CVSS: 7.5EPSS: 3%CPEs: 69EXPL: 0CVE-2007-6111 – wireshark mp3 and ncp flaws
https://notcve.org/view.php?id=CVE-2007-6111
23 Nov 2007 — Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) allow remote attackers to cause a denial of service (crash) via (1) a crafted MP3 file or (2) unspecified vectors to the NCP dissector. Múltiples vulnerabilidades no especificadas en Wireshark (formalmente Ethereal) que permiten que atacantes remotos provoquen una denegación de servicio (por caída) usando: (1) un fichero MP3 manipulado, o (2) vectores no especificados en el NCP dissector. Multiple buffer overflows and infinite loops were ... • http://bugs.gentoo.org/show_bug.cgi?id=199958 •
CVSS: 7.5EPSS: 2%CPEs: 45EXPL: 0CVE-2007-6120 – wireshark Bluetooth SDP dissector flaws
https://notcve.org/view.php?id=CVE-2007-6120
23 Nov 2007 — The Bluetooth SDP dissector Wireshark (formerly Ethereal) 0.99.2 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. El Bluetooth SDP dissector Wireshark (formalmente Ethereal), desde la versión 0.99.2 a la 0.99.6, permite que atacantes remotos provoquen una denegación de servicio(por bucle infinito) usando vectores desconocidos. Multiple buffer overflows and infinite loops were discovered in multiple dissector and parser components, including those for MP3 an... • http://bugs.gentoo.org/show_bug.cgi?id=199958 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 2%CPEs: 53EXPL: 0CVE-2007-6121 – wireshark RPC Portmap flaws
https://notcve.org/view.php?id=CVE-2007-6121
23 Nov 2007 — Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 allows remote attackers to cause a denial of service (crash) via a malformed RPC Portmap packet. Wireshark (formalmente Ethereal), desde la versión 0.8.16 a la 0.99.6, permite que atacantes remotos provoquen una denegación de servicio (por caída) usando paquetes RPC Portmap mal formados. Multiple buffer overflows and infinite loops were discovered in multiple dissector and parser components, including those for MP3 and NCP (CVE-2007-6111), PPP (CVE-2007-6112), ... • http://bugs.gentoo.org/show_bug.cgi?id=199958 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 5%CPEs: 41EXPL: 0CVE-2006-3632 – rPSA-2006-0132-1.txt
https://notcve.org/view.php?id=CVE-2006-3632
18 Jul 2006 — Buffer overflow in Wireshark (aka Ethereal) 0.8.16 to 0.99.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the NFS dissector. Desbordamiento de búfer en Wireshark (también conocido como Ethereal) 0.8.16 hasta 0.99.0 permite a atacantes remotos provocar una denegación de servicio y posiblemente ejecutar código de su elección a través del analizador de protocolo NFS. All versions of the ethereal and tethereal packages contain vulnerabilities in packet dissector m... • ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 5%CPEs: 53EXPL: 0CVE-2006-1938 – Debian Linux Security Advisory 1049-1
https://notcve.org/view.php?id=CVE-2006-1938
25 Apr 2006 — Multiple unspecified vulnerabilities in Ethereal 0.8.x up to 0.10.14 allow remote attackers to cause a denial of service (crash from null dereference) via the (1) Sniffer capture or (2) SMB PIPE dissector. Gerald Combs reported several vulnerabilities in ethereal, a popular network traffic analyser. • ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc •
CVSS: 7.5EPSS: 3%CPEs: 35EXPL: 0CVE-2006-1939 – Debian Linux Security Advisory 1049-1
https://notcve.org/view.php?id=CVE-2006-1939
25 Apr 2006 — Multiple unspecified vulnerabilities in Ethereal 0.9.x up to 0.10.14 allow remote attackers to cause a denial of service (crash from null dereference) via (1) an invalid display filter, or the (2) GSM SMS, (3) ASN.1-based, (4) DCERPC NT, (5) PER, (6) RPC, (7) DCERPC, and (8) ASN.1 dissectors. Gerald Combs reported several vulnerabilities in ethereal, a popular network traffic analyser. • ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc •
CVSS: 7.8EPSS: 5%CPEs: 30EXPL: 0CVE-2005-4585
https://notcve.org/view.php?id=CVE-2005-4585
29 Dec 2005 — Unspecified vulnerability in the GTP dissector for Ethereal 0.9.1 to 0.10.13 allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors. • ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U •
CVSS: 9.8EPSS: 5%CPEs: 39EXPL: 0CVE-2005-3651 – iDEFENSE Security Advisory 2005-12-09.t
https://notcve.org/view.php?id=CVE-2005-3651
10 Dec 2005 — Stack-based buffer overflow in the dissect_ospf_v3_address_prefix function in the OSPF protocol dissector in Ethereal 0.10.12, and possibly other versions, allows remote attackers to execute arbitrary code via crafted packets. Remote exploitation of an input validation vulnerability in the OSPF protocol dissectors within Ethereal, as included in various vendors operating system distributions, could allow attackers to crash the vulnerable process or potentially execute arbitrary code. iDefense has confirmed ... • ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U •
CVSS: 7.5EPSS: 3%CPEs: 39EXPL: 0CVE-2005-3313 – Gentoo Linux Security Advisory 200510-25
https://notcve.org/view.php?id=CVE-2005-3313
31 Oct 2005 — The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers to cause a denial of service (infinite loop). Ethereal is vulnerable to numerous vulnerabilities, potentially resulting in the execution of arbitrary code or abnormal termination. Versions less than 0.10.13-r1 are affected. • ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U •
CVSS: 7.5EPSS: 4%CPEs: 32EXPL: 0CVE-2005-3241 – Debian Linux Security Advisory 1171-1
https://notcve.org/view.php?id=CVE-2005-3241
27 Oct 2005 — Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote attackers to cause a denial of service (memory consumption) via unspecified vectors in the (1) ISAKMP, (2) FC-FCS, (3) RSVP, and (4) ISIS LSP dissector. Several remote vulnerabilities have been discovered in the Ethereal network scanner, which may lead to the execution of arbitrary code. • http://secunia.com/advisories/17254 •