CVE-2016-2398

Comcast XFINITY Home Security System does not properly maintain base-station communication, which allows physically proximate attackers to defeat sensor functionality by interfering with ZigBee 2.4 GHz transmissions...

Comcast Xfinity home security system is exposed to serious vulnerabilities-vulnerability warning-the black bar safety net

Recently, researchers found that Comcast Xfinity home security system a security vulnerability exists, an attacker can not trigger the alarm of the premise into the user homes. Comcast（Comcast is the largest U.S. cable TV company, but also broadband Internet and IP telephony service provider...

Wireshark 1.12.x < 1.12.9 Multiple DoS

The version of Wireshark installed on the remote Windows host is 1.12.x prior to 1.12.9. It is, therefore, affected by multiple denial of service vulnerabilities in the following components : - 802.11 dissector - AllJoyn dissector - ANSI A dissector - Ascend file parser - BER dissector - DCOM...

Comcast's Xfinity Home Security System Vulnerability

Update Comcast’s Xfinity Home Security System is vulnerable to attacks that interfere with its ability to detect and alert to home intrusions. Researchers at Rapid7 today disclosed the issue after fruitless attempts to contact and report the problem to Comcast dating back to Nov. 2; Rapid7 did...

Wireshark ZigBee ZCL Parser Denial of Service Vulnerability

Wireshark is the most popular network protocol parser. Wireshark version 2.0.x prior to 2.0.1 and version 1.12.x prior to 1.12.9 ZigBee ZCL parser epan/dissectors/packet-zbee-zcl-general.c in the dissectzclpwrprof pwrprofstatersp function fails to properly validate the general profile number fiel...

Comcast XFINITY Home Security fails to properly handle wireless communications disruption

Overview Comcast XFINITY Home Security does not fail securely, which may be leveraged to avoid triggering alarm events. Description CWE-636: Not Failing Securely 'Failing Open'Comcast XFINITY Home Security system components use the ZigBee communication protocol over a 2.4 GHz radio frequency band...

DEBIAN-CVE-2015-8732

The dissectzclpwrprofpwrprofstatersp function in epan/dissectors/packet-zbee-zcl-general.c in the ZigBee ZCL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the Total Profile Number field, which allows remote attackers to cause a denial of service out-of-bound...

CVE-2015-8732

The dissectzclpwrprofpwrprofstatersp function in epan/dissectors/packet-zbee-zcl-general.c in the ZigBee ZCL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the Total Profile Number field, which allows remote attackers to cause a denial of service out-of-bound...

Out-of-bounds

The dissectzclpwrprofpwrprofstatersp function in epan/dissectors/packet-zbee-zcl-general.c in the ZigBee ZCL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the Total Profile Number field, which allows remote attackers to cause a denial of service out-of-bound...

UBUNTU-CVE-2015-8732

The dissectzclpwrprofpwrprofstatersp function in epan/dissectors/packet-zbee-zcl-general.c in the ZigBee ZCL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the Total Profile Number field, which allows remote attackers to cause a denial of service out-of-bound...

CVE-2015-8732

The dissectzclpwrprofpwrprofstatersp function in epan/dissectors/packet-zbee-zcl-general.c in the ZigBee ZCL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the Total Profile Number field, which allows remote attackers to cause a denial of service out-of-bound...

CVE-2015-8732

CVE-2015-8732 affects Wireshark 1.12.x (before 1.12.9) and 2.0.x (before 2.0.1). The ZigBee ZCL general dissector (epan/dissectors/packet-zbee-zcl-general.c) fails to validate the Total Profile Number field, enabling a crafted packet to trigger an out-of-bounds read and cause an application crash...

wireshark: ZigBee dissector crash (wnpa-sec-2015-24)

The dissectzbeesecure function in epan/dissectors/packet-zbee-security.c in the ZigBee dissector in Wireshark 1.12.x before 1.12.7 improperly relies on length fields contained in packet data, which allows remote attackers to cause a denial of service application crash via a crafted packet...

[SECURITY] [DSA 3367-1] wireshark security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3367-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 24, 2015 https://www.debian.org/security/faq -...

SUSE SLED12 / SLES12 Security Update : wireshark (SUSE-SU-2015:1713-1)

Wireshark has been updated to 1.12.7. FATE319388 The following vulnerabilities have been fixed : - Wireshark could crash when adding an item to the protocol tree. wnpa-sec-2015-21 CVE-2015-6241 - Wireshark could attempt to free invalid memory. wnpa-sec-2015-22 CVE-2015-6242 - Wireshark could cras...

SUSE SLES11 Security Update : wireshark (SUSE-SU-2015:1676-1)

Wireshark has been updated to 1.12.7. FATE319388 The following vulnerabilities have been fixed : - Wireshark could crash when adding an item to the protocol tree. wnpa-sec-2015-21 CVE-2015-6241 - Wireshark could attempt to free invalid memory. wnpa-sec-2015-22 CVE-2015-6242 - Wireshark could cras...

SUSE SLED11 Security Update : wireshark (SUSE-SU-2015:1676-2)

Wireshark has been updated to 1.12.7. FATE319388 The following vulnerabilities have been fixed : - Wireshark could crash when adding an item to the protocol tree. wnpa-sec-2015-21 CVE-2015-6241 - Wireshark could attempt to free invalid memory. wnpa-sec-2015-22 CVE-2015-6242 - Wireshark could cras...

[SECURITY] [DSA 3367-1] wireshark security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3367-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 24, 2015 https://www.debian.org/security/faq -...

DSA-3367-1 wireshark - security update

Bulletin has no description...

Debian Security Advisory DSA 3367-1 (wireshark - security update)

Multiple vulnerabilities were discovered in the dissectors/parsers for ZigBee, GSM RLC/MAC, WaveAgent, ptvcursor, OpenFlow, WCCP and in internal functions which could result in denial of service. OpenVAS Vulnerability Test $Id: deb3367.nasl 6609 2017-07-07 12:05:59Z cfischer $ Auto-generated from...