CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-6014
https://notcve.org/view.php?id=CVE-2017-6014
In Wireshark 2.2.4 and earlier, a crafted or malformed STANAG 4607 capture file will cause an infinite loop and memory exhaustion. If the packet size field in a packet header is null, the offset to read from will not advance, causing continuous attempts to read the same zero length packet. This will quickly exhaust all system memory. En Wireshark 2.2.4 y versiones anteriores, un archivo de captura STANAG 4607 manipulado o mal formado causará un bucle infinito y agotamiento de memoria. Si el campo de tamaño de paquete en un encabezado de paquete es nulo, el desplazamiento a leer no avanzará, provocando intentos continuos para leer el mismo paquete de longitud cero. • http://www.debian.org/security/2017/dsa-3811 http://www.securityfocus.com/bid/96284 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13416 https://security.gentoo.org/glsa/201706-12 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 6.8EPSS: 0%CPEs: 19EXPL: 1CVE-2014-2281 – wireshark: NFS dissector crash (wnpa-sec-2014-01)
https://notcve.org/view.php?id=CVE-2014-2281
The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted NFS packet. La función nfs_name_snoop_add_name en epan/dissectors/packet-nfs.c en el diseccionador de NFS en Wireshark 1.8.x anterior a 1.8.13 y 1.10.x anterior a 1.10.6 no válida un cierto valor de longitud, lo que permite a atacantes remotos causar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de un paquete NFS manipulado. • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-nfs.c?r1=54875&r2=54874&pathrev=54875 http://anonsvn.wireshark.org/viewvc?view=revision&revision=54875 http://lists.opensuse.org/opensuse-updates/2014-03/msg00046.html http://lists.opensuse.org/opensuse-updates/2014-03/msg00047.html http://rhn.redhat.com/errata/RHSA-2014-0341.html http://rhn.redhat.com/errata/RHSA-2014-0342.html http://secunia.com/advisories/57480 http://secunia.com/advisories/57489 http://www.debian& • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 0%CPEs: 19EXPL: 2CVE-2014-2283 – wireshark: RLC dissector crash (wnpa-sec-2014-03)
https://notcve.org/view.php?id=CVE-2014-2283
epan/dissectors/packet-rlc in the RLC dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 uses inconsistent memory-management approaches, which allows remote attackers to cause a denial of service (use-after-free error and application crash) via a crafted UMTS Radio Link Control packet. epan/dissectors/packet-rlc en el diseccionador de RLC en Wireshark 1.8.x anterior a 1.8.13 y 1.10.x anterior a 1.10.6 utiliza enfoques de gestión de memoria inconsistentes, lo que permite a atacantes remotos causar una denegación de servicio (error de uso después de liberación y caída de aplicación) a través de un paquete UMTS Radio Link Control manipulado. • http://lists.opensuse.org/opensuse-updates/2014-03/msg00046.html http://lists.opensuse.org/opensuse-updates/2014-03/msg00047.html http://rhn.redhat.com/errata/RHSA-2014-0342.html http://secunia.com/advisories/57480 http://secunia.com/advisories/57489 http://www.debian.org/security/2014/dsa-2871 http://www.securitytracker.com/id/1029907 http://www.wireshark.org/security/wnpa-sec-2014-03.html https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_wireshark10 https:/&#x •
CVSS: 9.3EPSS: 95%CPEs: 19EXPL: 2CVE-2014-2299 – Wireshark 1.8.12/1.10.5 - wiretap/mpeg.c Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2014-2299
Buffer overflow in the mpeg_read function in wiretap/mpeg.c in the MPEG parser in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a large record in MPEG data. Desbordamiento de buffer en la función mpeg_read en wiretap/mpeg.c en el analizador MPEG en Wireshark 1.8.x anterior a 1.8.13 y 1.10.x anterior a 1.10.6 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (caída de aplicación) a través de un registro grande en datos MPEG. • https://www.exploit-db.com/exploits/33069 http://lists.opensuse.org/opensuse-updates/2014-03/msg00046.html http://lists.opensuse.org/opensuse-updates/2014-03/msg00047.html http://osvdb.org/show/osvdb/104199 http://packetstormsecurity.com/files/126337/Wireshark-1.8.12-1.10.5-wiretap-mpeg.c-Stack-Buffer-Overflow.html http://rhn.redhat.com/errata/RHSA-2014-0341.html http://rhn.redhat.com/errata/RHSA-2014-0342.html http://secunia.com/advisories/57480 http://secunia.com/advisor • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 1%CPEs: 16EXPL: 1CVE-2013-7112 – wireshark: SIP dissector could go into an infinite loop (wnpa-sec-2013-66)
https://notcve.org/view.php?id=CVE-2013-7112
The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 does not check for empty lines, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. la función dissect_sip_common en epan/dissectors/packet-sip.c en el dissector SIP de Wireshark 1.8.x anteriores a 1.8.12 y 1.10.x anteriores a 1.10.4 no comprueba si existen líneas vacias, lo cual permite a atacantes remotos causar una denegación de servicio (bucle infinito) a través de un paquete manipulado. • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-sip.c?r1=51738&r2=51737&pathrev=51738 http://anonsvn.wireshark.org/viewvc?view=revision&revision=51738 http://lists.opensuse.org/opensuse-updates/2014-01/msg00007.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00011.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00014.html http://rhn.redhat.com/errata/RHSA-2014-0341.html http://rhn.redhat.com/errata/RHSA-2014-0342.html http://secunia.com/advisories&# • CWE-20: Improper Input Validation CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •