CVE-2010-3133 – Wireshark 1.2.10 - 'airpcap.dll' DLL Hijacking
https://notcve.org/view.php?id=CVE-2010-3133
Untrusted search path vulnerability in Wireshark 0.8.4 through 1.0.15 and 1.2.0 through 1.2.10 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse airpcap.dll, and possibly other DLLs, that is located in the same folder as a file that automatically launches Wireshark. Una vulnerabilidad de ruta de búsqueda no confiable en Wireshark versiones 0.8.4 hasta 1.0.15 y versiones 1.2.0 hasta 1.2.10 permite a los usuarios locales, y posiblemente a atacantes remotos, ejecutar código arbitrario y conducir ataques de secuestro de DLL por medio de un archivo airpcap.dll de tipo caballo de Troya, y posiblemente otros DLL, que se encuentra en la misma carpeta que un archivo que inicia automáticamente Wireshark. • https://www.exploit-db.com/exploits/14721 http://secunia.com/advisories/41064 http://www.exploit-db.com/exploits/14721 http://www.vupen.com/english/advisories/2010/2165 http://www.vupen.com/english/advisories/2010/2243 http://www.wireshark.org/security/wnpa-sec-2010-09.html http://www.wireshark.org/security/wnpa-sec-2010-10.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11498 •
CVE-2010-2994
https://notcve.org/view.php?id=CVE-2010-2994
Stack-based buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.14 and 1.2.0 through 1.2.9 has unknown impact and remote attack vectors. NOTE: this issue exists because of a CVE-2010-2284 regression. Desbordamiento de buffer de pila en el componente "ASN.1 BER dissector" de Wireshark v0.10.13 hasta la versión v1.0.14 y v1.2.0 hasta la v1.2.9 tiene un impacto desconocido y vectores de ataque en remoto. NOTA: esta vulnerabilidad existe debido a la regresión de CVE-2010-2284. • http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/42877 http://secunia.com/advisories/43068 http://www.vupen.com/english/advisories/2011/0076 http://www.vupen.com/english/advisories/2011/0212 http://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12047 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2010-2995 – wireshark: SigComp UDVM dissector buffer overruns
https://notcve.org/view.php?id=CVE-2010-2995
The SigComp Universal Decompressor Virtual Machine (UDVM) in Wireshark 0.10.8 through 1.0.14 and 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to sigcomp-udvm.c and an off-by-one error, which triggers a buffer overflow, different vulnerabilities than CVE-2010-2287. El Universal Decompressor Virtual Machine (UDVM) de SigComp en Wireshark versiones 0.10.8 hasta 1.0.14 y versiones 1.2.0 hasta 1.2.9, permite a los atacantes remotos causar una denegación de servicio (bloqueo de aplicación) y posiblemente ejecutar código arbitrario por medio de vectores relacionados con el archivo sigcomp-udvm.c y un error por un paso, lo que desencadena un desbordamiento del búfer, vulnerabilidades diferentes de CVE-2010-2287. • http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/42877 http://secunia.com/advisories/43068 http://www.vupen.com/english/advisories/2011/0076 http://www.vupen.com/english/advisories/2011/0212 http://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4867 https://oval.cisecurity.org/repository/search • CWE-189: Numeric Errors •
CVE-2010-2286 – wireshark: SigComp UDVM dissector infinite loop
https://notcve.org/view.php?id=CVE-2010-2286
The SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.7 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. El analizador de protocolo SigComp Universal Decompressor Virtual Machine en Wireshark v0.10.7 hasta v1.0.13 y v1.2.0 hasta v1.2.8 permite a atacantes remotos provocar una denegación de servicio (búcle infinito) a través de vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/40112 http://secunia.com/advisories/42877 http://secunia.com/advisories/43068 http://www.mandriva.com/security/advisories?name=MDVSA-2010:113 http://www.openwall.com/lists/oss-security/2010/06/11/1 http://www.securityfocus.com/bid/40728 http://www.vupen.com/english/advisories/2010/1418 http://www. • CWE-399: Resource Management Errors CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVE-2010-2285
https://notcve.org/view.php?id=CVE-2010-2285
The SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors. El disector de SMB PIPE en Wireshark v0.8.20 a 1.0.13 y v1.2.0 a v1.2.8 permite a atacantes remotos provocar una denegación de servicio (desreferencia de puntero nulo) a través de vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/40112 http://secunia.com/advisories/42877 http://secunia.com/advisories/43068 http://www.mandriva.com/security/advisories?name=MDVSA-2010:113 http://www.openwall.com/lists/oss-security/2010/06/11/1 http://www.securityfocus.com/bid/40728 http://www.vupen.com/english/advisories/2010/1418 http://www. •