Lucene search
K

42 matches found

Positive Technologies
Positive Technologies
added 2023/12/24 12:0 a.m.3 views

PT-2023-35665 · Git +1 · Ntopng

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-buffer-overflow read error. The crash occurs in the Flow::dissectMDNS function, which is called by...

6.8AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/11/25 12:0 a.m.3 views

PT-2023-35612 · Git +1 · Ntopng

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap buffer overflow read issue is identified, associated with a crash in the NetworkInterface::dissectPacket function, as indicated by the crash state...

7.4AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/09/16 12:0 a.m.3 views

PT-2023-8694 · Wireshark +1 · Wireshark +1

Name of the Vulnerable Software and Affected Versions: Wireshark versions prior to 4.2.0 Description: The issue is related to a buffer overflow in the dissect bgp open function of Wireshark when handling extended BGP parameter formats. This can be exploited by a remote attacker to cause a denial ...

7.8CVSS7.5AI score0.00979EPSS
Exploits0References17
Positive Technologies
Positive Technologies
added 2023/06/12 12:0 a.m.6 views

PT-2023-35870 · Git +1 · Ntopng

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow read issue was identified, potentially causing a crash. The crash occurs in the NetworkInterface::dissectPacket function, as...

6.9AI score
Exploits0References2
OSV
OSV
added 2023/03/30 1:0 p.m.12 views

OSV-2023-251 Stack-buffer-overflow in ext11_work_out_bundles

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=57494 Crash type: Stack-buffer-overflow WRITE 4 Crash state: ext11workoutbundles dissectorancsection dissectoran...

7.2AI score
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 5:38 a.m.3 views

SUSE CVE-2013-2486

The dissectdiagnosticrequest function in epan/dissectors/packet-reload.c in the REsource LOcation And Discovery aka RELOAD dissector in Wireshark 1.8.x before 1.8.6 uses an incorrect integer data type, which allows remote attackers to cause a denial of service infinite loop via crafted integer...

6.1CVSS7.5AI score0.01269EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 4:44 a.m.4 views

SUSE CVE-2017-9616

In Wireshark 2.2.7, overly deep mp4 chunks may cause stack exhaustion uncontrolled recursion in the dissectmp4box function in epan/dissectors/file-mp4.c...

5.5CVSS7.7AI score0.01033EPSS
Exploits0References3
ossfuzz
ossfuzz
added 2018/02/22 3:18 p.m.10 views

wireshark/fuzzshark_ip_proto-udp: Heap-buffer-overflow in dissect_rtcp_rtpfb_transport_cc

Project: https://code.wireshark.org/review/wireshark Detailed report: https://oss-fuzz.com/testcase?key=5763596639272960 Project: wireshark Fuzzer: libFuzzerwiresharkfuzzsharkipproto-udp Fuzz target binary: fuzzsharkipproto-udp Job Type: libfuzzerasanwireshark Platform Id: linux Crash Type:...

6.7AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/09/15 12:0 a.m.6 views

The vulnerability of the skb_flow_dissect function in the flow_dissector.c file of the kernel’s Linux operating system allows a attacker to cause a service failure or execute arbitrary code.

The vulnerability of the skbflowdissect function in the flowdissector.c file of the Linux kernel’s network subsystem is related to insufficient input validation. The function returns a value of true for the keycontrol protocol without setting values for nproto, ipproto, and thoff. Exploiting this...

10CVSS7.3AI score0.09652EPSS
Exploits0References7Affected Software1
ATTACKERKB
ATTACKERKB
added 2017/06/14 8:29 p.m.3 views

CVE-2017-9616

In Wireshark 2.2.7, overly deep mp4 chunks may cause stack exhaustion uncontrolled recursion in the dissectmp4box function in epan/dissectors/file-mp4.c...

5.5CVSS5.4AI score0.01033EPSS
Exploits0References4
0day.today
0day.today
added 2016/08/03 12:0 a.m.44 views

Wireshark 1.12.0 < 1.12.12 - NDS Dissector Denial of Service

Exploit for multiple platform in category dos / poc Sample generated with AFL Build Information: TShark 1.12.9 v1.12.9-0-gfadb421 from HEAD Copyright 1998-2015 Gerald Combs and contributors. This is free software; see the source for copying conditions. There is NO warranty; not even for...

4.3CVSS6.2AI score0.06593EPSS
Exploits1
Exploit DB
Exploit DB
added 2016/08/03 12:0 a.m.26 views

Wireshark 1.12.0 &lt; 1.12.12 - NDS Dissector Denial of Service

Sample generated with AFL Build Information: TShark 1.12.9 v1.12.9-0-gfadb421 from HEAD Copyright 1998-2015 Gerald Combs and contributors. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Compiled...

7.4AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.4 views

The vulnerability of the Wireshark Network Protocol Analyzer software allows a remote attacker to compromise the accessibility of protected information.

A vulnerability exists in the dissectspdu function within the SES dissector in Wireshark, due to the lack of initialization for a certain identifier. Exploiting this vulnerability allows malicious actors operating remotely to cause a service failure abrupt termination of an application by using a...

5CVSS5.5AI score0.0319EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.7 views

The vulnerability of the Wireshark Network Protocol Analyzer software allows a remote attacker to compromise the accessibility of protected information.

The vulnerability of Wireshark’s dissectframe function, located in the epan/dissectors/packet-frame.c file, stems from the use of negative integers as packet length values. Exploiting this vulnerability allows a remote attacker to cause a service failure abrupt termination of the application by...

4.3CVSS5.5AI score0.01413EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2014/09/20 10:55 a.m.1 views

DEBIAN-CVE-2014-6426

The dissecthiptlv function in epan/dissectors/packet-hip.c in the HIP dissector in Wireshark 1.12.x before 1.12.1 does not properly handle a NULL tree, which allows remote attackers to cause a denial of service infinite loop via a crafted packet...

5CVSS7.3AI score0.02377EPSS
Exploits0References1
OSV
OSV
added 2014/08/01 11:13 a.m.1 views

DEBIAN-CVE-2014-5161

The dissectlog function in plugins/irda/packet-irda.c in the IrDA dissector in Wireshark 1.10.x before 1.10.9 does not properly strip '\n' characters, which allows remote attackers to cause a denial of service buffer underflow and application crash via a crafted packet...

5CVSS7.2AI score0.02469EPSS
Exploits0References1
CVE
CVE
added 2013/07/29 7:0 p.m.66 views

CVE-2013-4922

CVE-2013-4922 is a double free vulnerability in the Wireshark DCOM ISystemActivator dissector (function dissect_dcom_sysact.c) affecting Wireshark 1.10.x before 1.10.1, leading to denial of service via crafted packets. Remediation: upgrade to Wireshark 1.10.1 or apply vendor patches; affected adv...

5CVSS6.3AI score0.03046EPSS
Exploits0References9Affected Software1
CVE
CVE
added 2013/05/25 1:0 a.m.69 views

CVE-2013-3558

CVE-2013-3558 affects Wireshark’s PPP CCP dissector in the 1.8.x line. The vulnerable component is the dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c, which fails to terminate a bit-field list, enabling remote attackers to crash the application via a malformed packet. The adviso...

5CVSS6.3AI score0.02102EPSS
Exploits0References13Affected Software1
RedHat Linux
RedHat Linux
added 2011/03/21 7:38 p.m.6 views

Wireshark: Multiple stack consumption vulnerabilities caused DoS via crafted SMB or CLDAP packet

Multiple stack consumption vulnerabilities in the dissectmscompressedstring and dissectmscldapstring functions in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allow remote attackers to cause a denial of service infinite recursion via a crafted 1 SMB or 2 Connection-less LDAP CLD...

4.3CVSS5.9AI score0.13064EPSS
Exploits3References4
RedHat Linux
RedHat Linux
added 2006/01/11 6:58 p.m.6 views

security flaw

Stack-based buffer overflow in the dissectospfv3addressprefix function in the OSPF protocol dissector in Ethereal 0.10.12, and possibly other versions, allows remote attackers to execute arbitrary code via crafted packets...

7.5CVSS6.4AI score0.06199EPSS
Exploits0References4
Rows per page
Query Builder