Page 8 of 61 results (0.007 seconds)

CVSS: 5.0EPSS: 0%CPEs: 14EXPL: 0

The fragment_add_work function in epan/reassemble.c in Wireshark 0.8.19 through 1.0.1 allows remote attackers to cause a denial of service (crash) via a series of fragmented packets with non-sequential fragmentation offset values, which lead to a buffer over-read. La función fragment_add_work de epan/reassemble.c en Wireshark versiones 0.8.19 hasta la 1.0.1, permite a atacantes remotos provocar una denegación de servicio (caída) a través de series de paquetes fragmentados con valores de desplazamiento de fragmentación no secuencial, lo cual provoca una sobre-lectua del buffer. • http://anonsvn.wireshark.org/viewvc/index.py?view=rev&revision=25343 http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html http://secunia.com/advisories/31044 http://secunia.com/advisories/31085 http://secunia.com/advisories/31257 http://secunia.com/advisories/31378 http://secunia.com/advisories/31687 http://secunia.com/advisories/32091 http://secunia.com/advisories/32944 http://security.gentoo.org/glsa/glsa-200808-04.xml http://securitytracker.com/id?1020471 • CWE-20: Improper Input Validation •

CVSS: 4.9EPSS: 0%CPEs: 10EXPL: 1

Unspecified vulnerability in the RMI dissector in Wireshark (formerly Ethereal) 0.9.5 through 1.0.0 allows remote attackers to read system memory via unspecified vectors. Vulnerabilidad sin especificar en el analizador RMI en Wireshark (anteriormente Ethereal) de la v0.9.5 a la v1.0.0, permite a atacantes remotos leer la memoria del sistema a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html http://secunia.com/advisories/30886 http://secunia.com/advisories/30942 http://secunia.com/advisories/31085 http://secunia.com/advisories/31378 http://secunia.com/advisories/31687 http://secunia.com/advisories/32091 http://secunia.com/advisories/32944 http://security.gentoo.org/glsa/glsa-200808-04.xml http://securitytracker.com/id?1020404 http://support.avaya.com/elmodocs2/security/ASA-2008-392.htm http:& • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.0EPSS: 0%CPEs: 11EXPL: 0

The (1) PANA and (2) KISMET dissectors in Wireshark (formerly Ethereal) 0.99.3 through 1.0.0 allow remote attackers to cause a denial of service (application stop) via unknown vectors. Los analizadores (1) PANA y (2) KISMET en Wireshark (conocido como Ethereal) de la 0.99.3 a la v1.0.0, permite a atacantes remotos provocar una denegación de servicio (parada de aplicación) a través de vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html http://secunia.com/advisories/30886 http://secunia.com/advisories/30942 http://secunia.com/advisories/31085 http://secunia.com/advisories/31378 http://secunia.com/advisories/31687 http://secunia.com/advisories/32091 http://secunia.com/advisories/32944 http://security.gentoo.org/glsa/glsa-200808-04.xml http://securitytracker.com/id?1020404 http://support.avaya.com/elmodocs2/security/ASA-2008-392.htm http:& • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.0EPSS: 0%CPEs: 11EXPL: 0

The RTMPT dissector in Wireshark (formerly Ethereal) 0.99.8 through 1.0.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: this might be due to a use-after-free error. El analizador RTMPT en Wireshark (anteriormente Ethereal) 0.99.8 a la v1.0.0, permite a atacantes remotos provocar una denegación de servicio (caída) a través de vectores desconocidos. NOTA: esto puede ser debido a un eror "user-after-free" (uso después de liberación). • http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html http://secunia.com/advisories/30886 http://secunia.com/advisories/30942 http://secunia.com/advisories/31085 http://secunia.com/advisories/31378 http://secunia.com/advisories/31687 http://security.gentoo.org/glsa/glsa-200808-04.xml http://securitytracker.com/id?1020404 http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0212 http://www.securityfocus.com/archive/1/493882/100/0/threaded http://www.securityfocus • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.3EPSS: 0%CPEs: 10EXPL: 1

The GSM SMS dissector in Wireshark (formerly Ethereal) 0.99.2 through 1.0.0 allows remote attackers to cause a denial of service (application crash) via unknown vectors. El analizador GSM SMS en Wireshark (anteriormente Ethereal) 0.99.2 a la v1.0.0, permite a atacantes remotos provocar una denegación de servicio (caída) a través de vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html http://secunia.com/advisories/30886 http://secunia.com/advisories/30942 http://secunia.com/advisories/31085 http://secunia.com/advisories/31378 http://secunia.com/advisories/31687 http://secunia.com/advisories/32091 http://secunia.com/advisories/32944 http://security.gentoo.org/glsa/glsa-200808-04.xml http://securitytracker.com/id?1020404 http://support.avaya.com/elmodocs2/security/ASA-2008-392.htm http:& • CWE-20: Improper Input Validation •