CVSS: 7.5EPSS: 2%CPEs: 41EXPL: 0CVE-2008-5285 – wireshark: DoS (infinite loop) in SMTP dissector via large SMTP request
https://notcve.org/view.php?id=CVE-2008-5285
01 Dec 2008 — Wireshark 1.0.4 and earlier allows remote attackers to cause a denial of service via a long SMTP request, which triggers an infinite loop. Wireshark 1.0.4 y anteriores permite a atacantes remotos causar una denegación de servicio a través de una petición SMTP demasiado larga, lo que ocasiona un bucle infinito. • http://lists.grok.org.uk/pipermail/full-disclosure/2008-November/065840.html • CWE-399: Resource Management Errors CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 1%CPEs: 12EXPL: 0CVE-2008-4681 – wireshark: DoS (app crash or abort) in Bluetooth RFCOMM dissector via unknown packets
https://notcve.org/view.php?id=CVE-2008-4681
22 Oct 2008 — Unspecified vulnerability in the Bluetooth RFCOMM dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via unknown packets. Vulnerabilidad sin especificar en el analizador Bluetooth RFCOMM en Wireshark v0.99.7 a la v1.0.3, permite a atacantes remotos provocar una denegación de servicio (aborto o caída de aplicación) a través de paquetes desconocidos. • http://secunia.com/advisories/32355 • CWE-20: Improper Input Validation CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 3%CPEs: 13EXPL: 1CVE-2008-4683 – wireshark: DoS (app crash or abort) in Bluetooth ACL dissector via a packet with an invalid length
https://notcve.org/view.php?id=CVE-2008-4683
22 Oct 2008 — The dissect_btacl function in packet-bthci_acl.c in the Bluetooth ACL dissector in Wireshark 0.99.2 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via a packet with an invalid length, related to an erroneous tvb_memcpy call. La función dissect_btacl function en packet-bthci_acl.c del analizador Bluetooth ACL en Wireshark v0.99.2 a la v1.0.3, permite a atacantes remotos provocar una denegación de servicio (aborto o caída de aplicación) a través de un paquete c... • http://secunia.com/advisories/32355 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 1%CPEs: 13EXPL: 0CVE-2008-4684 – wireshark: DoS (app crash) via certain series of packets by enabling the (1) PRP or (2) MATE post dissector
https://notcve.org/view.php?id=CVE-2008-4684
22 Oct 2008 — packet-frame in Wireshark 0.99.2 through 1.0.3 does not properly handle exceptions thrown by post dissectors, which allows remote attackers to cause a denial of service (application crash) via a certain series of packets, as demonstrated by enabling the (1) PRP or (2) MATE post dissector. packet-frame en Wireshark v0.99.2 a la v1.0.3 no maneja adecuadamente las excepciones a lanzadas por los analizadores "post", lo que permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a t... • http://secunia.com/advisories/32355 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 1%CPEs: 23EXPL: 0CVE-2008-4685 – wireshark: DoS (app crash or abort) in Q.931 dissector via certain packets
https://notcve.org/view.php?id=CVE-2008-4685
22 Oct 2008 — Use-after-free vulnerability in the dissect_q931_cause_ie function in packet-q931.c in the Q.931 dissector in Wireshark 0.10.3 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via certain packets that trigger an exception. Vulnerabilidad de uso después de la liberación en la función dissect_q931_cause_ie en packet-q931.c en el analizador Q.931 de Wireshark v0.10.3 a la v1.0.3, permite a atacantes remotos provocar una denegación de servicio (aborto o caída de ap... • http://secunia.com/advisories/32355 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 29EXPL: 0CVE-2008-3932 – wireshark: infinite loop in the NCP dissector
https://notcve.org/view.php?id=CVE-2008-3932
04 Sep 2008 — Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allows attackers to cause a denial of service (hang) via a crafted NCP packet that triggers an infinite loop. Wireshark (anteriormente Ethereal) 0.9.7 hasta 1.0.2, permite a los atacantes causar una denegación de servicio (cuelgue), a través de un paquete NCP manipulado que provoca un bucle infinito. • http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2675 • CWE-20: Improper Input Validation CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 0%CPEs: 22EXPL: 0CVE-2008-3933 – wireshark: crash triggered by zlib-compressed packet data
https://notcve.org/view.php?id=CVE-2008-3933
04 Sep 2008 — Wireshark (formerly Ethereal) 0.10.14 through 1.0.2 allows attackers to cause a denial of service (crash) via a packet with crafted zlib-compressed data that triggers an invalid read in the tvb_uncompress function. Aplicación Wireshark (conocida como Ehtereal) 0.10.14 a la v 1.0.2, permite a atacantes provocar una denegación de servicio (caída) a través de un paquete con datos zlib-compressed manipulados que lanzan una lectura errónea en la función tvb_uncompress. • http://secunia.com/advisories/31864 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2008-3934 – wireshark: crash via crafted Tektronix .rf5 file
https://notcve.org/view.php?id=CVE-2008-3934
04 Sep 2008 — Unspecified vulnerability in Wireshark (formerly Ethereal) 0.99.6 through 1.0.2 allows attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file. Vulnerabilidad no especificada en Wireshark (anteriormente Ethereal) 0.99.6 hasta 1.0.2, permite a los atacantes provocar una denegación de servicio (caída), mediante un fichero Tektronix .rf5 manipulado. • http://secunia.com/advisories/31864 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 2%CPEs: 17EXPL: 0CVE-2008-3146 – wireshark: multiple buffer overflows in NCP dissector
https://notcve.org/view.php?id=CVE-2008-3146
02 Sep 2008 — Multiple buffer overflows in packet_ncp2222.inc in Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted NCP packet that causes an invalid pointer to be used. Múltiples desbordamientos de búfer en el archivo packet_ncp2222.inc en Wireshark (anteriormente Ethereal) versiones 0.9.7 hasta 1.0.2, permite a atacantes causar una denegación de servicio (bloqueo de aplicación) y posiblemente ejecutar códig... • http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2675 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 2%CPEs: 14EXPL: 0CVE-2008-3145 – wireshark: crash in the packet reassembling
https://notcve.org/view.php?id=CVE-2008-3145
16 Jul 2008 — The fragment_add_work function in epan/reassemble.c in Wireshark 0.8.19 through 1.0.1 allows remote attackers to cause a denial of service (crash) via a series of fragmented packets with non-sequential fragmentation offset values, which lead to a buffer over-read. La función fragment_add_work de epan/reassemble.c en Wireshark versiones 0.8.19 hasta la 1.0.1, permite a atacantes remotos provocar una denegación de servicio (caída) a través de series de paquetes fragmentados con valores de desplazamiento de fr... • http://anonsvn.wireshark.org/viewvc/index.py?view=rev&revision=25343 • CWE-20: Improper Input Validation •