Page 7 of 59 results (0.018 seconds)

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1

In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the PVFS dissector could crash. This was addressed in epan/dissectors/packet-pvfs2.c by preventing a NULL pointer dereference. En Wireshark 2.6.0 a 2.6.4 y 2.4.0 a 2.4.10, el disector PVFS podría cerrarse inesperadamente. Esto se abordó en epan/dissectors/packet-pvfs2.c evitando una desreferencia de puntero NULL. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html http://www.securityfocus.com/bid/106051 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15280 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=3e319db1107b08fc3be804b6d449143ec9aa0dec https://lists.debian.org/debian-lts-announce/2019/01/msg00010.html https://www.debian.org/security/2018/dsa-4359 https://www.oracle.com/security-alerts/cpuapr2020.html https://www.wireshark.org/security/wnpa-sec-2018&# • CWE-476: NULL Pointer Dereference •

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1

In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the dissection engine could crash. This was addressed in epan/tvbuff_composite.c by preventing a heap-based buffer over-read. En Wireshark 2.6.0 a 2.6.4 y 2.4.0 a 2.4.10, el motor de disección podría cerrarse inesperadamente. Esto se abordó en epan/tvbuff_composite.c evitando una sobrelectura de búfer basada en memoria dinámica (heap). • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html http://www.securityfocus.com/bid/106051 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14466 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=dc4d209f39132a4ae05675a11609176ae9705cfc https://lists.debian.org/debian-lts-announce/2019/01/msg00010.html https://www.debian.org/security/2018/dsa-4359 https://www.oracle.com/security-alerts/cpuapr2020.html https://www.wireshark.org/security/wnpa-sec-2018&# • CWE-125: Out-of-bounds Read •

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1

In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the DCOM dissector could crash. This was addressed in epan/dissectors/packet-dcom.c by adding '\0' termination. En Wireshark 2.6.0 a 2.6.4 y 2.4.0 a 2.4.10, el disector DCOM podría cerrarse inesperadamente. Esto se trató en epan/dissectors/packet-dcom.c añadiendo la terminación "\0". • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html http://www.securityfocus.com/bid/106051 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15130 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=c5a65115ebab55cfd5ce0a855c2256e01cab6449 https://lists.debian.org/debian-lts-announce/2019/01/msg00010.html https://www.debian.org/security/2018/dsa-4359 https://www.oracle.com/security-alerts/cpuapr2020.html https://www.wireshark.org/security/wnpa-sec-2018&# • CWE-125: Out-of-bounds Read CWE-908: Use of Uninitialized Resource •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

In Wireshark 2.6.0 to 2.6.3, the Steam IHS Discovery dissector could consume system memory. This was addressed in epan/dissectors/packet-steam-ihs-discovery.c by changing the memory-management approach. En Wireshark desde la versión 2.6.0 hasta la 2.6.3, el disector Steam IHS Discovery podría consumir memoria del sistema. Esto se abordó en epan/dissectors/packet-steam-ihs-discovery.c cambiando el enfoque de gestión de memoria. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html http://www.securityfocus.com/bid/105583 http://www.securitytracker.com/id/1041909 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15171 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=6e920ddc3cad2886ef07ca1a8e50e2a5c50986f7 https://www.debian.org/security/2018/dsa-4359 https://www.wireshark.org/security/wnpa-sec-2018-48.html • CWE-772: Missing Release of Resource after Effective Lifetime •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

In Wireshark 2.6.0 to 2.6.3 and 2.4.0 to 2.4.9, the MS-WSP protocol dissector could crash. This was addressed in epan/dissectors/packet-mswsp.c by properly handling NULL return values. En Wireshark de la versión 2.6.0 a la 2.6.3 y de la versión 2.4.0 a la 2.4.9, el disector del protocolo MS-WSP podría cerrarse inesperadamente. Esto se trató en epan/dissectors/packet-mswsp.c gestionando correctamente valores NULL de retorno. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html http://www.securityfocus.com/bid/105583 http://www.securitytracker.com/id/1041909 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15119 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=d443be449a52f95df5754adc39e1f3472fec2f03 https://www.debian.org/security/2018/dsa-4359 https://www.oracle.com/security-alerts/cpuapr2020.html https://www.wireshark.org/security/wnpa-sec-2018-47.html • CWE-476: NULL Pointer Dereference •