CVSS: 5.0EPSS: 1%CPEs: 7EXPL: 1CVE-2008-4682 – Wireshark 1.0.x - '.ncf' Packet Capture Local Denial of Service
https://notcve.org/view.php?id=CVE-2008-4682
wtap.c in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application abort) via a malformed Tamos CommView capture file (aka .ncf file) with an "unknown/unexpected packet type" that triggers a failed assertion. wtap.c en Wireshark v0.99.7 a la v1.0.3, permite a atacantes remoto provocar una denegación de servicio (aborto de aplicación) a través de un archivo de captura Tamos CommView mal formado (también conocido como .ncf file) con un "tipo de paquete desconocido/inesperado" que lanza una aserción fallida. • https://www.exploit-db.com/exploits/6622 http://secunia.com/advisories/32355 http://secunia.com/advisories/34144 http://securityreason.com/securityalert/4462 http://securitytracker.com/id?1021069 http://shinnok.evonet.ro/vulns_html/wireshark.html http://support.avaya.com/elmodocs2/security/ASA-2009-082.htm http://wiki.rpath.com/Advisories:rPSA-2008-0336 http://www.mandriva.com/security/advisories?name=MDVSA-2008:215 http://www.redhat.com/support/errata/RHSA-2009-0313.html http:&# • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 1CVE-2008-4680 – wireshark: DoS (app crash or abort) via malformed USB Request Block (URB).
https://notcve.org/view.php?id=CVE-2008-4680
packet-usb.c in the USB dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via a malformed USB Request Block (URB). packet-usb.c en el analizador USB en Wireshark v0.99.7 a la v1.0.3, permite a atacantes remotos provocar una denegación de servicio (aborto o caída de aplicación) a través de un USB Request Block (URB) mal formado. • http://secunia.com/advisories/32355 http://secunia.com/advisories/34144 http://securitytracker.com/id?1021069 http://support.avaya.com/elmodocs2/security/ASA-2009-082.htm http://wiki.rpath.com/Advisories:rPSA-2008-0336 http://www.mandriva.com/security/advisories?name=MDVSA-2008:215 http://www.redhat.com/support/errata/RHSA-2009-0313.html http://www.securityfocus.com/archive/1/499154/100/0/threaded http://www.securityfocus.com/bid/31838 http://www.vupen.com/english/advisories& • CWE-399: Resource Management Errors •
CVSS: 4.3EPSS: 0%CPEs: 12EXPL: 0CVE-2008-4681 – wireshark: DoS (app crash or abort) in Bluetooth RFCOMM dissector via unknown packets
https://notcve.org/view.php?id=CVE-2008-4681
Unspecified vulnerability in the Bluetooth RFCOMM dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via unknown packets. Vulnerabilidad sin especificar en el analizador Bluetooth RFCOMM en Wireshark v0.99.7 a la v1.0.3, permite a atacantes remotos provocar una denegación de servicio (aborto o caída de aplicación) a través de paquetes desconocidos. • http://secunia.com/advisories/32355 http://secunia.com/advisories/34144 http://securitytracker.com/id?1021069 http://support.avaya.com/elmodocs2/security/ASA-2009-082.htm http://wiki.rpath.com/Advisories:rPSA-2008-0336 http://www.mandriva.com/security/advisories?name=MDVSA-2008:215 http://www.redhat.com/support/errata/RHSA-2009-0313.html http://www.securityfocus.com/archive/1/499154/100/0/threaded http://www.securityfocus.com/bid/31838 http://www.vupen.com/english/advisories& • CWE-20: Improper Input Validation CWE-399: Resource Management Errors •
CVSS: 5.0EPSS: 0%CPEs: 13EXPL: 1CVE-2008-4683 – wireshark: DoS (app crash or abort) in Bluetooth ACL dissector via a packet with an invalid length
https://notcve.org/view.php?id=CVE-2008-4683
The dissect_btacl function in packet-bthci_acl.c in the Bluetooth ACL dissector in Wireshark 0.99.2 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via a packet with an invalid length, related to an erroneous tvb_memcpy call. La función dissect_btacl function en packet-bthci_acl.c del analizador Bluetooth ACL en Wireshark v0.99.2 a la v1.0.3, permite a atacantes remotos provocar una denegación de servicio (aborto o caída de aplicación) a través de un paquete con una longitud inválida relacionado con una llamada tvb_memcpy errónea. • http://secunia.com/advisories/32355 http://secunia.com/advisories/32944 http://secunia.com/advisories/34144 http://securitytracker.com/id?1021069 http://support.avaya.com/elmodocs2/security/ASA-2009-082.htm http://wiki.rpath.com/Advisories:rPSA-2008-0336 http://www.debian.org/security/2008/dsa-1673 http://www.mandriva.com/security/advisories?name=MDVSA-2008:215 http://www.redhat.com/support/errata/RHSA-2009-0313.html http://www.securityfocus.com/archive/1/499154/100/0/th • CWE-399: Resource Management Errors •
CVSS: 4.3EPSS: 0%CPEs: 13EXPL: 0CVE-2008-4684 – wireshark: DoS (app crash) via certain series of packets by enabling the (1) PRP or (2) MATE post dissector
https://notcve.org/view.php?id=CVE-2008-4684
packet-frame in Wireshark 0.99.2 through 1.0.3 does not properly handle exceptions thrown by post dissectors, which allows remote attackers to cause a denial of service (application crash) via a certain series of packets, as demonstrated by enabling the (1) PRP or (2) MATE post dissector. packet-frame en Wireshark v0.99.2 a la v1.0.3 no maneja adecuadamente las excepciones a lanzadas por los analizadores "post", lo que permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de determinadas series de paquetes como se ha demostrado activando los analizadores "post" (1) PRP o (2) MATE. • http://secunia.com/advisories/32355 http://secunia.com/advisories/32944 http://secunia.com/advisories/34144 http://securitytracker.com/id?1021069 http://support.avaya.com/elmodocs2/security/ASA-2009-082.htm http://wiki.rpath.com/Advisories:rPSA-2008-0336 http://www.debian.org/security/2008/dsa-1673 http://www.mandriva.com/security/advisories?name=MDVSA-2008:215 http://www.redhat.com/support/errata/RHSA-2009-0313.html http://www.securityfocus.com/archive/1/499154/100/0/th • CWE-399: Resource Management Errors •