CVE-2007-6121 – wireshark RPC Portmap flaws
https://notcve.org/view.php?id=CVE-2007-6121
Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 allows remote attackers to cause a denial of service (crash) via a malformed RPC Portmap packet. Wireshark (formalmente Ethereal), desde la versión 0.8.16 a la 0.99.6, permite que atacantes remotos provoquen una denegación de servicio (por caída) usando paquetes RPC Portmap mal formados. • http://bugs.gentoo.org/show_bug.cgi?id=199958 http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.html http://secunia.com/advisories/27777 http://secunia.com/advisories/27817 http://secunia.com/advisories/28197 http://secunia.com/advisories/28207 http://secunia.com/advisories/28288 http://secunia.com/advisories/28304 http://secunia.com/advisories/28325 http://secunia.com/advisories/28564 http://secunia.com/advisories/28583 http://secunia.com/advisories/29048 • CWE-20: Improper Input Validation •
CVE-2007-3392 – Wireshark crashes when inspecting MMS traffic
https://notcve.org/view.php?id=CVE-2007-3392
Wireshark before 0.99.6 allows remote attackers to cause a denial of service via malformed (1) SSL or (2) MMS packets that trigger an infinite loop. Wireshark anterior a 0.99.6 permite a atacantes remotos provocar una denegación de servicio mediante paquetes (1) SSL o (2) MMS que provocan un bucle infinito. • http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1582 http://secunia.com/advisories/25833 http://secunia.com/advisories/25877 http://secunia.com/advisories/25987 http://secunia.com/advisories/26004 http://secunia.com/advisories/26499 http://secunia.com/advisories/28583 http://security.gentoo.org/glsa/glsa-200708-12.xml http://www.debian.org/security/2007/dsa-1322 http://www.mandriva.com/security/advisories?name=MDKSA-2007:145 http://www.novell.com/linux/security/advis •
CVE-2007-3393 – Wireshark corrupts the stack when inspecting BOOTP traffic
https://notcve.org/view.php?id=CVE-2007-3393
Off-by-one error in the DHCP/BOOTP dissector in Wireshark before 0.99.6 allows remote attackers to cause a denial of service (crash) via crafted DHCP-over-DOCSIS packets. Error de superación de límite (off-by-one) en el disector DHCP/BOOTP de Wireshark anterior a 0.99.6 permite a atacantes remotos provocar una denegación de servicio (caída) mediante paquetes DHCP-over-DOCSIS manipulados de forma artesanal. • http://osvdb.org/37639 http://secunia.com/advisories/22588 http://secunia.com/advisories/25833 http://secunia.com/advisories/25877 http://secunia.com/advisories/25987 http://secunia.com/advisories/26004 http://secunia.com/advisories/26499 http://secunia.com/advisories/28583 http://security.gentoo.org/glsa/glsa-200708-12.xml http://www.debian.org/security/2007/dsa-1322 http://www.mandriva.com/security/advisories?name=MDKSA-2007:145 http://www.novell.com/linux/security& •
CVE-2007-3390 – Wireshark crashes when inspecting iSeries traffic
https://notcve.org/view.php?id=CVE-2007-3390
Wireshark 0.99.5 and 0.10.x up to 0.10.14, when running on certain systems, allows remote attackers to cause a denial of service (crash) via crafted iSeries capture files that trigger a SIGTRAP. Wireshark 0.99.5 y 0.10.x hasta 0.10.14, al ejecutarse en ciertos sistemas, permite a atacantes remotos provocar una denegación de servicio (caída) mediante ficheros capturados iSeries artesanales que provocan una SIGTRAP. • http://osvdb.org/37642 http://secunia.com/advisories/25833 http://secunia.com/advisories/25877 http://secunia.com/advisories/25987 http://secunia.com/advisories/26004 http://secunia.com/advisories/26499 http://secunia.com/advisories/28583 http://security.gentoo.org/glsa/glsa-200708-12.xml http://www.debian.org/security/2007/dsa-1322 http://www.mandriva.com/security/advisories?name=MDKSA-2007:145 http://www.novell.com/linux/security/advisories/2007_15_sr.html http:/ •
CVE-2007-0457 – Multiple Wireshark issues (CVE-2007-0457, CVE-2007-0458, CVE-2007-0459)
https://notcve.org/view.php?id=CVE-2007-0457
Unspecified vulnerability in the IEEE 802.11 dissector in Wireshark (formerly Ethereal) 0.10.14 through 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors. Vulnerabilidad no especificada en el disector IEEE 802.11 en Wireshark (formalmente Ethereal) 0.10.14 hasta 0.99.4 permite a atacantes remotos provocar denegación de servicio (caida de aplicación) a través de vectores no especificados. • ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc http://fedoranews.org/cms/node/2565 http://osvdb.org/33074 http://secunia.com/advisories/24011 http://secunia.com/advisories/24016 http://secunia.com/advisories/24025 http://secunia.com/advisories/24084 http://secunia.com/advisories/24515 http://secunia.com/advisories/24650 http://secunia.com/advisories/24970 http://securitytracker.com/id?1017581 http://support.avaya.com/elmodocs2/security/ASA-2007 •