CVSS: 5.9EPSS: 0%CPEs: 18EXPL: 0CVE-2016-6508
https://notcve.org/view.php?id=CVE-2016-6508
epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (large loop) via a crafted packet. epan/dissectors/packet-rlc.c en el disector RLC en Wireshark 1.12.x en versiones anteriores a 1.12.13 y 2.x en versiones anteriores a 2.0.5 utiliza un tipo de datos de entero incorrecto, lo que permite a atacantes remotos provocar una denegación de servicio (bucle grande) a través de un paquete manipulado. • http://openwall.com/lists/oss-security/2016/07/28/3 http://www.debian.org/security/2016/dsa-3648 http://www.securitytracker.com/id/1036480 http://www.wireshark.org/security/wnpa-sec-2016-44.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12660 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=6cf9616df68a4db7e436bb77392586ff9ad84feb • CWE-399: Resource Management Errors •
CVSS: 5.9EPSS: 0%CPEs: 18EXPL: 0CVE-2016-6509
https://notcve.org/view.php?id=CVE-2016-6509
epan/dissectors/packet-ldss.c in the LDSS dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 mishandles conversations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. epan/dissectors/packet-ldss.c en el disector LDSS en Wireshark 1.12.x en versiones anteriores a 1.12.13 y 2.x en versiones anteriores a 2.0.5 no maneja adecuadamente conversaciones, lo que permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de un paquete manipulado. • http://openwall.com/lists/oss-security/2016/07/28/3 http://www.debian.org/security/2016/dsa-3648 http://www.securitytracker.com/id/1036480 http://www.wireshark.org/security/wnpa-sec-2016-45.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12662 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=5a469ddc893f7c1912d0e15cc73bd3011e6cc2fb • CWE-20: Improper Input Validation •
CVSS: 5.9EPSS: 0%CPEs: 18EXPL: 0CVE-2016-6510
https://notcve.org/view.php?id=CVE-2016-6510
Off-by-one error in epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet. Error por un paso en epan/dissectors/packet-rlc.c en el disector RLC en Wireshark 1.12.x en versiones anteriores a 1.12.13 y 2.x en versiones anteriores a 2.0.5 permite a atacantes remotos provocar una denegación de servicio (desbordamiento de búfer basado en pila y caída de aplicación) a través de un paquete manipulado. • http://openwall.com/lists/oss-security/2016/07/28/3 http://www.debian.org/security/2016/dsa-3648 http://www.securitytracker.com/id/1036480 http://www.wireshark.org/security/wnpa-sec-2016-46.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12664 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=47a5fa850b388fcf4ea762073806f01b459820fe • CWE-189: Numeric Errors •
CVSS: 5.9EPSS: 0%CPEs: 18EXPL: 0CVE-2016-6511
https://notcve.org/view.php?id=CVE-2016-6511
epan/proto.c in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (OpenFlow dissector large loop) via a crafted packet. epan/proto.c en Wireshark 1.12.x en versiones anteriores a 1.12.13 y 2.x en versiones anteriores a 2.0.5 permite a atacantes remotos provocar una denegación de servicio (bucle grande de disector OpenFlow) a través de un paquete manipulado. • http://openwall.com/lists/oss-security/2016/07/28/3 http://www.debian.org/security/2016/dsa-3648 http://www.securitytracker.com/id/1036480 http://www.wireshark.org/security/wnpa-sec-2016-47.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12659 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=56706427f53cc64793870bf072c2c06248ae88f3 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 16EXPL: 0CVE-2016-5350
https://notcve.org/view.php?id=CVE-2016-5350
epan/dissectors/packet-dcerpc-spoolss.c in the SPOOLS component in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles unexpected offsets, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. epan/dissectors/packet-dcerpc-spoolss.c en el componente SPOOLS en Wireshark 1.12.x en versiones anteriores a 1.12.12 y 2.x en versiones anteriores a 2.0.4 no maneja correctamente offsets no esperados, lo que permite a atacantes remotos provocar una denegación de servicio (bucle infinito) a través de un paquete manipulado. • http://www.debian.org/security/2016/dsa-3615 http://www.openwall.com/lists/oss-security/2016/06/09/3 http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html http://www.securityfocus.com/bid/91140 https://github.com/wireshark/wireshark/commit/b4d16b4495b732888e12baf5b8a7e9bf2665e22b https://www.wireshark.org/security/wnpa-sec-2016-29.html • CWE-399: Resource Management Errors •