CVSS: 7.5EPSS: 1%CPEs: 12EXPL: 0CVE-2013-4076 – Gentoo Linux Security Advisory 201308-05
https://notcve.org/view.php?id=CVE-2013-4076
09 Jun 2013 — Buffer overflow in the dissect_iphc_crtp_fh function in epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (application crash) via a crafted packet. Desbordamiento de búfer en la función dissect_iphc_crtp_fh en epan/dissectors/packet-ppp.c en el dissector PPP en Wireshark v1.8.x anterior a v1.8.8 permite a atacantes remotos causar una denegación de servicio (caída de la aplicación) mediante un paquete especialmente diseñado.... • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-ppp.c?r1=46128&r2=46127&pathrev=46128 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 12EXPL: 0CVE-2013-4077 – Gentoo Linux Security Advisory 201308-05
https://notcve.org/view.php?id=CVE-2013-4077
09 Jun 2013 — Array index error in the NBAP dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to nbap.cnf and packet-nbap.c. Error de índice de array en el dissector NBAP en Wireshark v1.8.x anterior a v1.8.8 permite a atacantes remotos causar una denegación de servicio (caída de la aplicación) mediante un paquete especialmente diseñado, relacionado con nbap.cnf y packet-nbap.c Multiple vulnerabilities were discovered in the di... • http://anonsvn.wireshark.org/viewvc?view=revision&revision=49418 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 12EXPL: 0CVE-2013-4078 – Gentoo Linux Security Advisory 201308-05
https://notcve.org/view.php?id=CVE-2013-4078
09 Jun 2013 — epan/dissectors/packet-rdp.c in the RDP dissector in Wireshark 1.8.x before 1.8.8 does not validate return values during checks for data availability, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. epan/dissectors/packet-rdp.c en el dissector RDP en Wireshark v1.8.x anterior a v1.8.8 no valida el valor de retorno durante la comprobación de la disponibilidad de datos, lo que permite a atacantes remotos causar una denegación de servicio (caída de la aplica... • http://anonsvn.wireshark.org/viewvc?view=revision&revision=45566 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 1%CPEs: 28EXPL: 0CVE-2013-4081 – wireshark: DoS (infinite loop) in the HTTP dissector (wnpa-sec-2013-39)
https://notcve.org/view.php?id=CVE-2013-4081
09 Jun 2013 — The http_payload_subdissector function in epan/dissectors/packet-http.c in the HTTP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 does not properly determine when to use a recursive approach, which allows remote attackers to cause a denial of service (stack consumption) via a crafted packet. La función http_payload_subdissector en epan/dissectors/packet-http.c en el HTTP dissector en Wireshark 1.6.x anterior a 1.6.16 y 1.8.x anterior a 1.8.8, no determina adecuadamente cuando se utiliza ... • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-http.c?r1=49623&r2=49622&pathrev=49623 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 0%CPEs: 25EXPL: 0CVE-2013-4083 – wireshark: Invalid free in the DCP ETSI dissector (wnpa-sec-2013-41)
https://notcve.org/view.php?id=CVE-2013-4083
09 Jun 2013 — The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.6.x before 1.6.16, 1.8.x before 1.8.8, and 1.10.0 does not validate a certain fragment length value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. La función dissect_pft function en epan/dissectors/packet-dcp-etsi.c DCP ETS dissector I en Wireshark 1.6.x anterior a 1.6.16, 1.8.x anterior a 1.8.8, y 1.10.0, no valida adecuadamente el tamaño de los fragm... • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-dcp-etsi.c?r1=49802&r2=49801&pathrev=49802 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2013-4075 – wireshark: DoS (crash) in the GMR-1 BCCH dissector (wnpa-sec-2013-33)
https://notcve.org/view.php?id=CVE-2013-4075
09 Jun 2013 — epan/dissectors/packet-gmr1_bcch.c in the GMR-1 BCCH dissector in Wireshark 1.8.x before 1.8.8 does not properly initialize memory, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. epan/dissectors/packet-gmr1_bcch.c en el dissector GMR-1 BCCH en Wireshark v1.8.x anterior a v1.8.8 no inicializa correctamente memoria, lo que permite a atacantes remotos causar una denegación de servicio (caída de la aplicación) mediante un paquetes especialmente diseñado. A f... • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-gmr1_bcch.c?r1=44674&r2=44673&pathrev=44674 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2013-4079 – Gentoo Linux Security Advisory 201308-05
https://notcve.org/view.php?id=CVE-2013-4079
09 Jun 2013 — The dissect_schedule_message function in epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (infinite loop and application hang) via a crafted packet. La función dissect_schedule_message en epan/dissectors/packet-gsm_cbch.c GSM CBCH dissector en Wireshark 1.8.x anterior 1.8.8 permite a atacantes remotos provocar una denegación de servicio (bucle infinito y cuelgue de aplicación) a través de un paquete manipulado. M... • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-gsm_cbch.c?r1=49686&r2=49685&pathrev=49686 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2013-4080 – Gentoo Linux Security Advisory 201308-05
https://notcve.org/view.php?id=CVE-2013-4080
09 Jun 2013 — The dissect_r3_upstreamcommand_queryconfig function in epan/dissectors/packet-assa_r3.c in the Assa Abloy R3 dissector in Wireshark 1.8.x before 1.8.8 does not properly handle a zero-length item, which allows remote attackers to cause a denial of service (infinite loop, and CPU and memory consumption) via a crafted packet. La función dissect_r3_upstreamcommand_queryconfig en epan/dissectors/packet-assa_r3.c en el Assa Abloy R3 dissector en Wireshark 1.8.x anterior a 1.8.8, no maneja adecuadamente un element... • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-assa_r3.c?r1=49744&r2=49743&pathrev=49744 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2013-4082 – Gentoo Linux Security Advisory 201308-05
https://notcve.org/view.php?id=CVE-2013-4082
09 Jun 2013 — The vwr_read function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.8 does not validate the relationship between a record length and a trailer length, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) via a crafted packet. La función vwr_read en wiretap/vwr.c en el analizador Ixia IxVeriWave en Wireshark 1.8.x anterior a 1.8.8, no valida la relación entre el tamaño de registro el tamaño del "trailer", lo que perm... • http://anonsvn.wireshark.org/viewvc/trunk/wiretap/vwr.c?r1=49739&r2=49738&pathrev=49739 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 3%CPEs: 11EXPL: 1CVE-2013-3555 – Gentoo Linux Security Advisory 201308-05
https://notcve.org/view.php?id=CVE-2013-3555
25 May 2013 — epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshark 1.8.x before 1.8.7 calls incorrect functions in certain contexts related to ciphers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. epan/dissectors/packet-gtpv2.c en el disector GTPv2 en Wireshark v1.8.x antes de v1.8.7, llama a funciones incorrectas en determinados contextos relacionados con sistemas de cifrado, lo que permite a atacantes remotos provocar una denegación de servicio (ca... • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-gtpv2.c?r1=48393&r2=48392&pathrev=48393 • CWE-20: Improper Input Validation •