CVE-2007-6120 – wireshark Bluetooth SDP dissector flaws
https://notcve.org/view.php?id=CVE-2007-6120
The Bluetooth SDP dissector Wireshark (formerly Ethereal) 0.99.2 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. El Bluetooth SDP dissector Wireshark (formalmente Ethereal), desde la versión 0.99.2 a la 0.99.6, permite que atacantes remotos provoquen una denegación de servicio(por bucle infinito) usando vectores desconocidos. • http://bugs.gentoo.org/show_bug.cgi?id=199958 http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.html http://secunia.com/advisories/27777 http://secunia.com/advisories/27817 http://secunia.com/advisories/28197 http://secunia.com/advisories/28207 http://secunia.com/advisories/28288 http://secunia.com/advisories/28304 http://secunia.com/advisories/28325 http://secunia.com/advisories/28564 http://secunia.com/advisories/28583 http://secunia.com/advisories/29048 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2007-6121 – wireshark RPC Portmap flaws
https://notcve.org/view.php?id=CVE-2007-6121
Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 allows remote attackers to cause a denial of service (crash) via a malformed RPC Portmap packet. Wireshark (formalmente Ethereal), desde la versión 0.8.16 a la 0.99.6, permite que atacantes remotos provoquen una denegación de servicio (por caída) usando paquetes RPC Portmap mal formados. • http://bugs.gentoo.org/show_bug.cgi?id=199958 http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.html http://secunia.com/advisories/27777 http://secunia.com/advisories/27817 http://secunia.com/advisories/28197 http://secunia.com/advisories/28207 http://secunia.com/advisories/28288 http://secunia.com/advisories/28304 http://secunia.com/advisories/28325 http://secunia.com/advisories/28564 http://secunia.com/advisories/28583 http://secunia.com/advisories/29048 • CWE-20: Improper Input Validation •
CVE-2007-3392 – Wireshark crashes when inspecting MMS traffic
https://notcve.org/view.php?id=CVE-2007-3392
Wireshark before 0.99.6 allows remote attackers to cause a denial of service via malformed (1) SSL or (2) MMS packets that trigger an infinite loop. Wireshark anterior a 0.99.6 permite a atacantes remotos provocar una denegación de servicio mediante paquetes (1) SSL o (2) MMS que provocan un bucle infinito. • http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1582 http://secunia.com/advisories/25833 http://secunia.com/advisories/25877 http://secunia.com/advisories/25987 http://secunia.com/advisories/26004 http://secunia.com/advisories/26499 http://secunia.com/advisories/28583 http://security.gentoo.org/glsa/glsa-200708-12.xml http://www.debian.org/security/2007/dsa-1322 http://www.mandriva.com/security/advisories?name=MDKSA-2007:145 http://www.novell.com/linux/security/advis •
CVE-2007-3393 – Wireshark corrupts the stack when inspecting BOOTP traffic
https://notcve.org/view.php?id=CVE-2007-3393
Off-by-one error in the DHCP/BOOTP dissector in Wireshark before 0.99.6 allows remote attackers to cause a denial of service (crash) via crafted DHCP-over-DOCSIS packets. Error de superación de límite (off-by-one) en el disector DHCP/BOOTP de Wireshark anterior a 0.99.6 permite a atacantes remotos provocar una denegación de servicio (caída) mediante paquetes DHCP-over-DOCSIS manipulados de forma artesanal. • http://osvdb.org/37639 http://secunia.com/advisories/22588 http://secunia.com/advisories/25833 http://secunia.com/advisories/25877 http://secunia.com/advisories/25987 http://secunia.com/advisories/26004 http://secunia.com/advisories/26499 http://secunia.com/advisories/28583 http://security.gentoo.org/glsa/glsa-200708-12.xml http://www.debian.org/security/2007/dsa-1322 http://www.mandriva.com/security/advisories?name=MDKSA-2007:145 http://www.novell.com/linux/security& •
CVE-2006-5595
https://notcve.org/view.php?id=CVE-2006-5595
Unspecified vulnerability in the AirPcap support in Wireshark (formerly Ethereal) 0.99.3 has unspecified attack vectors related to WEP key parsing. Vulnerabilidad sin especificar en el soporte AirPcap en Wireshark (anteriormente conocido como Ethereal) 0.99.3 tiene vectores de ataque sin especificar referido al analizador sintáctico WEP. • http://secunia.com/advisories/22590 http://www.securityfocus.com/bid/20762 http://www.wireshark.org/security/wnpa-sec-2006-03.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14787 •