Lucene search
K

84 matches found

OSV
OSV
added 2017/03/04 3:59 a.m.2 views

DEBIAN-CVE-2017-6467

In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a Netscaler file parser infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by changing the restrictions on file size...

7.5CVSS7.8AI score0.02594EPSS
Exploits0References1
OSV
OSV
added 2017/03/04 3:59 a.m.3 views

ALPINE-CVE-2017-6468

In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a NetScaler file parser crash, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by validating the relationship between pages and records...

7.5CVSS6.8AI score0.02594EPSS
Exploits0References1
OSV
OSV
added 2017/03/04 3:59 a.m.4 views

UBUNTU-CVE-2017-6468

In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a NetScaler file parser crash, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by validating the relationship between pages and records...

7.5CVSS7.1AI score0.02594EPSS
Exploits0References5
OSV
OSV
added 2017/03/04 3:59 a.m.24 views

CVE-2017-6474

In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a NetScaler file parser infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by validating record sizes...

7.5CVSS6.4AI score
Exploits0References5
Cvelist
Cvelist
added 2017/03/04 3:38 a.m.29 views

CVE-2017-6474

In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a NetScaler file parser infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by validating record sizes...

7.2AI score0.02949EPSS
Exploits0References5
Cvelist
Cvelist
added 2017/03/04 3:38 a.m.29 views

CVE-2017-6467

In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a Netscaler file parser infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by changing the restrictions on file size...

7.2AI score0.02594EPSS
Exploits0References5
Cvelist
Cvelist
added 2017/03/04 3:38 a.m.32 views

CVE-2017-6473

In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a K12 file parser crash, triggered by a malformed capture file. This was addressed in wiretap/k12.c by validating the relationships between lengths and offsets...

7.2AI score0.02667EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2017/03/04 3:38 a.m.80 views

CVE-2017-6473

In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a K12 file parser crash, triggered by a malformed capture file. This was addressed in wiretap/k12.c by validating the relationships between lengths and offsets...

7.5CVSS7.3AI score0.02667EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2017/03/04 3:38 a.m.56 views

CVE-2017-6467

In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a Netscaler file parser infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by changing the restrictions on file size...

7.5CVSS7.3AI score0.02594EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.6 views

The vulnerability of the Wireshark Network Protocol Analyzer software allows a remote attacker to compromise the accessibility of protected information.

A vulnerability exists in the SnifferDecompress function in the wireshark/Wireshark DOS sniffer processing module, located in the wiretap/ngsniffer.c file. This vulnerability arises due to improper handling of empty input data. Exploiting this vulnerability allows malicious individuals operating...

5CVSS5.5AI score0.03058EPSS
Exploits0References3Affected Software1
ThreatPost
ThreatPost
added 2016/03/14 4:14 p.m.9 views

WhatsApp Reportedly Next in DOJ's Battle on Crypto

If a report from this weekend’s New York Times is to be believed, the popular instant messaging platform WhatsApp may be the next technology company to find itself in the crosshairs of the Department of Justice and its war on crypto. Government officials are reportedly torn on how to proceed with...

7AI score
Exploits0References5
Prion
Prion
added 2016/02/28 4:59 a.m.16 views

Stack overflow

wiretap/nettrace3gpp32423.c in the 3GPP TS 32.423 Trace file parser in Wireshark 2.0.x before 2.0.2 does not ensure that a '\0' character is present at the end of certain strings, which allows remote attackers to cause a denial of service stack-based buffer overflow and application crash via a...

4.3CVSS7.3AI score0.01427EPSS
Exploits0References5Affected Software1
ArchLinux
ArchLinux
added 2016/01/09 12:0 a.m.66 views

wireshark-cli: denial of service

CVE-2015-8742 denial of service The dissectCPMSetBindings function in epan/dissectors/packet-mswsp.c in the MS-WSP dissector in Wireshark 2.0.x before 2.0.1 does not validate the column size, which allows remote attackers to cause a denial of service memory consumption or application crash via a...

4.3CVSS3.7AI score0.07142EPSS
Exploits14References25
OSV
OSV
added 2016/01/04 5:59 a.m.0 views

DEBIAN-CVE-2015-8733

The ngsnifferprocessrecord function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service...

5.5CVSS7.3AI score0.04362EPSS
Exploits1References1
Prion
Prion
added 2016/01/04 5:59 a.m.10 views

Out-of-bounds

wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and Modulation and Coding Scheme MCS data, which allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted file...

4.3CVSS6.8AI score0.04639EPSS
Exploits1References10Affected Software1
CVE
CVE
added 2016/01/04 2:0 a.m.84 views

CVE-2015-8733

CVE-2015-8733 affects the Wireshark dissector for Sniffer (wiretap/ngsniffer.c). The vulnerability arises because ngsniffer_process_record does not validate the relationship between the record length and the header length, enabling a crafted file to trigger an out-of-bounds read and crash the app...

5.5CVSS5.2AI score0.04362EPSS
Exploits1References8Affected Software1
CVE
CVE
added 2015/03/08 2:0 a.m.102 views

CVE-2015-2189

Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 are affected by CVE-2015-2189 due to an off-by-one error in pcapng_read in wiretap/pcapng.c. This causes an out-of-bounds read and potential denial of service when processing crafted packets with an invalid Interface Statistics Block (ISB) ...

5CVSS5.1AI score0.046EPSS
Exploits0References13Affected Software1
RedHat Linux
RedHat Linux
added 2014/10/21 7:41 p.m.3 views

wireshark: DOS Sniffer file parser flaw (wnpa-sec-2014-19)

Buffer overflow in the SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service application crash via a crafted file that triggers writes of uncompressed bytes...

5CVSS5.9AI score0.03409EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/10/21 7:41 p.m.4 views

wireshark: DOS Sniffer file parser flaw (wnpa-sec-2014-19)

The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not validate bitmask data, which allows remote attackers to cause a denial of service application crash via a crafted file...

5CVSS5.9AI score0.03058EPSS
Exploits0References5
OSV
OSV
added 2014/09/20 10:55 a.m.4 views

UBUNTU-CVE-2014-6431

Buffer overflow in the SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service application crash via a crafted file that triggers writes of uncompressed bytes...

5CVSS5.9AI score0.03409EPSS
Exploits0References3
Rows per page
Query Builder