84 matches found
Wireshark <= 1.8.12/1.10.5 wiretap/mpeg.c Stack Buffer Overflow
No description provided by source. Exploit Title: Wireshark 1.8.12/1.10.5 wiretap/mpeg.c Stack Buffer Overflow Date: 24/04/2014 Exploit Author: j0sm1 Vendor Homepage: www.wireshark.org Software Link: http://wireshark.askapache.com/download/win32/all-versions/ Version: 1.8.12/1.10.5 Tested on:...
wireshark: DoS (application crash) in the Netmon file parser (wnpa-sec-2013-51) (A different flaw than CVE-2013-4933)
The netmonopen function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize certain structure members, which allows remote attackers to cause a denial of service application crash via a crafted packet-trace file...
French intelligence agency gets complete access to Orange Telecom Data
Another leak from Edward Snowden files, but this time not about the NSA, rather the documents revealed that France's central intelligence agency, the DGSE has complete and unconditional access to all of telecom giant Orange’s data, not just metadata. Yes! It is the same Orange company who...
Mozilla Thunderbird - WireTap Remote 0Day Vulnerability
Document Title: =============== Mozilla Thunderbird - WireTap Remote 0Day Vulnerability References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1182 View: http://www.youtube.com/watch?v=mqZ4eY2th0s Advisory: http://www.vulnerability-lab.com/getcontent.php?id=967 Release Date:...
Mozilla Thunderbird - WireTap Remote 0Day Vulnerability
Document Title: =============== Mozilla Thunderbird - WireTap Remote 0Day Vulnerability References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1182 View: http://www.youtube.com/watch?v=mqZ4eY2th0s Advisory: http://www.vulnerability-lab.com/getcontent.php?id=967 Release Date:...
FBI demands SSL Keys from Secure-Email provider Lavabit in Espionage probe
During the summer, The Secure email provider 'Lavabit' and preferred service for PRISM leaker Edward Snowden decided to shut down after 10 years to avoid being complicit in crimes against the American people. The U.S. Government obtained a secret court order demanding private SSL key from Lavabit...
Decision in Street View WiFi Case Could Hinder Some Security Research
The decision by the Ninth Circuit Court last week to allow the class-action suit against Google over its collection of WiFi data to continue was welcomed as good news by privacy advocates, but it may have considerable consequences for security researchers who collect such data during legitimate...
UBUNTU-CVE-2013-4934
The netmonopen function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize certain structure members, which allows remote attackers to cause a denial of service application crash via a crafted packet-trace file...
Obama Expands Surveillance to Critical Infrastructure
A little-known policy through which the Departments of Justice, Defense, and Homeland Security offered prosecutorial immunity to companies that helped the U.S. military monitor Internet traffic on the private networks of defense contractors has reportedly been expanded by Executive Order to inclu...
New Verizon Marketing Initiative May Violate Users' Privacy
Verizon has drawn the ire of its customers and privacy advocates this week because a new initiative launched by the telecom company may violate users’ privacy. A new marketing program dubbed Precision Market Insights extracts information about Verizon’s customers on Android and iOS platforms...
Wireshark Multiple Vulnerabilities March-11 (Mac OS X)
The host is installed with Wireshark and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbwiresharkmultvulnmar11macosx.nasl 5977 2017-04-19 09:02:22Z teissa $ Wireshark Multiple Vulnerabilities March-11 Mac OS X Authors: Madhuri D Copyright: Copyright c 2012 Greenbone...
DEBIAN-CVE-2011-0024
Heap-based buffer overflow in wiretap/pcapng.c in Wireshark before 1.2 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted capture file...
wireshark: heap-based buffer overflow in wireshark < 1.2 when reading malformed capture files
Heap-based buffer overflow in wiretap/pcapng.c in Wireshark before 1.2 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted capture file...
CVE-2011-0713
Heap-based buffer overflow in wiretap/dct3trace.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a long record in a Nokia DCT3 trace file...
CVE-2011-0713
Heap-based buffer overflow in wiretap/dct3trace.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a long record in a Nokia DCT3 trace file...
The Folly of Internet Wiretapping
The last 10 years have seen a great number of advancements in the sophistication and usability of strong encryption programs, and many people now use encrypted messaging services by default. This has made it much simpler for people to keep their private thoughts and data private and secure, and n...
Mandriva Security Advisory MDVSA-2009:292-1 (wireshark)
The remote host is missing an update to wireshark announced via advisory MDVSA-2009:292-1. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...
SuSE 11 Security Update : wireshark (SAT Patch Number 1606)
Version upgrade of wireshark fix multiple vulnerabilities : - The Paltalk dissector could crash on alignment-sensitive processors. CVE-2009-3549: CVSS v2 Base Score: 5.0 MEDIUM - The DCERPC/NT dissector could crash. CVE-2009-3550: CVSS v2 Base Score: 4.3 MEDIUM - The SMB dissector could crash...
Mandriva Linux Security Advisory : wireshark (MDVSA-2009:292-1)
"Vulnerabilities have been discovered and corrected in wireshark, affecting DCERPC/NT dissector, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a file that records a malformed packet trace CVE-2009-3550 %NASLMINLEVEL 70300 C Tenable...
openSUSE Security Update : wireshark (wireshark-1600)
Version upgrade of wireshark fix multiple vulnerabilities : - CVE-2009-3549: CVSS v2 Base Score: 5.0 MEDIUM The Paltalk dissector could crash on alignment-sensitive processors. - CVE-2009-3550: CVSS v2 Base Score: 4.3 MEDIUM The DCERPC/NT dissector could crash. - CVE-2009-3551: CVSS v2 Base Score...