3 matches found
wireshark: Invalid free in the DCP ETSI dissector (wnpa-sec-2013-41)
The dissectpft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.6.x before 1.6.16, 1.8.x before 1.8.8, and 1.10.0 does not validate a certain fragment length value, which allows remote attackers to cause a denial of service application crash via a crafted...
Penetration Tester XSSer v1.0 - New Version Download
All of you web application penetration testers, check out this release of XSSer version 1.0! From this release, the author plans to rename XSSer to "The Mosquito". Our first post regarding XSSer can be found here. "XSSer is an open source penetration testing tool that automates the process of...
Wireshark loops infinitely when inspecting DCP ETSI traffic
Wireshark 0.99.5 allows remote attackers to cause a denial of service memory consumption via a malformed DCP ETSI packet that triggers an infinite loop...