Lucene search
K

22 matches found

F5 Networks
F5 Networks
added 2023/02/21 8:2 p.m.50 views

K15868: Multiple Wireshark vulnerabilities

Security Advisory Description CVE-2013-4074 The dissectcapwapdata function in epan/dissectors/packet-capwap.c in the CAPWAP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 incorrectly uses a -1 data value to represent an error condition, which allows remote attackers to cause a...

7.8CVSS6.9AI score0.60643EPSS
Exploits7Affected Software19
SUSE CVE
SUSE CVE
added 2023/02/15 5:36 a.m.5 views

SUSE CVE-2013-4083

The dissectpft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.6.x before 1.6.16, 1.8.x before 1.8.8, and 1.10.0 does not validate a certain fragment length value, which allows remote attackers to cause a denial of service application crash via a crafted...

5CVSS7.3AI score0.03279EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.17 views

Mageia: Security Advisory (MGASA-2013-0180)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS7.6AI score0.60643EPSS
Exploits7References9
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.23 views

SUSE: Security Advisory (SUSE-SU-2013:1276-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6AI score0.60643EPSS
Exploits12References4
Veracode
Veracode
added 2019/05/02 4:58 a.m.30 views

Denial Of Service (DoS)

Wireshark, previously known as Ethereal, is a network protocol analyzer. It is used to capture and browse the traffic running on a computer network. Two flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly,...

7.8CVSS6.7AI score0.037EPSS
Exploits11References19Affected Software1
Veracode
Veracode
added 2019/05/02 4:58 a.m.36 views

Integer Overflow

Wireshark, previously known as Ethereal, is a network protocol analyzer. It is used to capture and browse the traffic running on a computer network. Two flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly,...

7.8CVSS6.7AI score0.037EPSS
Exploits11References19Affected Software1
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.38 views

Oracle: Security Advisory (ELSA-2014-0341)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS6.3AI score0.47422EPSS
Exploits16References2
OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.35 views

Amazon Linux: Security Advisory (ALAS-2013-251)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.6AI score0.037EPSS
Exploits11References2
Tenable Nessus
Tenable Nessus
added 2014/11/28 12:0 a.m.49 views

F5 Networks BIG-IP : Multiple Wireshark vulnerabilities (K15868)

CVE-2013-4074 The dissectcapwapdata function in epan/dissectors/packet-capwap.c in the CAPWAP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 incorrectly uses a -1 data value to represent an error condition, which allows remote attackers to cause a denial of service application...

7.8CVSS6.9AI score0.60643EPSS
Exploits7References28
Tenable Nessus
Tenable Nessus
added 2014/04/01 12:0 a.m.39 views

Scientific Linux Security Update : wireshark on SL5.x i386/x86_64 (20140331)

Multiple flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. CVE-2013-3559, CVE-2013-4083, CVE-2014-2281, CVE-2014-2299 Several denial of service flaws...

9.3CVSS6.6AI score0.47422EPSS
Exploits16References19
Tenable Nessus
Tenable Nessus
added 2014/04/01 12:0 a.m.35 views

Oracle Linux 5 : wireshark (ELSA-2014-0341)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-0341 advisory. 1.0.15-6.0.1.el5 - Added oracle-ocfs2-network.patch - increase max packet size to 65536 Herbert van den Bergh orabug 13542633 1.0.15-6 - security patch...

9.3CVSS6.5AI score0.47422EPSS
Exploits16References19
Cent OS
Cent OS
added 2014/03/31 5:51 p.m.71 views

wireshark security update

CentOS Errata and Security Advisory CESA-2014:0341 Updated wireshark packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS...

9.3CVSS6.9AI score0.47422EPSS
Exploits16References7
RedHat Linux
RedHat Linux
added 2014/03/31 4:31 p.m.36 views

Moderate: Red Hat Security Advisory: wireshark security update

Updated wireshark packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, a...

9.3CVSS6.9AI score0.47422EPSS
Exploits16References19
Tenable Nessus
Tenable Nessus
added 2013/12/10 12:0 a.m.31 views

Amazon Linux AMI : wireshark (ALAS-2013-251)

Two flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. CVE-2013-3559 , CVE-2013-4083 Several denial of service flaws were found in Wireshark. Wireshar...

7.8CVSS6.7AI score0.037EPSS
Exploits11References27
OpenVAS
OpenVAS
added 2013/10/03 12:0 a.m.32 views

Fedora Update for wireshark FEDORA-2013-17661

Check for the Version of wireshark OpenVAS Vulnerability Test Fedora Update for wireshark FEDORA-2013-17661 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

7.8CVSS0.1AI score0.60643EPSS
Exploits12References2
Tenable Nessus
Tenable Nessus
added 2013/07/28 12:0 a.m.46 views

SuSE 11.2 / 11.3 Security Update : wireshark (SAT Patch Numbers 8044 / 8045)

This wireshark version update to 1.8.8 includes several security and general bug fixes. Version update to 1.8.8 bnc824900 : - vulnerabilities fixed : - The CAPWAP dissector could crash. wnpa-sec-2013-32. CVE-2013-4074 - The GMR-1 BCCH dissector could crash. wnpa-sec-2013-33. CVE-2013-4075 - The P...

7.8CVSS7AI score0.60643EPSS
Exploits12References45
OSV
OSV
added 2013/06/26 6:8 p.m.9 views

MGASA-2013-0181 Updated wireshark packages fix multiple security vulnerabilities

The CAPWAP dissector could crash CVE-2013-4074. The GMR-1 BCCH dissector could crash CVE-2013-4075. The PPP dissector could crash CVE-2013-4076. The NBAP dissector could crash CVE-2013-4077. The RDP dissector could crash CVE-2013-4078. The GSM CBCH dissector could crash CVE-2013-4079. The Assa...

5CVSS6AI score0.60643EPSS
Exploits7References14
securityvulns
securityvulns
added 2013/06/17 12:0 a.m.78 views

[ MDVSA-2013:172 ] wireshark

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:172 http://www.mandriva.com/en/support/security/ Package : wireshark Date : June 12, 2013 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: Multiple vulnerabilities has been found and...

5CVSS7.8AI score0.60643EPSS
Exploits8
UbuntuCve
UbuntuCve
added 2013/06/09 9:55 p.m.24 views

CVE-2013-4083

The dissectpft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.6.x before 1.6.16, 1.8.x before 1.8.8, and 1.10.0 does not validate a certain fragment length value, which allows remote attackers to cause a denial of service application crash via a crafted...

5CVSS7.1AI score0.03279EPSS
Exploits0References7
CVE
CVE
added 2013/06/09 9:0 p.m.78 views

CVE-2013-4083

The CVE-2013-4083 issue affects Wireshark’s DCP ETSI dissector (function dissect_pft in epan/dissectors/packet-dcp-etsi.c). It can crash the application (denial of service) when processing crafted packets due to failure to validate a fragment length value. Impacted releases: Wireshark 1.6.x befor...

5CVSS6.3AI score0.03279EPSS
Exploits0References17Affected Software1
Rows per page
Query Builder