5574 matches found
CVE-2003-1012
The SMB dissector in Ethereal before 0.10.0 allows remote attackers to cause a denial of service via a malformed SMB packet that triggers a segmentation fault during processing of Selected packets...
CVE-2003-1012
CVE-2003-1012 relates to Ethereal (Wireshark predecessor). The SMB dissector in Ethereal before 0.10.0 is vulnerable to remote denial of service via a malformed SMB packet that triggers a segmentation fault during processing of selected packets. Several vendor advisories (Red Hat RHSA-2004:002, D...
CVE-2003-0927
Heap-based buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via the SOCKS dissector...
PT-2003-1953 · Ethereal · Ethereal
Name of the Vulnerable Software and Affected Versions: Ethereal versions 0.9.15 and earlier Description: A heap-based buffer overflow issue allows remote attackers to cause a denial of service, potentially leading to a crash, and possibly execute arbitrary code. This is achieved via the SOCKS...
CVE-2003-0428
Unknown vulnerability in the DCERPC DCE/RPC dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service memory consumption via a certain NDR string...
CVE-2003-0430
The SPNEGO dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service crash via an invalid ASN.1 value...
CVE-2003-0429
The CVE-2003-0429 issue affects Ethereal (OSI dissector) versions up to 0.9.12. The vulnerability arises from invalid IPv4/IPv6 prefix lengths, which can cause a buffer overflow, enabling remote attackers to potentially crash Ethereal or execute arbitrary code. Public references indicate fixes ar...
PT-2003-1621 · Ethereal · Ethereal
Name of the Vulnerable Software and Affected Versions: Ethereal versions 0.9.12 and earlier Description: The issue allows remote attackers to cause a denial of service, resulting in a crash, by providing an invalid ASN.1 value to the SPNEGO dissector. Recommendations: For Ethereal versions 0.9.12...
PT-2003-1559 · Ethereal · Ethereal
Name of the Vulnerable Software and Affected Versions: Ethereal versions 0.9.11 and earlier Description: The issue is related to multiple integer overflow vulnerabilities. These vulnerabilities can be exploited by remote attackers to cause a denial of service and possibly execute arbitrary code...
Ethereal contains integer overflow in PPP dissector
Overview Ethereal is a network traffic analysis package. The PPP packet dissector contains a vulnerability that may result in the execution of arbitrary code. Description The PPP packet dissector for Ethereal contains an integer overflow vulnerability. According to the Ethereal Advisory,...
Ethereal contains integer overflow in Mount dissector
Overview Ethereal is a network traffic analysis package. The mount packet dissector contains a vulnerability that may result in the execution of arbitrary code. Description The mount packet dissector for Ethereal contains an integer overflow vulnerability. According to the Ethereal Advisory,...
CVE-2002-0401
The CVE-2002-0401 issue affects Ethereal SMB dissector: versions 0.9.3 and earlier are vulnerable to remote denial of service or arbitrary code execution due to a NULL pointer dereference when handling malformed SMB packets. Connected sources confirm the flaw and indicate remediation by upgrading...
CVE-2002-0404
Ethereal (network traffic analyzer) is affected by a memory-consumption DoS in the GIOP dissector prior to version 0.9.3. Red Hat and Debian advisories summarize the issue as a vulnerability in Ethereal’s dissectors (GIOP), where memory allocation/consumption can be exploited remotely to impact a...
CVE-2002-0404
Vulnerability in GIOP dissector in Ethereal before 0.9.3 allows remote attackers to cause a denial of service memory consumption...
CVE-2002-0402
CVE-2002-0402 is a vulnerability in Ethereal’s X11 dissector. The issue is a buffer overflow that can occur while Ethereal 0.9.3 and earlier parse keysyms, potentially leading to a denial of service and possibly arbitrary code execution. Public records across multiple sources identify the affecte...
PT-2003-1354 · Ethereal · Ethereal
Name of the Vulnerable Software and Affected Versions: Ethereal versions 0.8.7 through 0.9.9 Description: A format string issue in the SOCKS dissector of Ethereal allows remote attackers to execute arbitrary code via SOCKS packets containing format string specifiers. Recommendations: For Ethereal...
CVE-2002-1355
Multiple integer signedness errors in the BGP dissector in Ethereal 0.9.7 and earlier allow remote attackers to cause a denial of service infinite loop via malformed messages...
CVE-2002-1355
CVE-2002-1355 affects Ethereal (now Wireshark) up to version 0.9.7, specifically the BGP dissector. The vulnerability arises from multiple integer signedness errors in the BGP dissector, which allow remote attackers to trigger a denial of service via malformed messages, causing an infinite loop. ...
CVE-2002-1355
Multiple integer signedness errors in the BGP dissector in Ethereal 0.9.7 and earlier allow remote attackers to cause a denial of service infinite loop via malformed messages...
PT-2002-2278 · Ethereal · Ethereal
Name of the Vulnerable Software and Affected Versions: Ethereal version 0.9.7 and earlier Description: The issue is related to multiple integer signedness errors in the BGP dissector. This can be exploited by remote attackers who send malformed messages, resulting in a denial of service due to an...