Page 2 of 32 results (0.010 seconds)

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

In Wireshark 2.2.4 and earlier, a crafted or malformed STANAG 4607 capture file will cause an infinite loop and memory exhaustion. If the packet size field in a packet header is null, the offset to read from will not advance, causing continuous attempts to read the same zero length packet. This will quickly exhaust all system memory. En Wireshark 2.2.4 y versiones anteriores, un archivo de captura STANAG 4607 manipulado o mal formado causará un bucle infinito y agotamiento de memoria. Si el campo de tamaño de paquete en un encabezado de paquete es nulo, el desplazamiento a leer no avanzará, provocando intentos continuos para leer el mismo paquete de longitud cero. • http://www.debian.org/security/2017/dsa-3811 http://www.securityfocus.com/bid/96284 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13416 https://security.gentoo.org/glsa/201706-12 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0

epan/dissectors/packet-dec-dnart.c in the DECnet NSP/RT dissector in Wireshark 1.10.12 through 1.10.14 mishandles a certain strdup return value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. epan/dissectors/packet-dec-dnart.c en el disector DECnet NSP/RT en Wireshark 1.10.12 hasta la versión 1.10.14 no maneja correctamente un cierto valor de retorno strdup, lo que permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de un paquete manipulado. • http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://www.securityfocus.com/bid/74586 http://www.securitytracker.com/id/1032279 https://bugzilla.redhat.com/show_bug.cgi?id=1219409 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=373deb5f4182a5c4ab8c8418a7bbaa5d6e72bb05 https://security.gentoo.org/glsa/201510-03 https://access.redhat.com/security/cve/CVE-2015-3182 • CWE-20: Improper Input Validation CWE-704: Incorrect Type Conversion or Cast •

CVSS: 5.0EPSS: 0%CPEs: 21EXPL: 0

The (1) dissect_tfs_request and (2) dissect_tfs_response functions in epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 interpret a zero value as a length rather than an error condition, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. Las funciones (1) dissect_tfs_request y (2) dissect_tfs_response en epan/dissectors/packet-ieee80211.c en el disector IEEE 802.11 en Wireshark 1.10.x anterior a 1.10.14 y 1.12.x anterior a 1.12.5 interpretan un valor cero como una longitud en lugar de una condición de error, lo que permite a atacantes remotos causar una denegación de servicio (bucle infinito) a través de un paquete manipulado. • http://www.debian.org/security/2015/dsa-3277 http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html http://www.securityfocus.com/bid/74631 http://www.wireshark.org/security/wnpa-sec-2015-17.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11110 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=e243b0041328980a9bbd43bb8a8166d7422f9096 https://security.gentoo.org/glsa/201510-03 • CWE-189: Numeric Errors •

CVSS: 5.0EPSS: 0%CPEs: 21EXPL: 0

epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 improperly refers to previously processed bytes, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, a different vulnerability than CVE-2015-2188. epan/dissectors/packet-wcp.c en el disector WCP en Wireshark 1.10.x anterior a 1.10.14 y 1.12.x anterior a 1.12.5 refiere incorrectamente a bytes previamente procesados, lo que permite a atacantes remotos causar una denegación de servicio (caída de aplicación) a través de un paquete manipulado, una vulnerabilidad diferente a CVE-2015-2188. A flaw was found in WCP dissector of wireshark of which an attacker could crash wireshark by injecting a specially crafted packet onto the wire or by convincing wireshark user to read malformed packet trace file. • http://rhn.redhat.com/errata/RHSA-2017-0631.html http://www.debian.org/security/2015/dsa-3277 http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://www.wireshark.org/security/wnpa-sec-2015-14.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10978 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=a6fc6aa0b4efc1a1c3d7a2e3b5189e888fb6ccc2 https://security.gentoo.o • CWE-17: DEPRECATED: Code CWE-665: Improper Initialization •

CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0

Multiple memory leaks in the x11_init_protocol function in epan/dissectors/packet-x11.c in the X11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 allow remote attackers to cause a denial of service (memory consumption) via a crafted packet. Múltiples fugas de memoria en la función x11_init_protocol en epan/dissectors/packet-x11.c en el disector X11 en Wireshark 1.10.x anterior a 1.10.14 y 1.12.x anterior a 1.12.5 permiten a atacantes remotos causar una denegación de servicio (consumo de memoria) a través de un paquete manipulado. A flaw was found in X11 dissector of wireshark of which an attacker could make wireshark consume excessive CPU resources which could make system unresponsive by injecting specially crafted packet onto the wire or by convincing wireshark user to read malformed packet trace file. • http://rhn.redhat.com/errata/RHSA-2017-0631.html http://www.debian.org/security/2015/dsa-3277 http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://www.securityfocus.com/bid/74637 http://www.wireshark.org/security/wnpa-sec-2015-15.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11088 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=b8ccc2a6add29823a • CWE-399: Resource Management Errors CWE-401: Missing Release of Memory after Effective Lifetime •