CVSS: 9.3EPSS: 3%CPEs: 5EXPL: 1CVE-2009-4376
https://notcve.org/view.php?id=CVE-2009-4376
Buffer overflow in the daintree_sna_read function in the Daintree SNA file parser in Wireshark 1.2.0 through 1.2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet. Desbordamiento de búfer en la función daintree_sna_read en el analizador de fichero Daintree SNA en Wireshark v1.2.0 hasta v1.2.4 permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código de su elección mediante un paquete modificado. • http://osvdb.org/61177 http://secunia.com/advisories/37842 http://secunia.com/advisories/37916 http://www.securityfocus.com/bid/37407 http://www.securitytracker.com/id?1023374 http://www.vupen.com/english/advisories/2009/3596 http://www.wireshark.org/security/wnpa-sec-2009-09.html https://bugs.wireshark.org/bugzilla/attachment.cgi?id=4022 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4294 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.4EPSS: 0%CPEs: 36EXPL: 2CVE-2009-4377 – wireshark: invalid pointer dereference in SMB/SMB2 dissectors
https://notcve.org/view.php?id=CVE-2009-4377
The (1) SMB and (2) SMB2 dissectors in Wireshark 0.9.0 through 1.2.4 allow remote attackers to cause a denial of service (crash) via a crafted packet that triggers a NULL pointer dereference, as demonstrated by fuzz-2009-12-07-11141.pcap. El analizador (1) SMB y (2) SMB2 en Wireshark v0.9.0 hasta v1.2.4 permite a atacantes remotos provocar una denegación de servicio (caída) mediante un paquete modificado, como se ha demostrado por fuzz-2009-12-07-11141.pcap. • http://osvdb.org/61178 http://secunia.com/advisories/37842 http://secunia.com/advisories/37916 http://www.debian.org/security/2009/dsa-1983 http://www.mandriva.com/security/advisories?name=MDVSA-2010:031 http://www.securityfocus.com/bid/37407 http://www.securitytracker.com/id?1023374 http://www.vupen.com/english/advisories/2009/3596 http://www.wireshark.org/security/wnpa-sec-2009-09.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4301 https://oval.cisecurity&# •
CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0CVE-2009-4378
https://notcve.org/view.php?id=CVE-2009-4378
The IPMI dissector in Wireshark 1.2.0 through 1.2.4 on Windows allows remote attackers to cause a denial of service (crash) via a crafted packet, related to "formatting a date/time using strftime." El analizador IPMI en Wireshark v1.2.0 hasta v1.2.4, cuando se ejecuta en Windows, permite a atacantes remotos provocar una denegación de servicio (caída) mediante un paquete modificado, relacionado con "el formateado de fecha/hora usando strftime". • http://osvdb.org/61179 http://secunia.com/advisories/37842 http://www.securityfocus.com/bid/37407 http://www.securitytracker.com/id?1023374 http://www.vupen.com/english/advisories/2009/3596 http://www.wireshark.org/security/wnpa-sec-2009-09.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4319 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7576 https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01248.html •
CVSS: 4.3EPSS: 0%CPEs: 28EXPL: 0CVE-2009-3550 – Wireshark: NULL pointer dereference in the DCERPC over SMB packet disassembly
https://notcve.org/view.php?id=CVE-2009-3550
The DCERPC/NT dissector in Wireshark 0.10.10 through 1.0.9 and 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a file that records a malformed packet trace. NOTE: some of these details are obtained from third party information. El analizador DCERPC/NT en Wireshark desde v0.10.10 hasta v1.0.9 y desde v1.2.0 hasta v1.2.2 permite a atacantes remotos producir una denegación de servicio (desreferencia a puntero NULL y caída de aplicación) a través de un fichero que almacena la ruta de un paquete manipulado. • http://secunia.com/advisories/37175 http://secunia.com/advisories/37409 http://secunia.com/advisories/37477 http://www.debian.org/security/2009/dsa-1942 http://www.securityfocus.com/bid/36846 http://www.vupen.com/english/advisories/2009/3061 http://www.wireshark.org/docs/relnotes/wireshark-1.0.10.html http://www.wireshark.org/docs/relnotes/wireshark-1.2.3.html http://www.wireshark.org/security/wnpa-sec-2009-07.html http://www.wireshark.org/security/wnpa-sec-2009- • CWE-476: NULL Pointer Dereference •