CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-6014
https://notcve.org/view.php?id=CVE-2017-6014
In Wireshark 2.2.4 and earlier, a crafted or malformed STANAG 4607 capture file will cause an infinite loop and memory exhaustion. If the packet size field in a packet header is null, the offset to read from will not advance, causing continuous attempts to read the same zero length packet. This will quickly exhaust all system memory. En Wireshark 2.2.4 y versiones anteriores, un archivo de captura STANAG 4607 manipulado o mal formado causará un bucle infinito y agotamiento de memoria. Si el campo de tamaño de paquete en un encabezado de paquete es nulo, el desplazamiento a leer no avanzará, provocando intentos continuos para leer el mismo paquete de longitud cero. • http://www.debian.org/security/2017/dsa-3811 http://www.securityfocus.com/bid/96284 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13416 https://security.gentoo.org/glsa/201706-12 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.0EPSS: 9%CPEs: 28EXPL: 3CVE-2013-4074 – Wireshark CAPWAP Dissector - Denial of Service
https://notcve.org/view.php?id=CVE-2013-4074
The dissect_capwap_data function in epan/dissectors/packet-capwap.c in the CAPWAP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 incorrectly uses a -1 data value to represent an error condition, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. La función dissect_capwap_data en epan/dissectors/packet-capwap.c en el dissector CAPWAP en Wireshark v1.6.x anterior a v1.6.16 y v1.8.x anterior a v1.8.8 usa incorrectamente un valor de -1 para representar un error de condición, lo que permite a atacantes remotos causar una denegación de servicio (caída de la aplicación) mediante un paquete especialmente diseñado. • https://www.exploit-db.com/exploits/33556 http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-capwap.c?r1=43716&r2=43715&pathrev=43716 http://anonsvn.wireshark.org/viewvc?view=revision&revision=43716 http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html http://osvdb.org/show/osvdb/94091 http://packetstormsecurity.com/files/126848/Wireshark-CAPWAP-Dissector-Denial-Of-Service.html http://secunia.com/advisories&#x • CWE-189: Numeric Errors •
CVSS: 5.0EPSS: 0%CPEs: 28EXPL: 0CVE-2013-4081 – wireshark: DoS (infinite loop) in the HTTP dissector (wnpa-sec-2013-39)
https://notcve.org/view.php?id=CVE-2013-4081
The http_payload_subdissector function in epan/dissectors/packet-http.c in the HTTP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 does not properly determine when to use a recursive approach, which allows remote attackers to cause a denial of service (stack consumption) via a crafted packet. La función http_payload_subdissector en epan/dissectors/packet-http.c en el HTTP dissector en Wireshark 1.6.x anterior a 1.6.16 y 1.8.x anterior a 1.8.8, no determina adecuadamente cuando se utiliza una aproximación recursiva, lo que permite a atacantes remotos provocar una denegación de servicio (consumo de pila) a través de un paquete manipulado. • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-http.c?r1=49623&r2=49622&pathrev=49623 http://anonsvn.wireshark.org/viewvc?view=revision&revision=49623 http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html http://rhn.redhat.com/errata/RHSA-2014-0341.html http://secunia.com/advisories/53762 http://secunia.com/advisories/54425 http://www.debian.org/security/2013/dsa-2709 http://www.gentoo.or • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 6.8EPSS: 0%CPEs: 25EXPL: 0CVE-2013-4083 – wireshark: Invalid free in the DCP ETSI dissector (wnpa-sec-2013-41)
https://notcve.org/view.php?id=CVE-2013-4083
The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.6.x before 1.6.16, 1.8.x before 1.8.8, and 1.10.0 does not validate a certain fragment length value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. La función dissect_pft function en epan/dissectors/packet-dcp-etsi.c DCP ETS dissector I en Wireshark 1.6.x anterior a 1.6.16, 1.8.x anterior a 1.8.8, y 1.10.0, no valida adecuadamente el tamaño de los fragmentos, lo que permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de un paquete manipulado. • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-dcp-etsi.c?r1=49802&r2=49801&pathrev=49802 http://anonsvn.wireshark.org/viewvc?view=revision&revision=49802 http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html http://rhn.redhat.com/errata/RHSA-2014-0341.html http://secunia.com/advisories/53762 http://secunia.com/advisories/54296 http://secunia.com/advisories/54425 http://www.debian.org/securit • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 0%CPEs: 26EXPL: 0CVE-2013-3556
https://notcve.org/view.php?id=CVE-2013-3556
The fragment_add_seq_common function in epan/reassemble.c in the ASN.1 BER dissector in Wireshark before r48943 has an incorrect pointer dereference during a comparison, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. La función fragment_add_seq_common en epan/reassemble.c en el disector ASN.1 BER en Wireshark antes de r48943 tiene una referencia a un puntero incorrecto durante la comparación, lo que permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de un paquete mal formado. • http://anonsvn.wireshark.org/viewvc/trunk/epan/reassemble.c?r1=48943&r2=48942&pathrev=48943 http://anonsvn.wireshark.org/viewvc?view=revision&revision=48943 http://lists.opensuse.org/opensuse-updates/2013-06/msg00048.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00083.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html http://secunia.com/advisories/53425 http://secunia.com/advisories/54425 http:/ • CWE-20: Improper Input Validation •