CVE-2013-2478
https://notcve.org/view.php?id=CVE-2013-2478
The dissect_server_info function in epan/dissectors/packet-ms-mms.c in the MS-MMS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not properly manage string lengths, which allows remote attackers to cause a denial of service (application crash) via a malformed packet that (1) triggers an integer overflow or (2) has embedded '\0' characters in a string. La función dissect_server_info en epan/dissectors/packet-ms-mms.c en el disertor MS-MMS en Wireshark v1.6.x antes de v1.6.14 y v1.8.x antes de v1.8.6 no maneja correctamente la lingitud de las cadenas, lo que permite a atacantes remtoos causar una denegación de servicios (caída de aplciación) a través de paquetes malformados que (1) dispara un desbordamiento entero o (2) que ha incrustado caracteres '\0' en la cadena. • http://anonsvn.wireshark.org/viewvc/trunk-1.8/epan/dissectors/packet-ms-mms.c?r1=47981&r2=47980&pathrev=47981 http://anonsvn.wireshark.org/viewvc?view=revision&revision=47981 http://lists.opensuse.org/opensuse-updates/2013-03/msg00065.html http://lists.opensuse.org/opensuse-updates/2013-03/msg00077.html http://secunia.com/advisories/52471 http://www.debian.org/security/2013/dsa-2644 http://www.wireshark.org/docs/relnotes/wireshark-1.6.14.html http://www.wireshark.org/docs/relnotes& • CWE-189: Numeric Errors •
CVE-2013-2477
https://notcve.org/view.php?id=CVE-2013-2477
The CSN.1 dissector in Wireshark 1.8.x before 1.8.6 does not properly manage function pointers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. El disector CSN.1 en Wireshark v1.8.x anterior a v1.8.6 no gestiona correctamente los punteros a fución, permitiendo a atacantes remotos causar una denegación de servicio (caída de la aplicación) mediante un paquete malformado. • http://anonsvn.wireshark.org/viewvc?view=revision&revision=47888 http://lists.opensuse.org/opensuse-updates/2013-03/msg00065.html http://lists.opensuse.org/opensuse-updates/2013-03/msg00077.html http://secunia.com/advisories/52471 http://www.wireshark.org/docs/relnotes/wireshark-1.8.6.html http://www.wireshark.org/security/wnpa-sec-2013-12.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8383 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2013-2488
https://notcve.org/view.php?id=CVE-2013-2488
The DTLS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not validate the fragment offset before invoking the reassembly state machine, which allows remote attackers to cause a denial of service (application crash) via a large offset value that triggers write access to an invalid memory location. El disector DTLS en Wireshark v1.6.x anterior a v1.6.14 y v1.8.x anterior a v1.8.6 no valida el offset del fragmento antes de invocar el estado de la máquina, permitiendo a atacantes remotos provocar una denegación de servicio (caída de la aplicación) a través de un gran valor de desplazamiento que desencadena el acceso de escritura a una ubicación de memoria no válida. • http://anonsvn.wireshark.org/viewvc?view=revision&revision=48011 http://lists.opensuse.org/opensuse-updates/2013-03/msg00065.html http://lists.opensuse.org/opensuse-updates/2013-03/msg00077.html http://secunia.com/advisories/52471 http://www.debian.org/security/2013/dsa-2644 http://www.wireshark.org/docs/relnotes/wireshark-1.6.14.html http://www.wireshark.org/docs/relnotes/wireshark-1.8.6.html http://www.wireshark.org/security/wnpa-sec-2013-22.html https://bugs.wireshark.org • CWE-20: Improper Input Validation •
CVE-2013-2486
https://notcve.org/view.php?id=CVE-2013-2486
The dissect_diagnosticrequest function in epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (infinite loop) via crafted integer values in a packet. La función dissect_diagnosticrequest en epan/dissectors/packet-reload.c en el disertor REsource LOcation And Discovery (también conocido como RELOAD) en Wireshark v1.8.x antes de v1.8.6 usa un tipo de dato entero incorrecto uses, lo que permite a atacantes remotos causar una denegación de servicios (bucle infinito) a través de valores enteros manipulados en un paquete. • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-reload.c?r1=47805&r2=47804&pathrev=47805 http://anonsvn.wireshark.org/viewvc?view=revision&revision=47805 http://lists.opensuse.org/opensuse-updates/2013-03/msg00065.html http://lists.opensuse.org/opensuse-updates/2013-03/msg00077.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00048.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00083.html http://secunia.com/advisories/52471 http://secunia.com/advisories/5 • CWE-189: Numeric Errors •
CVE-2013-2475
https://notcve.org/view.php?id=CVE-2013-2475
The TCP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (application crash) via a malformed packet. El disector TCP en Wireshark v1.8.x anterior a v.1.8.6 permite a atacantes remotos causar una denegación de servicio (caída de la aplicación) mediante un paquete malformado. • http://lists.opensuse.org/opensuse-updates/2013-03/msg00065.html http://lists.opensuse.org/opensuse-updates/2013-03/msg00077.html http://secunia.com/advisories/52471 http://www.wireshark.org/docs/relnotes/wireshark-1.8.6.html http://www.wireshark.org/security/wnpa-sec-2013-10.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8274 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16627 •