CVE-2013-4081 – wireshark: DoS (infinite loop) in the HTTP dissector (wnpa-sec-2013-39)
https://notcve.org/view.php?id=CVE-2013-4081
The http_payload_subdissector function in epan/dissectors/packet-http.c in the HTTP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 does not properly determine when to use a recursive approach, which allows remote attackers to cause a denial of service (stack consumption) via a crafted packet. La función http_payload_subdissector en epan/dissectors/packet-http.c en el HTTP dissector en Wireshark 1.6.x anterior a 1.6.16 y 1.8.x anterior a 1.8.8, no determina adecuadamente cuando se utiliza una aproximación recursiva, lo que permite a atacantes remotos provocar una denegación de servicio (consumo de pila) a través de un paquete manipulado. • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-http.c?r1=49623&r2=49622&pathrev=49623 http://anonsvn.wireshark.org/viewvc?view=revision&revision=49623 http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html http://rhn.redhat.com/errata/RHSA-2014-0341.html http://secunia.com/advisories/53762 http://secunia.com/advisories/54425 http://www.debian.org/security/2013/dsa-2709 http://www.gentoo.or • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVE-2013-4083 – wireshark: Invalid free in the DCP ETSI dissector (wnpa-sec-2013-41)
https://notcve.org/view.php?id=CVE-2013-4083
The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.6.x before 1.6.16, 1.8.x before 1.8.8, and 1.10.0 does not validate a certain fragment length value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. La función dissect_pft function en epan/dissectors/packet-dcp-etsi.c DCP ETS dissector I en Wireshark 1.6.x anterior a 1.6.16, 1.8.x anterior a 1.8.8, y 1.10.0, no valida adecuadamente el tamaño de los fragmentos, lo que permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de un paquete manipulado. • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-dcp-etsi.c?r1=49802&r2=49801&pathrev=49802 http://anonsvn.wireshark.org/viewvc?view=revision&revision=49802 http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html http://rhn.redhat.com/errata/RHSA-2014-0341.html http://secunia.com/advisories/53762 http://secunia.com/advisories/54296 http://secunia.com/advisories/54425 http://www.debian.org/securit • CWE-20: Improper Input Validation •
CVE-2013-4079
https://notcve.org/view.php?id=CVE-2013-4079
The dissect_schedule_message function in epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (infinite loop and application hang) via a crafted packet. La función dissect_schedule_message en epan/dissectors/packet-gsm_cbch.c GSM CBCH dissector en Wireshark 1.8.x anterior 1.8.8 permite a atacantes remotos provocar una denegación de servicio (bucle infinito y cuelgue de aplicación) a través de un paquete manipulado. • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-gsm_cbch.c?r1=49686&r2=49685&pathrev=49686 http://anonsvn.wireshark.org/viewvc?view=revision&revision=49686 http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html http://secunia.com/advisories/53762 http://secunia.com/advisories/54425 http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml http://www.wireshark.org/docs/relnotes/wireshark-1.8.8 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2013-4075 – wireshark: DoS (crash) in the GMR-1 BCCH dissector (wnpa-sec-2013-33)
https://notcve.org/view.php?id=CVE-2013-4075
epan/dissectors/packet-gmr1_bcch.c in the GMR-1 BCCH dissector in Wireshark 1.8.x before 1.8.8 does not properly initialize memory, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. epan/dissectors/packet-gmr1_bcch.c en el dissector GMR-1 BCCH en Wireshark v1.8.x anterior a v1.8.8 no inicializa correctamente memoria, lo que permite a atacantes remotos causar una denegación de servicio (caída de la aplicación) mediante un paquetes especialmente diseñado. A flaw was found in GMR (Geo-Mobile Radio) 1 BCCH protocol dissector of wireshark which an attacker can trigger a denial of service attack and crash wireshark by sending a specially crafted packet onto the wire or by convincing wireshark user to read malformed packet trace file. • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-gmr1_bcch.c?r1=44674&r2=44673&pathrev=44674 http://anonsvn.wireshark.org/viewvc?view=revision&revision=44674 http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html http://rhn.redhat.com/errata/RHSA-2017-0631.html http://secunia.com/advisories/53762 http://secunia.com/advisories/54425 http://www.debian.org/security/2013/dsa-2709 http://www.gent • CWE-399: Resource Management Errors •