CVE-2009-1267
https://notcve.org/view.php?id=CVE-2009-1267
Unspecified vulnerability in the LDAP dissector in Wireshark 0.99.2 through 1.0.6, when running on Windows, allows remote attackers to cause a denial of service (crash) via unknown attack vectors. Vulnerabilidad no especificada en el analizador de LDAP de Wireshark desde la versión v0.99.2 hasta la v1.0.6, cuando se ejecuta en Windows, permite a usuarios remotos provocar una denegación de servicio (caída del servicio) a través de vectores de ataque desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html http://secunia.com/advisories/34778 http://secunia.com/advisories/35416 http://wiki.rpath.com/Advisories:rPSA-2009-0062 http://www.securityfocus.com/archive/1/502745/100/0/threaded http://www.securityfocus.com/bid/34457 http://www.securitytracker.com/id?1022027 http://www.wireshark.org/security/wnpa-sec-2009-02.html https://exchange.xforce.ibmcloud.com/vulnerabilities/49814 https://oval.cisecurity.org/repository •
CVE-2009-1268 – Wireshark CHAP dissector crash
https://notcve.org/view.php?id=CVE-2009-1268
The Check Point High-Availability Protocol (CPHAP) dissector in Wireshark 0.9.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FWHA_MY_STATE packet. Vulnerabilidad en el analizador del protocolo Check Point High-Availability Protocol (CPHAP) de Wireshark desde la versión v0.0.6 hasta la v1.0.6 permite a usuarios remotos causar una denegación de servicio (caída del servicio) a través de un paquete FWHA_MY_STATE modificado. • http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html http://secunia.com/advisories/34778 http://secunia.com/advisories/34970 http://secunia.com/advisories/35133 http://secunia.com/advisories/35224 http://secunia.com/advisories/35416 http://secunia.com/advisories/35464 http://secunia.com/advisories/37477 http://wiki.rpath.com/Advisories:rPSA-2009-0062 http://www.debian.org/security/2009/dsa-1785 http://www.debian.org/security/2009/dsa-1942 http:// • CWE-20: Improper Input Validation •
CVE-2009-1269 – Wireshark Tektronix .rf5 file crash
https://notcve.org/view.php?id=CVE-2009-1269
Unspecified vulnerability in Wireshark 0.99.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file. Una vulnerabilidad sin especificar en Wireshark 0.99.6 a 1.0.6 permite a atacantes remotos provocar una denegación de servicio (con caída de la aplicación) a través de un archivo Tektronix .rf5 debidamente modificado. • http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html http://secunia.com/advisories/34778 http://secunia.com/advisories/34970 http://secunia.com/advisories/35133 http://secunia.com/advisories/35224 http://secunia.com/advisories/35416 http://secunia.com/advisories/35464 http://wiki.rpath.com/Advisories:rPSA-2009-0062 http://www.debian.org/security/2009/dsa-1785 http://www.mandriva.com/security/advisories?name=MDVSA-2009:088 http://www.redhat.com/support/e •
CVE-2009-1210 – Wireshark 1.0.6 - PN-DCP Format String (PoC)
https://notcve.org/view.php?id=CVE-2009-1210
Format string vulnerability in the PROFINET/DCP (PN-DCP) dissector in Wireshark 1.0.6 and earlier allows remote attackers to execute arbitrary code via a PN-DCP packet with format string specifiers in the station name. NOTE: some of these details are obtained from third party information. Una vulnerabilidad de cadena de formato en el disector PROFINET/DCP (PN-DCP) en Wireshark versión 1.0.6 y anteriores, permite a los atacantes remotos ejecutar código arbitrario por medio de un paquete PN-DCP con especificadores de cadena de formato en el nombre station. NOTA: algunos de estos datos fueron obtenidos de la información de terceros. • https://www.exploit-db.com/exploits/8308 http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html http://secunia.com/advisories/34542 http://secunia.com/advisories/34778 http://secunia.com/advisories/34970 http://secunia.com/advisories/35133 http://secunia.com/advisories/35224 http://secunia.com/advisories/35416 http://secunia.com/advisories/35464 http://wiki.rpath.com/Advisories:rPSA-2009-0062 http://www.debian.org/security/2009/dsa-1785 http://www.m • CWE-134: Use of Externally-Controlled Format String •
CVE-2008-6472 – wireshark: DoS vulnerability in WLCCP dissector
https://notcve.org/view.php?id=CVE-2008-6472
The WLCCP dissector in Wireshark 0.99.7 through 1.0.4 allows remote attackers to cause a denial of service (infinite loop) via unspecified vectors. El disector WLCCP en Wireshark 0.99.7 hasta la versión 1.0.4 permite a atacantes remotos provocar una denegación de servicio (con un bucle infinito) a través de vectores no especificados. • http://secunia.com/advisories/32840 http://secunia.com/advisories/34144 http://www.mandriva.com/security/advisories?name=MDVSA-2008:242 http://www.redhat.com/support/errata/RHSA-2009-0313.html http://www.wireshark.org/security/wnpa-sec-2008-07.html https://exchange.xforce.ibmcloud.com/vulnerabilities/47292 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6223 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9629 https:/ • CWE-399: Resource Management Errors •