CVE-2017-6014
https://notcve.org/view.php?id=CVE-2017-6014
In Wireshark 2.2.4 and earlier, a crafted or malformed STANAG 4607 capture file will cause an infinite loop and memory exhaustion. If the packet size field in a packet header is null, the offset to read from will not advance, causing continuous attempts to read the same zero length packet. This will quickly exhaust all system memory. En Wireshark 2.2.4 y versiones anteriores, un archivo de captura STANAG 4607 manipulado o mal formado causará un bucle infinito y agotamiento de memoria. Si el campo de tamaño de paquete en un encabezado de paquete es nulo, el desplazamiento a leer no avanzará, provocando intentos continuos para leer el mismo paquete de longitud cero. • http://www.debian.org/security/2017/dsa-3811 http://www.securityfocus.com/bid/96284 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13416 https://security.gentoo.org/glsa/201706-12 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVE-2011-0024 – wireshark: heap-based buffer overflow in wireshark < 1.2 when reading malformed capture files
https://notcve.org/view.php?id=CVE-2011-0024
Heap-based buffer overflow in wiretap/pcapng.c in Wireshark before 1.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted capture file. Desbordamiento de búfer basado en memoria dinámica en wiretap/pcapng.c de Wireshark en versiones anteriores a v1.2,permite a atacantes remotos causar una denegación de servicio (cuelgue) o ejecutar código arbitrario a través de un fichero de capturas de tráfico manipulado. • http://secunia.com/advisories/43821 http://www.redhat.com/support/errata/RHSA-2011-0370.html http://www.vupen.com/english/advisories/2011/0719 https://bugzilla.redhat.com/show_bug.cgi?id=671331 https://access.redhat.com/security/cve/CVE-2011-0024 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVE-2011-1143 – Wireshark 1.4.3 - NTLMSSP Null Pointer Dereference Denial of Service
https://notcve.org/view.php?id=CVE-2011-1143
epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted .pcap file. epan/dissectors/packet-ntlmssp.c del NTLMSSP dissector de Wireshark en versiones anteriores a la 1.4.4 permite a atacantes remotos provocar una denegación de servicio (resolución de puntero NULL y caída de la aplicación) a través de un fichero .pcap modificado. • https://www.exploit-db.com/exploits/35432 http://anonsvn.wireshark.org/viewvc?view=rev&revision=34018 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.html http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.html http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html http://secunia.com/advisories/43759 http://secunia.com/advisories/43821 http://secunia.com/advisories/44169 http://secunia.com/advisories/48947 http://w • CWE-476: NULL Pointer Dereference •
CVE-2010-3133 – Wireshark 1.2.10 - 'airpcap.dll' DLL Hijacking
https://notcve.org/view.php?id=CVE-2010-3133
Untrusted search path vulnerability in Wireshark 0.8.4 through 1.0.15 and 1.2.0 through 1.2.10 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse airpcap.dll, and possibly other DLLs, that is located in the same folder as a file that automatically launches Wireshark. Una vulnerabilidad de ruta de búsqueda no confiable en Wireshark versiones 0.8.4 hasta 1.0.15 y versiones 1.2.0 hasta 1.2.10 permite a los usuarios locales, y posiblemente a atacantes remotos, ejecutar código arbitrario y conducir ataques de secuestro de DLL por medio de un archivo airpcap.dll de tipo caballo de Troya, y posiblemente otros DLL, que se encuentra en la misma carpeta que un archivo que inicia automáticamente Wireshark. • https://www.exploit-db.com/exploits/14721 http://secunia.com/advisories/41064 http://www.exploit-db.com/exploits/14721 http://www.vupen.com/english/advisories/2010/2165 http://www.vupen.com/english/advisories/2010/2243 http://www.wireshark.org/security/wnpa-sec-2010-09.html http://www.wireshark.org/security/wnpa-sec-2010-10.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11498 •
CVE-2010-2994
https://notcve.org/view.php?id=CVE-2010-2994
Stack-based buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.14 and 1.2.0 through 1.2.9 has unknown impact and remote attack vectors. NOTE: this issue exists because of a CVE-2010-2284 regression. Desbordamiento de buffer de pila en el componente "ASN.1 BER dissector" de Wireshark v0.10.13 hasta la versión v1.0.14 y v1.2.0 hasta la v1.2.9 tiene un impacto desconocido y vectores de ataque en remoto. NOTA: esta vulnerabilidad existe debido a la regresión de CVE-2010-2284. • http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/42877 http://secunia.com/advisories/43068 http://www.vupen.com/english/advisories/2011/0076 http://www.vupen.com/english/advisories/2011/0212 http://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12047 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •