Wireshark

Wireshark

680 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2014-6426

  • EPSS 0.27%
  • Veröffentlicht 20.09.2014 10:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The dissect_hip_tlv function in epan/dissectors/packet-hip.c in the HIP dissector in Wireshark 1.12.x before 1.12.1 does not properly handle a NULL tree, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.

5

CVE-2014-6427

  • EPSS 1.33%
  • Veröffentlicht 20.09.2014 10:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Off-by-one error in the is_rtsp_request_or_reply function in epan/dissectors/packet-rtsp.c in the RTSP dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service (application crash) via ...

5

CVE-2014-6428

  • EPSS 0.56%
  • Veröffentlicht 20.09.2014 10:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The dissect_spdu function in epan/dissectors/packet-ses.c in the SES dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not initialize a certain ID value, which allows remote attackers to cause a denial of service (application...

5

CVE-2014-6429

  • EPSS 1.87%
  • Veröffentlicht 20.09.2014 10:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not properly handle empty input data, which allows remote attackers to cause a denial of service (ap...

5

CVE-2014-6430

  • EPSS 1.87%
  • Veröffentlicht 20.09.2014 10:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not validate bitmask data, which allows remote attackers to cause a denial of service (application c...

5

CVE-2014-6431

  • EPSS 1.53%
  • Veröffentlicht 20.09.2014 10:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Buffer overflow in the SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service (application crash) via a crafted...

5

CVE-2014-6432

  • EPSS 1.64%
  • Veröffentlicht 20.09.2014 10:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not prevent data overwrites during copy operations, which allows remote attackers to cause a denial ...

5

CVE-2014-5161

  • EPSS 0.22%
  • Veröffentlicht 01.08.2014 11:13:10
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The dissect_log function in plugins/irda/packet-irda.c in the IrDA dissector in Wireshark 1.10.x before 1.10.9 does not properly strip '\n' characters, which allows remote attackers to cause a denial of service (buffer underflow and application crash...

5

CVE-2014-5162

  • EPSS 0.22%
  • Veröffentlicht 01.08.2014 11:13:10
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The read_new_line function in wiretap/catapult_dct2000.c in the Catapult DCT2000 dissector in Wireshark 1.10.x before 1.10.9 does not properly strip '\n' and '\r' characters, which allows remote attackers to cause a denial of service (off-by-one buff...

5

CVE-2014-5163

Exploit
  • EPSS 0.74%
  • Veröffentlicht 01.08.2014 11:13:10
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The APN decode functionality in (1) epan/dissectors/packet-gtp.c and (2) epan/dissectors/packet-gsm_a_gm.c in the GTP and GSM Management dissectors in Wireshark 1.10.x before 1.10.9 does not completely initialize a certain buffer, which allows remote...