CVSS: 3.3EPSS: 0%CPEs: 35EXPL: 0CVE-2010-2285
https://notcve.org/view.php?id=CVE-2010-2285
The SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors. El disector de SMB PIPE en Wireshark v0.8.20 a 1.0.13 y v1.2.0 a v1.2.8 permite a atacantes remotos provocar una denegación de servicio (desreferencia de puntero nulo) a través de vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/40112 http://secunia.com/advisories/42877 http://secunia.com/advisories/43068 http://www.mandriva.com/security/advisories?name=MDVSA-2010:113 http://www.openwall.com/lists/oss-security/2010/06/11/1 http://www.securityfocus.com/bid/40728 http://www.vupen.com/english/advisories/2010/1418 http://www. •
CVSS: 4.3EPSS: 0%CPEs: 35EXPL: 0CVE-2010-1455 – wireshark: DOCSIS dissector crash
https://notcve.org/view.php?id=CVE-2010-1455
The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0 through 1.2.7 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed packet trace file. El disector de DOCSIS en Wireshark v0.9.6 hasta v1.2.0 y v1.0.12 hasta v1.2.7 permite a atacantes remotos ayudados por el usuario provocar una denegación de servicio (cuelgue de aplicación) a través de un archivo de traza de paquetes mal formado. • http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/39661 http://secunia.com/advisories/42877 http://secunia.com/advisories/43068 http://www.mandriva.com/security/advisories?name=MDVSA-2010:099 http://www.openwall.com/lists/oss-security/2010/05/07/7 http://www.osvdb.org/64363 http://www.securityfocus.com/bid/39950 http://www.vupen.com/english/adviso • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 93%CPEs: 20EXPL: 4CVE-2010-0304 – Wireshark - LWRES Dissector getaddrsbyname_request Buffer Overflow
https://notcve.org/view.php?id=CVE-2010-0304
Multiple buffer overflows in the LWRES dissector in Wireshark 0.9.15 through 1.0.10 and 1.2.0 through 1.2.5 allow remote attackers to cause a denial of service (crash) via a malformed packet, as demonstrated using a stack-based buffer overflow to the dissect_getaddrsbyname_request function. Múltiples desbordamientos de búfer en LWRES dissector en Wireshark desde v0.9.15 hasta v1.0.10 y desde v1.2.0 hasta v1.2.5 permite a atacantes remotos producir una denegación de servicio (caída) a través de un paquete manipulado, como se demuestra en el uso del desbordamiento de búfer basado en pila en la funcion dissect_getaddrsbyname_request. • https://www.exploit-db.com/exploits/16289 https://www.exploit-db.com/exploits/11288 https://www.exploit-db.com/exploits/16292 http://anonsvn.wireshark.org/viewvc/trunk-1.2/epan/dissectors/packet-lwres.c?view=diff&r1=31596&r2=28492&diff_format=h http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036415.html http://osvdb.org/61987 http://secunia.com/advisories/38257 http://secunia.com/advisories/38348 http://secunia.com/advisories/38829 http://www.debian. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.4EPSS: 0%CPEs: 36EXPL: 2CVE-2009-4377 – wireshark: invalid pointer dereference in SMB/SMB2 dissectors
https://notcve.org/view.php?id=CVE-2009-4377
The (1) SMB and (2) SMB2 dissectors in Wireshark 0.9.0 through 1.2.4 allow remote attackers to cause a denial of service (crash) via a crafted packet that triggers a NULL pointer dereference, as demonstrated by fuzz-2009-12-07-11141.pcap. El analizador (1) SMB y (2) SMB2 en Wireshark v0.9.0 hasta v1.2.4 permite a atacantes remotos provocar una denegación de servicio (caída) mediante un paquete modificado, como se ha demostrado por fuzz-2009-12-07-11141.pcap. • http://osvdb.org/61178 http://secunia.com/advisories/37842 http://secunia.com/advisories/37916 http://www.debian.org/security/2009/dsa-1983 http://www.mandriva.com/security/advisories?name=MDVSA-2010:031 http://www.securityfocus.com/bid/37407 http://www.securitytracker.com/id?1023374 http://www.vupen.com/english/advisories/2009/3596 http://www.wireshark.org/security/wnpa-sec-2009-09.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4301 https://oval.cisecurity&# •
CVSS: 4.3EPSS: 0%CPEs: 28EXPL: 0CVE-2009-3550 – Wireshark: NULL pointer dereference in the DCERPC over SMB packet disassembly
https://notcve.org/view.php?id=CVE-2009-3550
The DCERPC/NT dissector in Wireshark 0.10.10 through 1.0.9 and 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a file that records a malformed packet trace. NOTE: some of these details are obtained from third party information. El analizador DCERPC/NT en Wireshark desde v0.10.10 hasta v1.0.9 y desde v1.2.0 hasta v1.2.2 permite a atacantes remotos producir una denegación de servicio (desreferencia a puntero NULL y caída de aplicación) a través de un fichero que almacena la ruta de un paquete manipulado. • http://secunia.com/advisories/37175 http://secunia.com/advisories/37409 http://secunia.com/advisories/37477 http://www.debian.org/security/2009/dsa-1942 http://www.securityfocus.com/bid/36846 http://www.vupen.com/english/advisories/2009/3061 http://www.wireshark.org/docs/relnotes/wireshark-1.0.10.html http://www.wireshark.org/docs/relnotes/wireshark-1.2.3.html http://www.wireshark.org/security/wnpa-sec-2009-07.html http://www.wireshark.org/security/wnpa-sec-2009- • CWE-476: NULL Pointer Dereference •