Page 61 of 533 results (0.009 seconds)

CVSS: 4.3EPSS: 0%CPEs: 10EXPL: 0

CVE-2013-4934 – wireshark: DoS (application crash) in the Netmon file parser (wnpa-sec-2013-51) (A different flaw than CVE-2013-4933)

https://notcve.org/view.php?id=CVE-2013-4934

The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize certain structure members, which allows remote attackers to cause a denial of service (application crash) via a crafted packet-trace file. La función netmon_open en wiretap/netmon.c del validador de archivos Netmon en Wireshark 1.8.x anterior 1.8.9 y 1.10.x anterior 1.10.1, no inicializa determinados miembros de estructuras, lo que permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de un paquete manipulado. • http://anonsvn.wireshark.org/viewvc/trunk/wiretap/netmon.c?r1=49697&r2=49696&pathrev=49697 http://anonsvn.wireshark.org/viewvc?view=revision&revision=49697 http://lists.opensuse.org/opensuse-updates/2013-08/msg00004.html http://lists.opensuse.org/opensuse-updates/2013-08/msg00009.html http://rhn.redhat.com/errata/RHSA-2014-0341.html http://secunia.com/advisories/54178 http://secunia.com/advisories/54296 http://secunia.com/advisories/54371 http://secunia.com/advisories/54425 http:/&#x • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.3EPSS: 0%CPEs: 10EXPL: 0

CVE-2013-4935 – wireshark: DoS (application crash) in the ASN.1 PER dissector (wnpa-sec-2013-52)

https://notcve.org/view.php?id=CVE-2013-4935

The dissect_per_length_determinant function in epan/dissectors/packet-per.c in the ASN.1 PER dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize a length field in certain abnormal situations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. La función dissect_per_length_determinant en epan/dissectors/packet-smtp.c del disector ASN.1 PER en Wireshark 1.8.x anterior a 1.8.9 y 1.10.x anterior a 1.10.1 no inicializa un tamaño de campo en determinadas situaciones anormales, lo que permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de un paquete manipulado. • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-per.c?r1=49985&r2=49984&pathrev=49985 http://anonsvn.wireshark.org/viewvc?view=revision&revision=49985 http://lists.opensuse.org/opensuse-updates/2013-08/msg00004.html http://lists.opensuse.org/opensuse-updates/2013-08/msg00009.html http://rhn.redhat.com/errata/RHSA-2014-0341.html http://secunia.com/advisories/54178 http://secunia.com/advisories/54296 http://secunia.com/advisories/54371 http://secunia.com/advisories/54425&# • CWE-189: Numeric Errors •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2013-4936 – wireshark: DoS (NULL pointer dereference, crash) in the PROFINET Real-Time dissector (wnpa-sec-2013-53)

https://notcve.org/view.php?id=CVE-2013-4936

The IsDFP_Frame function in plugins/profinet/packet-pn-rt.c in the PROFINET Real-Time dissector in Wireshark 1.10.x before 1.10.1 does not validate MAC addresses, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet. La función dissect_smtp en epan/dissectors/packet-smtp.c del disector PROFINET Real-Time en Wireshark 1.10.x anterior a 1.10.1 no inicializa determinados miembros estructuras, lo que permite a atacantes remotos provocar una denegación de servicio (deferencia puntero nulo y caída de aplicación) a través de un paquete manipulado. • http://anonsvn.wireshark.org/viewvc/trunk/plugins/profinet/packet-pn-rt.c?r1=50651&r2=50650&pathrev=50651 http://anonsvn.wireshark.org/viewvc?view=revision&revision=50651 http://secunia.com/advisories/54296 http://secunia.com/advisories/54425 http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml http://www.wireshark.org/docs/relnotes/wireshark-1.10.1.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8904 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg • CWE-476: NULL Pointer Dereference •

CVSS: 5.0EPSS: 0%CPEs: 11EXPL: 0

CVE-2013-4079

https://notcve.org/view.php?id=CVE-2013-4079

The dissect_schedule_message function in epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (infinite loop and application hang) via a crafted packet. La función dissect_schedule_message en epan/dissectors/packet-gsm_cbch.c GSM CBCH dissector en Wireshark 1.8.x anterior 1.8.8 permite a atacantes remotos provocar una denegación de servicio (bucle infinito y cuelgue de aplicación) a través de un paquete manipulado. • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-gsm_cbch.c?r1=49686&r2=49685&pathrev=49686 http://anonsvn.wireshark.org/viewvc?view=revision&revision=49686 http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html http://secunia.com/advisories/53762 http://secunia.com/advisories/54425 http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml http://www.wireshark.org/docs/relnotes/wireshark-1.8.8&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.0EPSS: 0%CPEs: 8EXPL: 0

CVE-2013-4080

https://notcve.org/view.php?id=CVE-2013-4080

The dissect_r3_upstreamcommand_queryconfig function in epan/dissectors/packet-assa_r3.c in the Assa Abloy R3 dissector in Wireshark 1.8.x before 1.8.8 does not properly handle a zero-length item, which allows remote attackers to cause a denial of service (infinite loop, and CPU and memory consumption) via a crafted packet. La función dissect_r3_upstreamcommand_queryconfig en epan/dissectors/packet-assa_r3.c en el Assa Abloy R3 dissector en Wireshark 1.8.x anterior a 1.8.8, no maneja adecuadamente un elemento con tamaño zero, lo que permite a atacantes remotos provocar una denegación de servicio (bucle infinito y consumo de memoria y CPU) a través de un paquete manipulado. • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-assa_r3.c?r1=49744&r2=49743&pathrev=49744 http://anonsvn.wireshark.org/viewvc?view=revision&revision=49744 http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html http://secunia.com/advisories/53762 http://secunia.com/advisories/54425 http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml http://www.securityfocus.com/bid/60503 http://www.wi • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •