27 matches found
CVE-2023-4513
A denial of service vulnerability was found in Wireshark due to a memory leak in the Bluetooth SDP dissector. This issue may allow a remote attacker to induce a crash in Wireshark by injecting a malformed packet onto the wire or persuading someone to read a corrupted packet trace file...
Wireshark Security Update (wnpa-sec-2023-08) - Linux
Wireshark is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark"...
Wireshark 3.4.x < 3.4.5 A Vulnerability (macOS)
The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 3.4.5. It is, therefore, affected by a vulnerability as referenced in the wireshark-3.4.5 advisory. - Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows denial o...
[ASA-202103-2] wireshark-qt: arbitrary code execution
Arch Linux Security Advisory ASA-202103-2 ========================================= Severity: Medium Date : 2021-03-13 CVE-ID : CVE-2021-22191 Package : wireshark-qt Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1669 Summary ======= The package wireshark-q...
Wireshark 3.4.x < 3.4.3 Multiple Vulnerabilities
The version of Wireshark installed on the remote Windows host is prior to 3.4.3. It is, therefore, affected by vulnerabilities as referenced in the wireshark-3.4.3 advisory. - The USB HID dissector could leak memory. It may be possible to make Wireshark consume excessive CPU resources by injectin...
Wireshark 2.6.x < 2.6.15 Multiple Vulnerabilities (macOS)
The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.6.15. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.6.15 advisory. - In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak...
Wireshark 2.4.x < 2.4.14 Multiple Vulnerabilities (macOS)
The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.4.14. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.4.14 advisory. - In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DCERPC SPOOLSS dissector could crash. Th...
KLA11095 Denial of service vulnerability in Wireshark
A buffer overflow vulnerability was found in the Profinet I/O dissector in Wireshark. By exploiting this vulnerability malicious users can cause a denial of service. This vulnerability can be exploited remotely via a specially designed packet, which is injected onto the wire, or by convincing a...
Wireshark 1.12.x < 1.12.13 Multiple Vulnerabilities
The version of Wireshark installed on the remote Windows host is prior to 1.12.13. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-1.12.13 advisory. - The NDS dissector could crash. It may be possible to make Wireshark crash by injecting a malformed packet on...
Wireshark 1.12.x < 1.12.7 Multiple DoS (Mac OS X)
The version of Wireshark installed on the remote Mac OS X host is 1.12.x prior to 1.12.7. It is, therefore, affected by multiple denial of service vulnerabilities : - An unspecified flaw exists that is triggered when adding an item to the protocol tree. A remote attacker can exploit this, via a...
Wireshark 1.12.x < 1.12.7 Multiple DoS
The version of Wireshark installed on the remote Windows host is 1.12.x prior to 1.12.7. It is, therefore, affected by multiple denial of service vulnerabilities : - An unspecified flaw exists that is triggered when adding an item to the protocol tree. A remote attacker can exploit this, via a...
KLA10637 Multiple vulnerabilities in Wireshark
Multiple vulnerabilities have been found in Wireshark. Malicious users can exploit these vulnerabilities remotely to cause a denial of service via a specially crafted packet trace file. Below is a complete list of vulnerabilities 1. The deemergnumlist function and the debcdnum function in...
wireshark-qt: denial of service
CVE-2015-3808 denial of service There is an infinite loop condition in dissectlbmrpser in epan/dissectors/packet-lbmr.c. It's possible for an attacker to set the the variable 'optionlen' to 0, causing the loop to never terminate. This issue is leading to excessive CPU resources consumption by...
CVE-2014-4174
wiretap/libpcap.c in the libpcap file parser in Wireshark 1.10.x before 1.10.4 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted packet-trace file that includes a large packet...
Memory corruption
wiretap/libpcap.c in the libpcap file parser in Wireshark 1.10.x before 1.10.4 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted packet-trace file that includes a large packet...
UBUNTU-CVE-2014-4174
wiretap/libpcap.c in the libpcap file parser in Wireshark 1.10.x before 1.10.4 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted packet-trace file that includes a large packet...
CVE-2014-4174
wiretap/libpcap.c in the libpcap file parser in Wireshark 1.10.x before 1.10.4 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted packet-trace file that includes a large packet...
Wireshark DECT Dissector Stack Buffer Overflow - Ver2 (CVE-2011-1591)
A stack buffer overflow vulnerability has been reported in Wireshark DECT dissector. The vulnerability is caused due to improper bounds checking. A remote attacker can exploit this vulnerability by enticing a user to read a specially crafted packet trace file. Successful exploitation would allow ...
CVE-2013-4933
The netmonopen function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not properly allocate memory, which allows remote attackers to cause a denial of service application crash via a crafted packet-trace file...
Memory corruption
The netmonopen function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not properly allocate memory, which allows remote attackers to cause a denial of service application crash via a crafted packet-trace file...