizador AFS en Wireshark v0.9.2 a v1.2.0 permite a atacantes remotos provocar una denegación de servicio (caída) mediante vectores desconocidos. • http://secunia.com/advisories/35884 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 2%CPEs: 26EXPL: 0CVE-2009-1829 – wireshark: PCNFSD dissector crash
https://notcve.org/view.php?id=CVE-2009-1829
29 May 2009 — Unspecified vulnerability in the PCNFSD dissector in Wireshark 0.8.20 through 1.0.7 allows remote attackers to cause a denial of service (crash) via crafted PCNFSD packets. Vulnerabilidad sin especificar en el analizador PCNFSD en Wireshark v0.8.20 hasta v1.0.7 permite a atacantes remotos provocar una denegación de servicio (caída) a través de paquetes PCNFSD manipulados. • http://osvdb.org/54629 •
CVSS: 10.0EPSS: 0%CPEs: 45EXPL: 0CVE-2009-1266
https://notcve.org/view.php?id=CVE-2009-1266
21 Apr 2009 — Unspecified vulnerability in Wireshark before 1.0.7 has unknown impact and attack vectors. Vulnerabilidad inespecífica en Wireshark anteriores a v1.0.7-0.1-1 tiene un impacto y vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html •
CVSS: 10.0EPSS: 34%CPEs: 42EXPL: 2CVE-2009-1210 – Wireshark 1.0.6 - PN-DCP Format String (PoC)
https://notcve.org/view.php?id=CVE-2009-1210
01 Apr 2009 — Format string vulnerability in the PROFINET/DCP (PN-DCP) dissector in Wireshark 1.0.6 and earlier allows remote attackers to execute arbitrary code via a PN-DCP packet with format string specifiers in the station name. NOTE: some of these details are obtained from third party information. Una vulnerabilidad de cadena de formato en el disector PROFINET/DCP (PN-DCP) en Wireshark versión 1.0.6 y anteriores, permite a los atacantes remotos ejecutar código arbitrario por medio de un paquete PN-DCP con especifica... • https://www.exploit-db.com/exploits/8308 • CWE-134: Use of Externally-Controlled Format String •
CVSS: 7.5EPSS: 2%CPEs: 41EXPL: 0CVE-2008-5285 – wireshark: DoS (infinite loop) in SMTP dissector via large SMTP request
https://notcve.org/view.php?id=CVE-2008-5285
01 Dec 2008 — Wireshark 1.0.4 and earlier allows remote attackers to cause a denial of service via a long SMTP request, which triggers an infinite loop. Wireshark 1.0.4 y anteriores permite a atacantes remotos causar una denegación de servicio a través de una petición SMTP demasiado larga, lo que ocasiona un bucle infinito. • http://lists.grok.org.uk/pipermail/full-disclosure/2008-November/065840.html • CWE-399: Resource Management Errors CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 2%CPEs: 14EXPL: 0CVE-2008-3145 – wireshark: crash in the packet reassembling
https://notcve.org/view.php?id=CVE-2008-3145
16 Jul 2008 — The fragment_add_work function in epan/reassemble.c in Wireshark 0.8.19 through 1.0.1 allows remote attackers to cause a denial of service (crash) via a series of fragmented packets with non-sequential fragmentation offset values, which lead to a buffer over-read. La función fragment_add_work de epan/reassemble.c en Wireshark versiones 0.8.19 hasta la 1.0.1, permite a atacantes remotos provocar una denegación de servicio (caída) a través de series de paquetes fragmentados con valores de desplazamiento de fr... • http://anonsvn.wireshark.org/viewvc/index.py?view=rev&revision=25343 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 2%CPEs: 10EXPL: 1CVE-2008-3137 – wireshark: crash in the GSM SMS dissector
https://notcve.org/view.php?id=CVE-2008-3137
10 Jul 2008 — The GSM SMS dissector in Wireshark (formerly Ethereal) 0.99.2 through 1.0.0 allows remote attackers to cause a denial of service (application crash) via unknown vectors. El analizador GSM SMS en Wireshark (anteriormente Ethereal) 0.99.2 a la v1.0.0, permite a atacantes remotos provocar una denegación de servicio (caída) a través de vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html • CWE-20: Improper Input Validation •