81% of Tor Users Can be Easily Unmasked By Analysing Router Information

Tor has always been a tough target for law enforcement for years and FBI has spent millions of dollars to de-anonymize the identity of Tor users, but a latest research suggests that more than 81% of Tor clients can be "de-anonymised" by exploiting the traffic analysis software ‘Netflow’ technolog...

wireshark: Netflow dissector crash (wnpa-sec-2014-14)

The dissectv9v10pdudata function in epan/dissectors/packet-netflow.c in the Netflow dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 refers to incorrect offset and start variables, which allows remote attackers to cause a denial of service uninitialized memory read and...

Debian DSA-3049-1 : wireshark - security update

Multiple vulnerabilities were discovered in the dissectors/parsers for RTP, MEGACO, Netflow, RTSP, SES and Sniffer, which could result in denial of service. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...

[SECURITY] [DSA 3049-1] wireshark security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3049-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 14, 2014 http://www.debian.org/security/faq -...

Debian Security Advisory DSA 3049-1 (wireshark - security update)

Multiple vulnerabilities were discovered in the dissectors/parsers for RTP, MEGACO, Netflow, RTSP, SES and Sniffer, which could result in denial of service. OpenVAS Vulnerability Test $Id: deb3049.nasl 6637 2017-07-10 09:58:13Z teissa $ Auto-generated from advisory DSA 3049-1 using nvtgen 1.0...

DSA-3049-1 wireshark - security update

Bulletin has no description...

[ MDVSA-2014:188 ] wireshark

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:188 http://www.mandriva.com/en/support/security/ Package : wireshark Date : September 25, 2014 Affected: Business Server 1.0 Problem Description: Updated wireshark packages fix security vulnerabilities: RTP...

Mandriva Linux Security Advisory : wireshark (MDVSA-2014:188)

Updated wireshark packages fix security vulnerabilities : RTP dissector crash CVE-2014-6421, CVE-2014-6422. MEGACO dissector infinite loop CVE-2014-6423. Netflow dissector crash CVE-2014-6424. RTSP dissector crash CVE-2014-6427. SES dissector crash CVE-2014-6428. Sniffer file parser crash...

MGASA-2014-0386 Updated wireshark packages fix security vulnerabilities

Updated wireshark packages fix security vulnerabilities: RTP dissector crash CVE-2014-6421, CVE-2014-6422. MEGACO dissector infinite loop CVE-2014-6423. Netflow dissector crash CVE-2014-6424. RTSP dissector crash CVE-2014-6427. SES dissector crash CVE-2014-6428. Sniffer file parser crash...

Updated wireshark packages fix security vulnerabilities

Updated wireshark packages fix security vulnerabilities: RTP dissector crash CVE-2014-6421, CVE-2014-6422. MEGACO dissector infinite loop CVE-2014-6423. Netflow dissector crash CVE-2014-6424. RTSP dissector crash CVE-2014-6427. SES dissector crash CVE-2014-6428. Sniffer file parser crash...

CVE-2014-6424

The dissectv9v10pdudata function in epan/dissectors/packet-netflow.c in the Netflow dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 refers to incorrect offset and start variables, which allows remote attackers to cause a denial of service uninitialized memory read and...

DEBIAN-CVE-2014-6424

The dissectv9v10pdudata function in epan/dissectors/packet-netflow.c in the Netflow dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 refers to incorrect offset and start variables, which allows remote attackers to cause a denial of service uninitialized memory read and...

CVE-2014-6424

The dissectv9v10pdudata function in epan/dissectors/packet-netflow.c in the Netflow dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 refers to incorrect offset and start variables, which allows remote attackers to cause a denial of service uninitialized memory read and...

UBUNTU-CVE-2014-6424

The dissectv9v10pdudata function in epan/dissectors/packet-netflow.c in the Netflow dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 refers to incorrect offset and start variables, which allows remote attackers to cause a denial of service uninitialized memory read and...

Buffer overflow

The dissectv9v10pdudata function in epan/dissectors/packet-netflow.c in the Netflow dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 refers to incorrect offset and start variables, which allows remote attackers to cause a denial of service uninitialized memory read and...

CVE-2014-6424

Wireshark vulnerability CVE-2014-6424 affects the Netflow dissector (epan/dissectors/packet-netflow.c). The issue arises in the dissect_v9_v10_pdu_data function where incorrect offset/start variables can be exploited by a crafted NetFlow packet, leading to an uninitialized memory read and a denia...

CVE-2014-6424

The dissectv9v10pdudata function in epan/dissectors/packet-netflow.c in the Netflow dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 refers to incorrect offset and start variables, which allows remote attackers to cause a denial of service uninitialized memory read and...

CVE-2014-6424

The dissectv9v10pdudata function in epan/dissectors/packet-netflow.c in the Netflow dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 refers to incorrect offset and start variables, which allows remote attackers to cause a denial of service uninitialized memory read and...

Wireshark 1.10.x < 1.10.10 Multiple DoS Vulnerabilities

The installed version of Wireshark is version 1.10.x prior to 1.10.10. It is, therefore, affected by the following vulnerabilities : - Errors exist in the following dissectors that can cause the application to crash : - MEGACO CVE-2014-6423 - Netflow CVE-2014-6424 - RTP CVE-2014-6421, CVE-2014-64...

Wireshark 1.12.x < 1.12.1 Multiple DoS Vulnerabilities

The installed version of Wireshark is version 1.12.x prior to 1.12.1. It is, therefore, affected by the following vulnerabilities : - Errors exist in the following dissectors that can cause the application to crash : - CUPS CVE-2014-6425 - HIP CVE-2014-6426 - MEGACO CVE-2014-6423 - Netflow...