Astra Linux - уязвимость в wireshark

Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows denial of service via packet injection or crafted capture file...

Wireshark 1.12.x < 1.12.13 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 1.12.13. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-1.12.13 advisory. - The NDS dissector could crash. It may be possible to make Wireshark crash by injecting a malformed...

Wireshark 2.0.x < 2.0.5 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.0.5. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.0.5 advisory. - CORBA IDL dissectors could crash on 64-bit Windows. It may be possible to make Wireshark crash by...

Wireshark 2.0.x < 2.0.11 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.0.11. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.0.11 advisory. - In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an IAX2 infinite loop, triggered by packet...

EUVD-2016-7428

Malware in sbrugna...

EUVD-2018-9964

Malware in sbrugna...

EUVD-2016-5085

Malware in sbrugna...

EUVD-2017-16723

Malware in sbrugna...

EUVD-2021-9887

Malicious code in bioql PyPI...

Researchers Discover Critical Remote Code Execution Flaw in vm2 Sandbox Library

The maintainers of the vm2 JavaScript sandbox module have shipped a patch to address a critical flaw that could be abused to break out of security boundaries and execute arbitrary shellcode. The flaw, which affects all versions, including and prior to 3.9.14, was reported by researchers from Sout...

SUSE CVE-2005-1468

Multiple unknown vulnerabilities in the 1 WSP, 2 Q.931, 3 H.245, 4 KINK, 5 MGCP, 6 RPC, 7 SMBMailslot, and 8 SMB NETLOGON dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service crash via unknown vectors that lead to a null dereference...

SUSE CVE-2005-3249

Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to 0.10.12 allows remote attackers to cause a denial of service or corrupt memory via unknown vectors that cause Ethereal to free an invalid pointer...

SUSE CVE-2016-4083

epan/dissectors/packet-mswsp.c in the MS-WSP dissector in Wireshark 2.0.x before 2.0.3 does not ensure that data is available before array allocation, which allows remote attackers to cause a denial of service application crash via a crafted packet...

SUSE CVE-2016-4084

Integer signedness error in epan/dissectors/packet-mswsp.c in the MS-WSP dissector in Wireshark 2.0.x before 2.0.3 allows remote attackers to cause a denial of service integer overflow and application crash via a crafted packet that triggers an unexpected array size...

SUSE CVE-2017-6471

In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a WSP infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wsp.c by validating the capability length...

SUSE CVE-2017-7748

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WSP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wsp.c by adding a length check...

SUSE CVE-2018-18227

In Wireshark 2.6.0 to 2.6.3 and 2.4.0 to 2.4.9, the MS-WSP protocol dissector could crash. This was addressed in epan/dissectors/packet-mswsp.c by properly handling NULL return values...

SUSE CVE-2021-22207

Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows denial of service via packet injection or crafted capture file...

FUSE - A Penetration Testing Tool For Finding File Upload Bugs

FUSE is a penetration testing system designed to identify Unrestricted Executable File Upload UEFU vulnerabilities. The details of the testing strategy is in our paper, "FUSE: Finding File Upload Bugs via Penetration Testing", which appeared in NDSS 2020. To see how to configure and execute FUSE,...

Denial Of Service (DoS)

wireshark is vulnerable to denial of service. The vulnerability exists due to excessive memory consumption in MS-WSP dissector...