CVE-2008-1561 – Wireshark 0.99.8 - X.509sat Dissector Denial of Service
https://notcve.org/view.php?id=CVE-2008-1561
Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) 0.99.5 through 0.99.8 allow remote attackers to cause a denial of service (application crash) via a malformed packet to the (1) X.509sat or (2) Roofnet dissectors. NOTE: Vector 2 might also lead to a hang. Múltiples vulnerabilidades no especificadas en Wireshark (anteriormente Ethereal) de 0.99.5 a 0.99.8 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de un paquete mal formado a los analizadores(1) X.509sat o (2) Roofnet. NOTA: el vector 2 podría llevar también a un cuelgue. • https://www.exploit-db.com/exploits/31552 http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html http://secunia.com/advisories/29569 http://secunia.com/advisories/29622 http://secunia.com/advisories/29695 http://secunia.com/advisories/29736 http://secunia.com/advisories/29971 http://secunia.com/advisories/32091 http://support.avaya.com/elmodocs2/security/ASA-2008-392.htm http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0138 http://www.gentoo.org/security/ •
CVE-2008-1562 – Wireshark 0.99.8 - LDAP Dissector Denial of Service
https://notcve.org/view.php?id=CVE-2008-1562
The LDAP dissector in Wireshark (formerly Ethereal) 0.99.2 through 0.99.8 allows remote attackers to cause a denial of service (application crash) via a malformed packet, a different vulnerability than CVE-2006-5740. El analizador LDAP en Wireshark (anteriormente Ethereal) de 0.99.2 a 0.99.8 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de un paquete mal formado, una vulnerabilidad distinta a CVE-2006-5740. • https://www.exploit-db.com/exploits/31553 http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html http://secunia.com/advisories/29569 http://secunia.com/advisories/29622 http://secunia.com/advisories/29695 http://secunia.com/advisories/29736 http://secunia.com/advisories/29971 http://secunia.com/advisories/32091 http://support.avaya.com/elmodocs2/security/ASA-2008-392.htm http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0138 http://www.gentoo.org/security/ • CWE-20: Improper Input Validation •
CVE-2008-1563 – Wireshark 0.99.8 - SCCP Dissector Decode As Feature Denial of Service
https://notcve.org/view.php?id=CVE-2008-1563
The "decode as" feature in packet-bssap.c in the SCCP dissector in Wireshark (formerly Ethereal) 0.99.6 through 0.99.8 allows remote attackers to cause a denial of service (application crash) via a malformed packet. La característica "decode as" (descodificar como) en packet-bssap.c del analizador SCCP en Wireshark (anteriormente Ethereal) de 0.99.6 a 0.99.8 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de un paquete mal formado. • https://www.exploit-db.com/exploits/31554 http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html http://secunia.com/advisories/29569 http://secunia.com/advisories/29622 http://secunia.com/advisories/29695 http://secunia.com/advisories/29736 http://secunia.com/advisories/29971 http://secunia.com/advisories/32091 http://support.avaya.com/elmodocs2/security/ASA-2008-392.htm http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0138 http://www.gentoo.org/security/ •
CVE-2008-1072 – wireshark: TFTP dissector crash
https://notcve.org/view.php?id=CVE-2008-1072
The TFTP dissector in Wireshark (formerly Ethereal) 0.6.0 through 0.99.7, when running on Ubuntu 7.10, allows remote attackers to cause a denial of service (crash or memory consumption) via a malformed packet, possibly related to a Cairo library bug. El TFTP dissector en Wireshark (antes Ethereal) de la v.0.6.0 a la v.0.99.7 ejecutado sobre Ubuntu 7.10, permite a atacantes remotos causar una denegación de servicio (caída o consumo de memoria) a través de un paquete defectuoso, posiblemente en relación al bug de la biblioteca Cairo. • http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html http://secunia.com/advisories/29156 http://secunia.com/advisories/29188 http://secunia.com/advisories/29223 http://secunia.com/advisories/29242 http://secunia.com/advisories/29511 http://secunia.com/advisories/29736 http://secunia.com/advisories/32091 http://security.gentoo.org/glsa/glsa-200803-32.xml http://support.avaya.com/elmodocs2/security/ASA-2008-392.htm http://wiki.rpath.com/wiki/Advisories:rPSA& •
CVE-2008-1071 – wireshark: SNMP dissector crash
https://notcve.org/view.php?id=CVE-2008-1071
The SNMP dissector in Wireshark (formerly Ethereal) 0.99.6 through 0.99.7 allows remote attackers to cause a denial of service (crash) via a malformed packet. El analizador SNMP de Wireshark (anteriormente Ethereal) 0.99.6 hasta 0.99.7, permite a atacantes remotos provocar una denegación de servicio (caída) a través de un paquete mal formado. • http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html http://secunia.com/advisories/29156 http://secunia.com/advisories/29188 http://secunia.com/advisories/29223 http://secunia.com/advisories/29242 http://secunia.com/advisories/29511 http://secunia.com/advisories/29736 http://secunia.com/advisories/32091 http://security.gentoo.org/glsa/glsa-200803-32.xml http://support.avaya.com/elmodocs2/security/ASA-2008-392.htm http://wiki.rpath.com/wiki/Advisories:rPSA& • CWE-399: Resource Management Errors •