9 matches found
wireshark-gtk: denial of service
CVE-2016-2522: The dissectberconstrainedbitstring function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 2.0.x before 2.0.2 does not verify that a certain length is nonzero, which allows remote attackers to cause a denial of service out-of-bounds read and application...
Wireshark Multiple Denial-of-Service Vulnerabilities (Mar 2016) - Mac OS X
Wireshark is prone to multiple denial of service vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Wireshark 2.0.x < 2.0.2 Multiple Vulnerabilities (Mac OS X)
The version of Wireshark installed on the remote Mac OS X host is 2.0.x prior to 2.0.2. It is, therefore, affected by multiple vulnerabilities in the following components, which can result in a memory disclosure, a denial of service, or the execution of arbitrary code : - 3GPP TS 32.423 Trace fil...
Wireshark 2.0.x < 2.0.2 Multiple Vulnerabilities
The version of Wireshark installed on the remote Windows host is 2.0.x prior to 2.0.2. It is, therefore, affected by multiple vulnerabilities in the following components, which can result in a memory disclosure, a denial of service, or the execution of arbitrary code : - 3GPP TS 32.423 Trace file...
FreeBSD : wireshark -- multiple vulnerabilities (45117749-df55-11e5-b2bd-002590263bf5)
Wireshark development team reports : The following vulnerabilities have been fixed : - wnpa-sec-2016-02 ASN.1 BER dissector crash. Bug 11828 CVE-2016-2522 - wnpa-sec-2016-03 DNP dissector infinite loop. Bug 11938 CVE-2016-2523 - wnpa-sec-2016-04 X.509AF dissector crash. Bug 12002 CVE-2016-2524 -...
CVE-2016-2527
wiretap/nettrace3gpp32423.c in the 3GPP TS 32.423 Trace file parser in Wireshark 2.0.x before 2.0.2 does not ensure that a '\0' character is present at the end of certain strings, which allows remote attackers to cause a denial of service stack-based buffer overflow and application crash via a...
CVE-2016-2527
wiretap/nettrace3gpp32423.c in the 3GPP TS 32.423 Trace file parser in Wireshark 2.0.x before 2.0.2 does not ensure that a '\0' character is present at the end of certain strings, which allows remote attackers to cause a denial of service stack-based buffer overflow and application crash via a...
CVE-2016-2527
Wireshark 2.0.x before 2.0.2 is affected by CVE-2016-2527 in the 3GPP TS 32.423 Trace file parser (wiretap/nettrace_3gpp_32_423.c). The vulnerability arises because the parser does not ensure a trailing null ('\0') at the end of certain strings, enabling remote attackers to trigger a stack-based ...
wireshark -- multiple vulnerabilities
Wireshark development team reports: The following vulnerabilities have been fixed: wnpa-sec-2016-02 ASN.1 BER dissector crash. Bug 11828 CVE-2016-2522 wnpa-sec-2016-03 DNP dissector infinite loop. Bug 11938 CVE-2016-2523 wnpa-sec-2016-04 X.509AF dissector crash. Bug 12002 CVE-2016-2524...