Lucene search
+L

11 matches found

osv
osv
added 2020/10/16 3:44 p.m.11 views

MGASA-2020-0384 Updated wireshark packages fix security vulnerabilities

The TCP dissector could crash CVE-2020-25862. The MIME Multipart dissector could crash CVE-2020-25863. The BLIP dissector could crash CVE-2020-25866...

7.5CVSS7.4AI score0.04918EPSS
Exploits3References7
redhatcve
redhatcve
added 2020/10/07 2:36 p.m.35 views

CVE-2020-25863

In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. This was addressed in epan/dissectors/packet-multipart.c by correcting the deallocation of invalid MIME parts...

7.5CVSS1.8AI score0.04918EPSS
Exploits1References3
osv
osv
added 2020/10/06 3:15 p.m.26 views

CVE-2020-25863

In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. This was addressed in epan/dissectors/packet-multipart.c by correcting the deallocation of invalid MIME parts...

7.5CVSS6.5AI score
Exploits0References10
ubuntucve
ubuntucve
added 2020/10/06 3:15 p.m.42 views

CVE-2020-25863

In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. This was addressed in epan/dissectors/packet-multipart.c by correcting the deallocation of invalid MIME parts...

7.5CVSS7.1AI score0.04918EPSS
Exploits1References4
veracode
veracode
added 2020/09/24 10:28 a.m.37 views

Denial Of Service (DoS)

wireshark is vulnerable to denial of service. An attacker is able to crash the MIME Multipart dissector by injecting a malformed packet onto the wire or by convincing a user to read a malicious packet trace file...

7.5CVSS3AI score0.04918EPSS
Exploits1References13Affected Software1
nessus
nessus
added 2020/09/24 12:0 a.m.36 views

Wireshark 2.6.x < 2.6.20 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.6.20. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.6.20 advisory. - In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could...

7.5CVSS7.2AI score0.04918EPSS
Exploits2References7
nessus
nessus
added 2009/04/23 12:0 a.m.32 views

CentOS 3 / 4 : wireshark (CESA-2006:0726)

New Wireshark packages that fix various security vulnerabilities are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Wireshark is a program for monitoring network traffic. Several flaws were found in Wireshark's HTTP, WBXML, LDAP...

7.5CVSS8AI score0.04095EPSS
Exploits0References11
openvas
openvas
added 2008/01/17 12:0 a.m.33 views

Debian Security Advisory DSA 1201-1 (ethereal)

The remote host is missing an update to ethereal announced via advisory DSA 1201-1. Several remote vulnerabilities have been discovered in the Ethereal network scanner. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-4574 It was discovered that the MIM...

5CVSS0.4AI score0.04095EPSS
Exploits1
nessus
nessus
added 2007/10/17 12:0 a.m.27 views

openSUSE 10 Security Update : ethereal (ethereal-2246)

Various problems have been fixed in the network analyzer Ethereal, most leading to crashes of the ethereal program. CVE-2006-5740: A unspecified vulnerability in the LDAP dissector could be used to crash Ethereal. CVE-2006-4574: A single \0 byte heap overflow was fixed in the MIME multipart...

7.5CVSS7.5AI score0.04095EPSS
Exploits0References5
osv
osv
added 2006/10/28 12:7 a.m.10 views

CVE-2006-4574

Off-by-one error in the MIME Multipart dissector in Wireshark formerly Ethereal 0.10.1 through 0.99.3 allows remote attackers to cause a denial of service crash via certain vectors that trigger an assertion error related to unexpected length values...

7.5CVSS7.2AI score
Exploits0References25
ptsecurity
ptsecurity
added 2006/10/27 12:0 a.m.7 views

PT-2006-5361 · Wireshark +1 · Wireshark +1

Name of the Vulnerable Software and Affected Versions: Wireshark versions 0.10.1 through 0.99.3 Description: The issue is related to an off-by-one error in the MIME Multipart dissector, which allows remote attackers to cause a denial of service crash via certain vectors that trigger an assertion...

10CVSS6.8AI score0.93838EPSS
Exploits72References197
Rows per page
Query Builder