CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-6014
https://notcve.org/view.php?id=CVE-2017-6014
In Wireshark 2.2.4 and earlier, a crafted or malformed STANAG 4607 capture file will cause an infinite loop and memory exhaustion. If the packet size field in a packet header is null, the offset to read from will not advance, causing continuous attempts to read the same zero length packet. This will quickly exhaust all system memory. En Wireshark 2.2.4 y versiones anteriores, un archivo de captura STANAG 4607 manipulado o mal formado causará un bucle infinito y agotamiento de memoria. Si el campo de tamaño de paquete en un encabezado de paquete es nulo, el desplazamiento a leer no avanzará, provocando intentos continuos para leer el mismo paquete de longitud cero. • http://www.debian.org/security/2017/dsa-3811 http://www.securityfocus.com/bid/96284 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13416 https://security.gentoo.org/glsa/201706-12 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.0EPSS: 0%CPEs: 21EXPL: 0CVE-2015-3814
https://notcve.org/view.php?id=CVE-2015-3814
The (1) dissect_tfs_request and (2) dissect_tfs_response functions in epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 interpret a zero value as a length rather than an error condition, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. Las funciones (1) dissect_tfs_request y (2) dissect_tfs_response en epan/dissectors/packet-ieee80211.c en el disector IEEE 802.11 en Wireshark 1.10.x anterior a 1.10.14 y 1.12.x anterior a 1.12.5 interpretan un valor cero como una longitud en lugar de una condición de error, lo que permite a atacantes remotos causar una denegación de servicio (bucle infinito) a través de un paquete manipulado. • http://www.debian.org/security/2015/dsa-3277 http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html http://www.securityfocus.com/bid/74631 http://www.wireshark.org/security/wnpa-sec-2015-17.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11110 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=e243b0041328980a9bbd43bb8a8166d7422f9096 https://security.gentoo.org/glsa/201510-03 • CWE-189: Numeric Errors •
CVSS: 5.0EPSS: 0%CPEs: 21EXPL: 0CVE-2015-3811 – wireshark: WCP dissector crash (wnpa-sec-2015-14)
https://notcve.org/view.php?id=CVE-2015-3811
epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 improperly refers to previously processed bytes, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, a different vulnerability than CVE-2015-2188. epan/dissectors/packet-wcp.c en el disector WCP en Wireshark 1.10.x anterior a 1.10.14 y 1.12.x anterior a 1.12.5 refiere incorrectamente a bytes previamente procesados, lo que permite a atacantes remotos causar una denegación de servicio (caída de aplicación) a través de un paquete manipulado, una vulnerabilidad diferente a CVE-2015-2188. A flaw was found in WCP dissector of wireshark of which an attacker could crash wireshark by injecting a specially crafted packet onto the wire or by convincing wireshark user to read malformed packet trace file. • http://rhn.redhat.com/errata/RHSA-2017-0631.html http://www.debian.org/security/2015/dsa-3277 http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://www.wireshark.org/security/wnpa-sec-2015-14.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10978 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=a6fc6aa0b4efc1a1c3d7a2e3b5189e888fb6ccc2 https://security.gentoo.o • CWE-17: DEPRECATED: Code CWE-665: Improper Initialization •
CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0CVE-2015-3812 – wireshark: X11 memory leak (wnpa-sec-2015-15)
https://notcve.org/view.php?id=CVE-2015-3812
Multiple memory leaks in the x11_init_protocol function in epan/dissectors/packet-x11.c in the X11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 allow remote attackers to cause a denial of service (memory consumption) via a crafted packet. Múltiples fugas de memoria en la función x11_init_protocol en epan/dissectors/packet-x11.c en el disector X11 en Wireshark 1.10.x anterior a 1.10.14 y 1.12.x anterior a 1.12.5 permiten a atacantes remotos causar una denegación de servicio (consumo de memoria) a través de un paquete manipulado. A flaw was found in X11 dissector of wireshark of which an attacker could make wireshark consume excessive CPU resources which could make system unresponsive by injecting specially crafted packet onto the wire or by convincing wireshark user to read malformed packet trace file. • http://rhn.redhat.com/errata/RHSA-2017-0631.html http://www.debian.org/security/2015/dsa-3277 http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://www.securityfocus.com/bid/74637 http://www.wireshark.org/security/wnpa-sec-2015-15.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11088 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=b8ccc2a6add29823a • CWE-399: Resource Management Errors CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.0EPSS: 0%CPEs: 24EXPL: 0CVE-2015-2189 – wireshark: The pcapng file parser could crash (wnpa-sec-2015-08)
https://notcve.org/view.php?id=CVE-2015-2189
Off-by-one error in the pcapng_read function in wiretap/pcapng.c in the pcapng file parser in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via an invalid Interface Statistics Block (ISB) interface ID in a crafted packet. Error de superación de límite (off-by-one) en la función pcapng_read en wiretap/pcapng.c en el analizador sintáctico pcapng en Wireshark 1.10.x anterior a 1.10.13 y 1.12.x anterior a 1.12.4 permite a atacantes remotos causar una denegación de servicio (lectura fuera de rango y caída de la aplicación) a través de un identificador de la interfaz Interface Statistics Block (ISB) inválido en un paquete manipulado. • http://advisories.mageia.org/MGASA-2015-0117.html http://lists.opensuse.org/opensuse-updates/2015-03/msg00038.html http://rhn.redhat.com/errata/RHSA-2015-1460.html http://www.debian.org/security/2015/dsa-3210 http://www.mandriva.com/security/advisories?name=MDVSA-2015:183 http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://www.securityfocus.com/bid/72944 http://www.securitytra • CWE-189: Numeric Errors CWE-193: Off-by-one Error •