Wireshark

Wireshark

680 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2013-4074

Exploit
  • EPSS 33.48%
  • Veröffentlicht 09.06.2013 21:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The dissect_capwap_data function in epan/dissectors/packet-capwap.c in the CAPWAP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 incorrectly uses a -1 data value to represent an error condition, which allows remote attackers to cau...

5

CVE-2013-4075

  • EPSS 0.57%
  • Veröffentlicht 09.06.2013 21:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

epan/dissectors/packet-gmr1_bcch.c in the GMR-1 BCCH dissector in Wireshark 1.8.x before 1.8.8 does not properly initialize memory, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

5

CVE-2013-4076

  • EPSS 1.05%
  • Veröffentlicht 09.06.2013 21:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Buffer overflow in the dissect_iphc_crtp_fh function in epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (application crash) via a crafted packet.

5

CVE-2013-4077

  • EPSS 1.06%
  • Veröffentlicht 09.06.2013 21:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Array index error in the NBAP dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to nbap.cnf and packet-nbap.c.

5

CVE-2013-4078

  • EPSS 1.43%
  • Veröffentlicht 09.06.2013 21:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

epan/dissectors/packet-rdp.c in the RDP dissector in Wireshark 1.8.x before 1.8.8 does not validate return values during checks for data availability, which allows remote attackers to cause a denial of service (application crash) via a crafted packet...

5

CVE-2013-4079

  • EPSS 0.84%
  • Veröffentlicht 09.06.2013 21:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The dissect_schedule_message function in epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (infinite loop and application hang) via a crafted packet.

5

CVE-2013-4080

  • EPSS 0.84%
  • Veröffentlicht 09.06.2013 21:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The dissect_r3_upstreamcommand_queryconfig function in epan/dissectors/packet-assa_r3.c in the Assa Abloy R3 dissector in Wireshark 1.8.x before 1.8.8 does not properly handle a zero-length item, which allows remote attackers to cause a denial of ser...

5

CVE-2013-4081

  • EPSS 1.26%
  • Veröffentlicht 09.06.2013 21:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The http_payload_subdissector function in epan/dissectors/packet-http.c in the HTTP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 does not properly determine when to use a recursive approach, which allows remote attackers to cause...

5

CVE-2013-4082

  • EPSS 1.54%
  • Veröffentlicht 09.06.2013 21:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The vwr_read function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.8 does not validate the relationship between a record length and a trailer length, which allows remote attackers to cause a denial of service (hea...

5

CVE-2013-4083

  • EPSS 0.58%
  • Veröffentlicht 09.06.2013 21:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.6.x before 1.6.16, 1.8.x before 1.8.8, and 1.10.0 does not validate a certain fragment length value, which allows remote attackers to cause a denia...