CVSS: 7.5EPSS: 0%CPEs: 18EXPL: 0CVE-2013-1589
https://notcve.org/view.php?id=CVE-2013-1589
03 Feb 2013 — Double free vulnerability in epan/proto.c in the dissection engine in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allows remote attackers to cause a denial of service (application crash) via a malformed packet. Vulnerabilidad de doble liberación en epan/proto.c en el motor de disección en Wireshark v1.6.x antes de v1.6.13 y v1.8.x antes de v1.8.5 permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) a través de un paquete mal formado. • http://anonsvn.wireshark.org/viewvc/trunk/epan/proto.c?r1=47114&r2=47113&pathrev=47114 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 18EXPL: 0CVE-2013-1573
https://notcve.org/view.php?id=CVE-2013-1573
03 Feb 2013 — The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle a large number of padding bits, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. La función csnStreamDissector enepan/dissectors/packet-csn1.c en el dissector CSN.1 en Wireshark v1.6.x anterior a v1.6.13 y v1.8.x anterior a v1.8.5 no gestiona correctamente un relleno largo de bits, permitiend... • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-csn1.c?r1=46335&r2=46334&pathrev=46335 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 18EXPL: 0CVE-2013-1580
https://notcve.org/view.php?id=CVE-2013-1580
03 Feb 2013 — The dissect_cmstatus_tlv function in plugins/docsis/packet-cmstatus.c in the DOCSIS CM-STATUS dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 uses an incorrect data type for a position variable, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. La función dissect_cmstatus_tlv en plugins/docsis/packet-cmstatus.c en el DOCSIS CM-STATUS dissector en Wireshark v1.6.x anterior a v1.6.13 y v1.8.x anterior a v1.8.5 usa un tipo de datos incorrecto p... • http://anonsvn.wireshark.org/viewvc/trunk/plugins/docsis/packet-cmstatus.c?r1=47045&r2=47044&pathrev=47045 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 18EXPL: 0CVE-2013-1578
https://notcve.org/view.php?id=CVE-2013-1578
03 Feb 2013 — The dissect_pw_eth_heuristic function in epan/dissectors/packet-pw-eth.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle apparent Ethernet address values at the beginning of MPLS data, which allows remote attackers to cause a denial of service (loop) via a malformed packet. La función dissect_pw_eth_heuristic en epan/dissectors/packet-pw-eth.c en Wireshark v1.6.x anterior a v1.6.13 y v1.8.x anterior a v1.8.5 no maneja correctamente los valores de la dirección Ethernet al com... • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-pw-eth.c?r1=46420&r2=46419&pathrev=46420 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 18EXPL: 0CVE-2013-1576
https://notcve.org/view.php?id=CVE-2013-1576
03 Feb 2013 — The dissect_sdp_media_attribute function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly process crypto-suite parameters, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. La función dissect_sdp_media_attribute en epan/dissectors/packet-sdp.c en el dissector SDP en Wireshark v1.6.x anterior a v1.6.13 y v1.8.x anterior a v1.8.5 no procesa correctamente parámetros cripto-suite, permi... • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-sdp.c?r1=46344&r2=46343&pathrev=46344 • CWE-310: Cryptographic Issues •
CVSS: 7.5EPSS: 0%CPEs: 18EXPL: 0CVE-2013-1588
https://notcve.org/view.php?id=CVE-2013-1588
03 Feb 2013 — Multiple buffer overflows in the dissect_pft_fec_detailed function in the DCP-ETSI dissector in epan/dissectors/packet-dcp-etsi.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allow remote attackers to cause a denial of service (application crash) via a malformed packet. Múltiples desbordamientos de bufer en la función dissect_pft_fec_detailed en el disector DCP-ETSI en epan/dissectors/packet-dcp-etsi.c en Wireshark v1.6.x antes de v1.6.13 y v1.8.x antes de v1.8.5, permite a atacantes remotos prov... • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-dcp-etsi.c?r1=47098&r2=47097&pathrev=47098 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 18EXPL: 0CVE-2013-1586
https://notcve.org/view.php?id=CVE-2013-1586
03 Feb 2013 — The fragment_set_tot_len function in epan/reassemble.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly determine the length of a reassembled packet for the DTLS dissector, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. La función fragment_set_tot_len en epan/reassemble.c en Wireshark v1.6.x anterior a v1.6.13 y v1.8.x anterior a v1.8.5 no determinar correctamente la longitud de un paquete reensamblado para el disector DTLS, pe... • http://anonsvn.wireshark.org/viewvc/trunk/epan/reassemble.c?r1=46999&r2=46998&pathrev=46999 •
CVSS: 7.5EPSS: 0%CPEs: 18EXPL: 0CVE-2013-1577
https://notcve.org/view.php?id=CVE-2013-1577
03 Feb 2013 — The dissect_sip_p_charging_func_addresses function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle offset data associated with a quoted string, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. La función dissect_sip_p_charging_func_addresses en epan/dissectors/packet-sip.c en el dissector SIP dissector en Wireshark v1.6.x anterior a v1.6.13 y v1.8.x anterior a v1.8.5 no con... • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-sip.c?r1=46340&r2=46339&pathrev=46340 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 16EXPL: 2CVE-2012-6062 – wireshark: DoS (infinite loop) in the RTCP dissector (wnpa-sec-2012-38)
https://notcve.org/view.php?id=CVE-2012-6062
05 Dec 2012 — The dissect_rtcp_app function in epan/dissectors/packet-rtcp.c in the RTCP dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. La función dissect_rtcp_app en epan/dissectors/packet-rtcp.c en el RTCP dissector en Wireshark v1.6.x anterior a v1.6.12 y v1.8.x anterior a v1.8.4 permite a atacantes remotos generar una denegación de servicio (bucle infinito) mediante un paquete manipulado Wireshark, previously... • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-rtcp.c?r1=45717&r2=45716&pathrev=45717 • CWE-20: Improper Input Validation CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 0%CPEs: 16EXPL: 1CVE-2012-6060 – wireshark: DoS (infinite loop) in the iSCSI dissector (wnpa-sec-2012-36)
https://notcve.org/view.php?id=CVE-2012-6060
05 Dec 2012 — Integer overflow in the dissect_iscsi_pdu function in epan/dissectors/packet-iscsi.c in the iSCSI dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. Desbordamiento de entero en la función dissect_iscsi_pdu en epan/dissectors/packet-iscsi.c en el dissector iSCSI en Wireshark v1.6.x anterior a v1.6.12 y v1.8.x anterior a v1.8.4 permite a atacantes generar una denegación de servicio (bucle infinito) medi... • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-iscsi.c?r1=45524&r2=45523&pathrev=45524 • CWE-189: Numeric Errors CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •