CVSS: 7.5EPSS: 4%CPEs: 26EXPL: 1CVE-2013-3557 – wireshark: DoS (crash) in the ASN.1 BER dissector (wnpa-sec-2013-25, upstream #8599)
https://notcve.org/view.php?id=CVE-2013-3557
25 May 2013 — The dissect_ber_choice function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.6.x before 1.6.15 and 1.8.x before 1.8.7 does not properly initialize a certain variable, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. La función dissect_ber_choice en epan/dissectors/packet-ber.c en el disector ASN.1 BER en Wireshark v1.6.x antes de v1.6.15 y v1.8.x antes de v1.8.7 no inicializa correctamente una determinada variable, lo que per... • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-ber.c?r1=48944&r2=48943&pathrev=48944 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 24EXPL: 0CVE-2013-2482 – Mandriva Linux Security Advisory 2013-020
https://notcve.org/view.php?id=CVE-2013-2482
07 Mar 2013 — The AMPQ dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. EL disertor AMPQ en Wireshark v1.6.x antes de v1.6.14 y v1.8.x antes de v1.8.6 permite a atacantes remotos causar una denegación de servicios (bucle infinito) a través de paquetes malformados. Infinite and large loops in ANSI MAP, BACapp, Bluetooth HCI, IEEE 802.3, LTP, and R3 dissectors have been fixed in Wireshark. Various other issues have... • http://lists.opensuse.org/opensuse-updates/2013-03/msg00065.html •
CVSS: 7.5EPSS: 1%CPEs: 25EXPL: 0CVE-2013-2483 – Mandriva Linux Security Advisory 2013-020
https://notcve.org/view.php?id=CVE-2013-2483
07 Mar 2013 — The acn_add_dmp_data function in epan/dissectors/packet-acn.c in the ACN dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via an invalid count value in ACN_DMP_ADT_D_RE DMP data. La función acn_add_dmp_data en epan/dissectors/packet-acn.c en el disector ACN en Wireshark v1.6.x anterior a v1.6.14 y v1.8.x anterior a v1.8.6 permite a atacantes remotos causar una denegación de servicio (error por ... • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-acn.c?r1=47692&r2=47691&pathrev=47692 • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 0%CPEs: 25EXPL: 0CVE-2013-2485 – Mandriva Linux Security Advisory 2013-020
https://notcve.org/view.php?id=CVE-2013-2485
07 Mar 2013 — The FCSP dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. El disector FCSP en Wireshark v1.6.x anterior a v1.6.14 y v1.8.x anterior a v1.8.6 permite a atacantes remotos causar una denegación de servicio (bucle infinito) mediante un paquete malformado. Infinite and large loops in ANSI MAP, BACapp, Bluetooth HCI, IEEE 802.3, LTP, and R3 dissectors have been fixed in Wireshark. Various other issues hav... • http://lists.opensuse.org/opensuse-updates/2013-03/msg00065.html •
CVSS: 7.5EPSS: 1%CPEs: 25EXPL: 0CVE-2013-2481 – Mandriva Linux Security Advisory 2013-020
https://notcve.org/view.php?id=CVE-2013-2481
07 Mar 2013 — Integer signedness error in the dissect_mount_dirpath_call function in epan/dissectors/packet-mount.c in the Mount dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6, when nfs_file_name_snooping is enabled, allows remote attackers to cause a denial of service (application crash) via a negative length value. Error de entero sin signo en la función dissect_mount_dirpath_call en el disector Mount en Wireshark v1.6.x anterior a v1.6.14 y v1.8.x anterior a v1.8.6 cuando nfs_file_name_snooping está... • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-mount.c?r1=47672&r2=47671&pathrev=47672 • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 1%CPEs: 25EXPL: 0CVE-2013-2480 – Mandriva Linux Security Advisory 2013-020
https://notcve.org/view.php?id=CVE-2013-2480
07 Mar 2013 — The RTPS and RTPS2 dissectors in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allow remote attackers to cause a denial of service (application crash) via a malformed packet. Los disertores RTPS y TTPS2 en Wireshark v1.6.x antes de v1.6.14 y v1.8.x antes de v1.8.6 permite a atacantes remotos causar una denegación de servicios (caída de aplicación) a través de paquetes malformados. Infinite and large loops in ANSI MAP, BACapp, Bluetooth HCI, IEEE 802.3, LTP, and R3 dissectors have been fixed in Wiresh... • http://lists.opensuse.org/opensuse-updates/2013-03/msg00065.html •
CVSS: 7.5EPSS: 1%CPEs: 25EXPL: 0CVE-2013-2484 – Mandriva Linux Security Advisory 2013-020
https://notcve.org/view.php?id=CVE-2013-2484
07 Mar 2013 — The CIMD dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (application crash) via a malformed packet. El disector CIMD en Wireshark v1.6.x anterior a v1.6.14 y v1.8.x anterior a v1.8.6 permite a atacantes remotos causar una denegación de servicio (caida de la aplicación) mediante un paquete malformado. Infinite and large loops in ANSI MAP, BACapp, Bluetooth HCI, IEEE 802.3, LTP, and R3 dissectors have been fixed in Wireshark. Various othe... • http://lists.opensuse.org/opensuse-updates/2013-03/msg00065.html •
CVSS: 7.5EPSS: 3%CPEs: 25EXPL: 0CVE-2013-2488 – Mandriva Linux Security Advisory 2013-020
https://notcve.org/view.php?id=CVE-2013-2488
07 Mar 2013 — The DTLS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not validate the fragment offset before invoking the reassembly state machine, which allows remote attackers to cause a denial of service (application crash) via a large offset value that triggers write access to an invalid memory location. El disector DTLS en Wireshark v1.6.x anterior a v1.6.14 y v1.8.x anterior a v1.8.6 no valida el offset del fragmento antes de invocar el estado de la máquina, permitiendo a atacantes remotos ... • http://anonsvn.wireshark.org/viewvc?view=revision&revision=48011 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 1%CPEs: 25EXPL: 0CVE-2013-2478 – Mandriva Linux Security Advisory 2013-020
https://notcve.org/view.php?id=CVE-2013-2478
07 Mar 2013 — The dissect_server_info function in epan/dissectors/packet-ms-mms.c in the MS-MMS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not properly manage string lengths, which allows remote attackers to cause a denial of service (application crash) via a malformed packet that (1) triggers an integer overflow or (2) has embedded '\0' characters in a string. La función dissect_server_info en epan/dissectors/packet-ms-mms.c en el disertor MS-MMS en Wireshark v1.6.x antes de v1.6.14 y v1.8.x ... • http://anonsvn.wireshark.org/viewvc/trunk-1.8/epan/dissectors/packet-ms-mms.c?r1=47981&r2=47980&pathrev=47981 • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 0%CPEs: 18EXPL: 0CVE-2013-1580 – Mandriva Linux Security Advisory 2013-020
https://notcve.org/view.php?id=CVE-2013-1580
03 Feb 2013 — The dissect_cmstatus_tlv function in plugins/docsis/packet-cmstatus.c in the DOCSIS CM-STATUS dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 uses an incorrect data type for a position variable, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. La función dissect_cmstatus_tlv en plugins/docsis/packet-cmstatus.c en el DOCSIS CM-STATUS dissector en Wireshark v1.6.x anterior a v1.6.13 y v1.8.x anterior a v1.8.5 usa un tipo de datos incorrecto p... • http://anonsvn.wireshark.org/viewvc/trunk/plugins/docsis/packet-cmstatus.c?r1=47045&r2=47044&pathrev=47045 • CWE-20: Improper Input Validation •