Page 7 of 49 results (0.012 seconds)

CVSS: 8.3EPSS: 51%CPEs: 34EXPL: 0

Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors. Desbordamiento de búfer en el analizador ASN.1 BER en Wireshark 0.10.13 a 1.0.13 y 1.2.0 a 1.2.8 tiene un impacto desconocido y vectores de ataque remotos. • http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/40112 http://secunia.com/advisories/42877 http://secunia.com/advisories/43068 http://www.mandriva.com/security/advisories?name=MDVSA-2010:113 http://www.mandriva.com/security/advisories?name=MDVSA-2010:144 http://www.openwall.com/lists/oss-security/2010/06/11/1 http://www.securityfocus.com/bid/40728 http: • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 3.3EPSS: 0%CPEs: 26EXPL: 0

The SMB dissector in Wireshark 0.99.6 through 1.0.13, and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors. El disector de SMB en Wireshark v0.99.6 a v1.0.13, y v1.2.0 a 1.2.8 permite a atacantes remotos provocar una denegación de servicio (desreferencia a puntero nulo) a través de vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/40112 http://secunia.com/advisories/42877 http://secunia.com/advisories/43068 http://www.mandriva.com/security/advisories?name=MDVSA-2010:113 http://www.openwall.com/lists/oss-security/2010/06/11/1 http://www.securityfocus.com/bid/40728 http://www.vupen.com/english/advisories/2010/1418 http://www. • CWE-476: NULL Pointer Dereference •

CVSS: 4.3EPSS: 0%CPEs: 35EXPL: 0

The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0 through 1.2.7 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed packet trace file. El disector de DOCSIS en Wireshark v0.9.6 hasta v1.2.0 y v1.0.12 hasta v1.2.7 permite a atacantes remotos ayudados por el usuario provocar una denegación de servicio (cuelgue de aplicación) a través de un archivo de traza de paquetes mal formado. • http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/39661 http://secunia.com/advisories/42877 http://secunia.com/advisories/43068 http://www.mandriva.com/security/advisories?name=MDVSA-2010:099 http://www.openwall.com/lists/oss-security/2010/05/07/7 http://www.osvdb.org/64363 http://www.securityfocus.com/bid/39950 http://www.vupen.com/english/adviso • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 93%CPEs: 20EXPL: 4

Multiple buffer overflows in the LWRES dissector in Wireshark 0.9.15 through 1.0.10 and 1.2.0 through 1.2.5 allow remote attackers to cause a denial of service (crash) via a malformed packet, as demonstrated using a stack-based buffer overflow to the dissect_getaddrsbyname_request function. Múltiples desbordamientos de búfer en LWRES dissector en Wireshark desde v0.9.15 hasta v1.0.10 y desde v1.2.0 hasta v1.2.5 permite a atacantes remotos producir una denegación de servicio (caída) a través de un paquete manipulado, como se demuestra en el uso del desbordamiento de búfer basado en pila en la funcion dissect_getaddrsbyname_request. • https://www.exploit-db.com/exploits/16289 https://www.exploit-db.com/exploits/11288 https://www.exploit-db.com/exploits/16292 http://anonsvn.wireshark.org/viewvc/trunk-1.2/epan/dissectors/packet-lwres.c?view=diff&r1=31596&r2=28492&diff_format=h http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036415.html http://osvdb.org/61987 http://secunia.com/advisories/38257 http://secunia.com/advisories/38348 http://secunia.com/advisories/38829 http://www.debian. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 3%CPEs: 5EXPL: 1

Buffer overflow in the daintree_sna_read function in the Daintree SNA file parser in Wireshark 1.2.0 through 1.2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet. Desbordamiento de búfer en la función daintree_sna_read en el analizador de fichero Daintree SNA en Wireshark v1.2.0 hasta v1.2.4 permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código de su elección mediante un paquete modificado. • http://osvdb.org/61177 http://secunia.com/advisories/37842 http://secunia.com/advisories/37916 http://www.securityfocus.com/bid/37407 http://www.securitytracker.com/id?1023374 http://www.vupen.com/english/advisories/2009/3596 http://www.wireshark.org/security/wnpa-sec-2009-09.html https://bugs.wireshark.org/bugzilla/attachment.cgi?id=4022 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4294 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •