CVE-2008-1070 – wireshark: SCTP dissector crash
https://notcve.org/view.php?id=CVE-2008-1070
The SCTP dissector in Wireshark (formerly Ethereal) 0.99.5 through 0.99.7 allows remote attackers to cause a denial of service (crash) via a malformed packet. El analizador SCTP de Wireshark (anteriormente Ethereal) de 0.99.5 a 0.99.7 permite a atacantes remotos provocar una denegación de servicio (caída) a través de un paquete mal formado. • http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html http://secunia.com/advisories/29156 http://secunia.com/advisories/29188 http://secunia.com/advisories/29223 http://secunia.com/advisories/29242 http://secunia.com/advisories/29511 http://secunia.com/advisories/29736 http://secunia.com/advisories/32091 http://security.gentoo.org/glsa/glsa-200803-32.xml http://support.avaya.com/elmodocs2/security/ASA-2008-392.htm http://wiki.rpath.com/wiki/Advisories:rPSA& •
CVE-2007-6113 – Wireshark < 0.99.5 - DNP3 Dissector Infinite Loop
https://notcve.org/view.php?id=CVE-2007-6113
Integer signedness error in the DNP3 dissector in Wireshark (formerly Ethereal) 0.10.12 to 0.99.6 allows remote attackers to cause a denial of service (long loop) via a malformed DNP3 packet. Un error en la propiedad signedness de enteros en el disector de DNP3 en Wireshark (anteriormente Ethereal) versiones 0.10.12 hasta 0.99.6, permite a atacantes remotos causar una denegación de servicio (bucle largo) por medio de un paquete DNP3 malformado. • https://www.exploit-db.com/exploits/4347 http://bugs.gentoo.org/show_bug.cgi?id=199958 http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.html http://secunia.com/advisories/27777 http://secunia.com/advisories/28197 http://secunia.com/advisories/28207 http://secunia.com/advisories/28288 http://secunia.com/advisories/28304 http://secunia.com/advisories/28325 http://secunia.com/advisories/28564 http://secunia.com/advisories/28583 http://secunia.com/advisori • CWE-189: Numeric Errors •
CVE-2007-3392 – Wireshark crashes when inspecting MMS traffic
https://notcve.org/view.php?id=CVE-2007-3392
Wireshark before 0.99.6 allows remote attackers to cause a denial of service via malformed (1) SSL or (2) MMS packets that trigger an infinite loop. Wireshark anterior a 0.99.6 permite a atacantes remotos provocar una denegación de servicio mediante paquetes (1) SSL o (2) MMS que provocan un bucle infinito. • http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1582 http://secunia.com/advisories/25833 http://secunia.com/advisories/25877 http://secunia.com/advisories/25987 http://secunia.com/advisories/26004 http://secunia.com/advisories/26499 http://secunia.com/advisories/28583 http://security.gentoo.org/glsa/glsa-200708-12.xml http://www.debian.org/security/2007/dsa-1322 http://www.mandriva.com/security/advisories?name=MDKSA-2007:145 http://www.novell.com/linux/security/advis •
CVE-2007-3393 – Wireshark corrupts the stack when inspecting BOOTP traffic
https://notcve.org/view.php?id=CVE-2007-3393
Off-by-one error in the DHCP/BOOTP dissector in Wireshark before 0.99.6 allows remote attackers to cause a denial of service (crash) via crafted DHCP-over-DOCSIS packets. Error de superación de límite (off-by-one) en el disector DHCP/BOOTP de Wireshark anterior a 0.99.6 permite a atacantes remotos provocar una denegación de servicio (caída) mediante paquetes DHCP-over-DOCSIS manipulados de forma artesanal. • http://osvdb.org/37639 http://secunia.com/advisories/22588 http://secunia.com/advisories/25833 http://secunia.com/advisories/25877 http://secunia.com/advisories/25987 http://secunia.com/advisories/26004 http://secunia.com/advisories/26499 http://secunia.com/advisories/28583 http://security.gentoo.org/glsa/glsa-200708-12.xml http://www.debian.org/security/2007/dsa-1322 http://www.mandriva.com/security/advisories?name=MDKSA-2007:145 http://www.novell.com/linux/security& •