CVSS: 5.0EPSS: 0%CPEs: 26EXPL: 0CVE-2013-3556
https://notcve.org/view.php?id=CVE-2013-3556
The fragment_add_seq_common function in epan/reassemble.c in the ASN.1 BER dissector in Wireshark before r48943 has an incorrect pointer dereference during a comparison, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. La función fragment_add_seq_common en epan/reassemble.c en el disector ASN.1 BER en Wireshark antes de r48943 tiene una referencia a un puntero incorrecto durante la comparación, lo que permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de un paquete mal formado. • http://anonsvn.wireshark.org/viewvc/trunk/epan/reassemble.c?r1=48943&r2=48942&pathrev=48943 http://anonsvn.wireshark.org/viewvc?view=revision&revision=48943 http://lists.opensuse.org/opensuse-updates/2013-06/msg00048.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00083.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html http://secunia.com/advisories/53425 http://secunia.com/advisories/54425 http:/ • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 0%CPEs: 11EXPL: 0CVE-2013-3558
https://notcve.org/view.php?id=CVE-2013-3558
The dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c in the PPP CCP dissector in Wireshark 1.8.x before 1.8.7 does not terminate a bit-field list, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. La función dissect_ccp_bsdcomp_opt en epan/dissectors/packet-ppp.c en el disector PPP CCP en Wireshark v1.8.x antes de v1.8.7 no termina la lista del campo de bits, lo que permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de un paquete mal formado. • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-ppp.c?r1=49214&r2=49213&pathrev=49214 http://anonsvn.wireshark.org/viewvc?view=revision&revision=49214 http://lists.opensuse.org/opensuse-updates/2013-06/msg00048.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00083.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html http://secunia.com/advisories/53425 http://secunia.com/advisories/5442 • CWE-189: Numeric Errors •
CVSS: 5.0EPSS: 4%CPEs: 11EXPL: 1CVE-2013-3560
https://notcve.org/view.php?id=CVE-2013-3560
The dissect_dsmcc_un_download function in epan/dissectors/packet-mpeg-dsmcc.c in the MPEG DSM-CC dissector in Wireshark 1.8.x before 1.8.7 uses an incorrect format string, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. La función dissect_dsmcc_un_download en epan/dissectors/packet-mpeg-dsmcc.c en el disector MPEG DSM-CC en Wireshark v1.8.x antes de v1.8.7 utiliza una cadena de formato incorrecto, lo que permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de un paquete mal formado. • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-mpeg-dsmcc.c?r1=48332&r2=48331&pathrev=48332 http://anonsvn.wireshark.org/viewvc?view=revision&revision=48332 http://lists.opensuse.org/opensuse-updates/2013-06/msg00048.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00083.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html http://secunia.com/advisories/53425 http://secunia.com/advisorie • CWE-134: Use of Externally-Controlled Format String •
CVSS: 5.0EPSS: 1%CPEs: 11EXPL: 1CVE-2013-3562
https://notcve.org/view.php?id=CVE-2013-3562
Multiple integer signedness errors in the tvb_unmasked function in epan/dissectors/packet-websocket.c in the Websocket dissector in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (application crash) via a malformed packet. Múltiples errores de signo de enteros en la función tvb_unmasked en epan/dissectors/packets-websocket.c en el Websocket dissector en Wireshark v1.8.x antes de v1.8.7 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de un paquete mal formado. • http://anonsvn.wireshark.org/viewvc/trunk-1.8/epan/dissectors/packet-websocket.c?r1=48419&r2=48418&pathrev=48419 http://anonsvn.wireshark.org/viewvc?view=revision&revision=48419 http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html http://secunia.com/advisories/53425 http://secunia.com/advisories/54425 http://www.debian.org/security/2013/dsa-2700 http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml http&# • CWE-189: Numeric Errors •
CVSS: 5.0EPSS: 0%CPEs: 26EXPL: 1CVE-2013-3557 – wireshark: DoS (crash) in the ASN.1 BER dissector (wnpa-sec-2013-25, upstream #8599)
https://notcve.org/view.php?id=CVE-2013-3557
The dissect_ber_choice function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.6.x before 1.6.15 and 1.8.x before 1.8.7 does not properly initialize a certain variable, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. La función dissect_ber_choice en epan/dissectors/packet-ber.c en el disector ASN.1 BER en Wireshark v1.6.x antes de v1.6.15 y v1.8.x antes de v1.8.7 no inicializa correctamente una determinada variable, lo que permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de un paquete mal formado. • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-ber.c?r1=48944&r2=48943&pathrev=48944 http://anonsvn.wireshark.org/viewvc?view=revision&revision=48944 http://lists.opensuse.org/opensuse-updates/2013-06/msg00048.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00083.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html http://rhn.redhat.com/errata/RHSA-2014-0341.html http://secunia. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •