163 matches found
EUVD-2005-1460
Malware in sbrugna...
ROS-20241001-08
Vulnerability of SPRT dissector of Wireshark computer network traffic analyzer related to access to an uninitialized pointer. uninitialized pointer. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service via packet injection or a specially crafted capture...
SUSE-SU-2024:3323-1 Security update for wireshark
This update for wireshark fixes the following issues: - CVE-2024-8250: Fixed NTLMSSP dissector crash bsc1229907. - CVE-2020-26421: Fixed USB HID dissector crash bsc1179933...
Updated wireshark packages fix security vulnerability
NTLMSSP dissector crash in Wireshark 4.2.0 to 4.2.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file. CVE-2024-8250...
SUSE-SU-2024:3250-1 Security update for wireshark
This update for wireshark fixes the following issues: - CVE-2024-8250: Fixed NTLMSSP dissector crash bsc1229907...
Wireshark Security Update (wnpa-sec-2024-11) - Windows
Wireshark is prone to an use after free vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark";...
CVE-2024-8250 Expired Pointer Dereference in Wireshark
NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file...
CVE-2024-8250
CVE-2024-8250 : NTLMSSP dissector crash in Wireshark causes DoS via packet injection or crafted capture files. Affected: Wireshark versions 4.2.0–4.0.6 and 4.0.0–4.0.16. Root cause: crash in NTLMSSP dissector. Impact: Denial of Service (availability) as per sources. Remediation: upgrade to a newe...
CVE-2024-8250
NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file...
CVE-2024-8250 Expired Pointer Dereference in Wireshark
NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file...
CVE-2024-8250 Expired Pointer Dereference in Wireshark
NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file...
KLA73913 DoS vulnerability in Wireshark
Denial of service vulnerability was found in Wireshark. Malicious users can exploit this vulnerability to cause denial of service. Original advisories wnpa-sec-2024-11 · NTLMSSP dissector crash Exploitation Public exploits exist for this vulnerability. Related products Wireshark CVE list...
Wireshark 4.0.x < 4.0.17 A Vulnerability
The version of Wireshark installed on the remote Windows host is prior to 4.0.17. It is, therefore, affected by a vulnerability as referenced in the wireshark-4.0.17 advisory. - NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection o...
Wireshark 4.2.x < 4.2.7 A Vulnerability
The version of Wireshark installed on the remote Windows host is prior to 4.2.7. It is, therefore, affected by a vulnerability as referenced in the wireshark-4.2.7 advisory. - NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or...
Wireshark 4.2.x < 4.2.7 A Vulnerability (macOS)
The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 4.2.7. It is, therefore, affected by a vulnerability as referenced in the wireshark-4.2.7 advisory. - NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet...
CVE-2023-52440
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slub overflow in ksmbddecodentlmsspauthblob If authblob-SessionKey.Length is bigger than session key sizeCIFSKEYSIZE, slub overflow can happen in key exchange codes. cifsarc4crypt copy to session key array from...
CVE-2023-52440
CVE-2023-52440 affects the ksmbd component of the Linux kernel. Root cause: a slub overflow in ksmbd_decode_ntlmssp_auth_blob() when authblob->SessionKey.Length exceeds CIFS_KEY_SIZE, enabling overflow during key exchange (cifs_arc4_crypt copies from SessionKey). The fix introduces bounds prot...
CVE-2023-52440
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slub overflow in ksmbddecodentlmsspauthblob If authblob-SessionKey.Length is bigger than session key sizeCIFSKEYSIZE, slub overflow can happen in key exchange codes. cifsarc4crypt copy to session key array from...
Fedora: Security Advisory for gssntlmssp (FEDORA-2023-cb63c0f615)
The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 37 Update: gssntlmssp-1.2.0-1.fc37
A GSSAPI Mechanism that implements NTLMSSP...