CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2015-4651 – Gentoo Linux Security Advisory 201510-03
https://notcve.org/view.php?id=CVE-2015-4651
25 Jun 2015 — The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.12.x before 1.12.6 does not properly determine whether enough memory is available for storing IP address strings, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. Vulnerabilidad en la función dissect_wccp2r1_address_table_info en epan/dissectors/packet-wccp.c en el WCCP dissector de Wireshark en su versión 1.12.x anteriores a 1.12.6 no dete... • http://lists.opensuse.org/opensuse-updates/2015-07/msg00020.html • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2015-4652 – Gentoo Linux Security Advisory 201510-03
https://notcve.org/view.php?id=CVE-2015-4652
25 Jun 2015 — epan/dissectors/packet-gsm_a_dtap.c in the GSM DTAP dissector in Wireshark 1.12.x before 1.12.6 does not properly validate digit characters, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to the de_emerg_num_list and de_bcd_num functions. Vulnerabilidad en epan/dissectors/packet-gsm_a_dtap.c en el GSM DTAP dissector de Wireshark en su versión 1.12.x anteriores a 1.12.6 no valida correctamente los caracteres de dígitos, lo que permite a atacantes ... • http://lists.opensuse.org/opensuse-updates/2015-07/msg00020.html • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2015-3810 – wireshark: WebSocket DoS (wnpa-sec-2015-13)
https://notcve.org/view.php?id=CVE-2015-3810
26 May 2015 — epan/dissectors/packet-websocket.c in the WebSocket dissector in Wireshark 1.12.x before 1.12.5 uses a recursive algorithm, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted packet. epan/dissectors/packet-websocket.c en el disector WebSocket en Wireshark 1.12.x anterior a 1.12.5 utiliza un algoritmo recursivo, lo que permite a atacantes remotos causar una denegación de servicio (consumo de CPU) a través de un paquete manipulado. The wireshark packages contain a netwo... • http://www.debian.org/security/2015/dsa-3277 • CWE-399: Resource Management Errors CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2015-3809 – Gentoo Linux Security Advisory 201510-03
https://notcve.org/view.php?id=CVE-2015-3809
26 May 2015 — The dissect_lbmr_pser function in epan/dissectors/packet-lbmr.c in the LBMR dissector in Wireshark 1.12.x before 1.12.5 does not properly track the current offset, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. La función dissect_lbmr_pser en epan/dissectors/packet-lbmr.c en el disector LBMR en Wireshark 1.12.x anterior a 1.12.5 no rastrea correctamente el desplazamiento actual, lo que permite a atacantes remotos causar una denegación de servicio (bucle infi... • http://www.debian.org/security/2015/dsa-3277 • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2015-3813 – wireshark: Reassembly memory leak (wnpa-sec-2015-16)
https://notcve.org/view.php?id=CVE-2015-3813
26 May 2015 — The fragment_add_work function in epan/reassemble.c in the packet-reassembly feature in Wireshark 1.12.x before 1.12.5 does not properly determine the defragmentation state in a case of an insufficient snapshot length, which allows remote attackers to cause a denial of service (memory consumption) via a crafted packet. La función fragment_add_work en epan/reassemble.c en la característica del remontaje de paquetes en Wireshark 1.12.x anterior a 1.12.5 no determina correctamente el estado de la defragmentaci... • http://rhn.redhat.com/errata/RHSA-2017-0631.html • CWE-399: Resource Management Errors CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 21EXPL: 0CVE-2015-3814 – Gentoo Linux Security Advisory 201510-03
https://notcve.org/view.php?id=CVE-2015-3814
26 May 2015 — The (1) dissect_tfs_request and (2) dissect_tfs_response functions in epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 interpret a zero value as a length rather than an error condition, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. Las funciones (1) dissect_tfs_request y (2) dissect_tfs_response en epan/dissectors/packet-ieee80211.c en el disector IEEE 802.11 en Wireshark 1.10.x ante... • http://www.debian.org/security/2015/dsa-3277 • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 0%CPEs: 21EXPL: 0CVE-2015-3811 – wireshark: WCP dissector crash (wnpa-sec-2015-14)
https://notcve.org/view.php?id=CVE-2015-3811
26 May 2015 — epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 improperly refers to previously processed bytes, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, a different vulnerability than CVE-2015-2188. epan/dissectors/packet-wcp.c en el disector WCP en Wireshark 1.10.x anterior a 1.10.14 y 1.12.x anterior a 1.12.5 refiere incorrectamente a bytes previamente procesados, lo que permite a atacantes remotos c... • http://rhn.redhat.com/errata/RHSA-2017-0631.html • CWE-17: DEPRECATED: Code CWE-665: Improper Initialization •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2015-3808 – Gentoo Linux Security Advisory 201510-03
https://notcve.org/view.php?id=CVE-2015-3808
26 May 2015 — The dissect_lbmr_pser function in epan/dissectors/packet-lbmr.c in the LBMR dissector in Wireshark 1.12.x before 1.12.5 does not reject a zero length, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. La función dissect_lbmr_pser en epan/dissectors/packet-lbmr.c en el disector LBMR en Wireshark 1.12.x anterior a 1.12.5 no rechaza una longitud cero, lo que permite a atacantes remotos causar una denegación de servicio (bucle infinito) a través de un paquete manip... • http://www.securityfocus.com/bid/74628 • CWE-189: Numeric Errors •
CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0CVE-2015-3812 – wireshark: X11 memory leak (wnpa-sec-2015-15)
https://notcve.org/view.php?id=CVE-2015-3812
26 May 2015 — Multiple memory leaks in the x11_init_protocol function in epan/dissectors/packet-x11.c in the X11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 allow remote attackers to cause a denial of service (memory consumption) via a crafted packet. Múltiples fugas de memoria en la función x11_init_protocol en epan/dissectors/packet-x11.c en el disector X11 en Wireshark 1.10.x anterior a 1.10.14 y 1.12.x anterior a 1.12.5 permiten a atacantes remotos causar una denegación de servicio (consumo ... • http://rhn.redhat.com/errata/RHSA-2017-0631.html • CWE-399: Resource Management Errors CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2015-3906 – Gentoo Linux Security Advisory 201510-03
https://notcve.org/view.php?id=CVE-2015-3906
26 May 2015 — The logcat_dump_text function in wiretap/logcat.c in the Android Logcat file parser in Wireshark 1.12.x before 1.12.5 does not properly handle a lack of \0 termination, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted message in a packet, a different vulnerability than CVE-2015-3815. La función logcat_dump_text en wiretap/logcat.c en el analizador sintáctico de ficheros de Android Logcat en Wireshark 1.12.x anterior a 1.12.5 no maneja correc... • http://www.securityfocus.com/bid/74837 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •