Wireshark

Wireshark

689 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2008-4682

  • EPSS 6.01%
  • Veröffentlicht 22.10.2008 18:00:01
  • Zuletzt bearbeitet 09.04.2025 00:30:58

wtap.c in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application abort) via a malformed Tamos CommView capture file (aka .ncf file) with an "unknown/unexpected packet type" that triggers a failed assertion.

5

CVE-2008-4683

Exploit
  • EPSS 3.33%
  • Veröffentlicht 22.10.2008 18:00:01
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The dissect_btacl function in packet-bthci_acl.c in the Bluetooth ACL dissector in Wireshark 0.99.2 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via a packet with an invalid length, related to an err...

4.3

CVE-2008-4684

  • EPSS 1.05%
  • Veröffentlicht 22.10.2008 18:00:01
  • Zuletzt bearbeitet 09.04.2025 00:30:58

packet-frame in Wireshark 0.99.2 through 1.0.3 does not properly handle exceptions thrown by post dissectors, which allows remote attackers to cause a denial of service (application crash) via a certain series of packets, as demonstrated by enabling ...

5

CVE-2008-4685

  • EPSS 1.1%
  • Veröffentlicht 22.10.2008 18:00:01
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Use-after-free vulnerability in the dissect_q931_cause_ie function in packet-q931.c in the Q.931 dissector in Wireshark 0.10.3 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via certain packets that tr...

5

CVE-2008-3932

  • EPSS 0.73%
  • Veröffentlicht 04.09.2008 19:41:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allows attackers to cause a denial of service (hang) via a crafted NCP packet that triggers an infinite loop.

3.3

CVE-2008-3933

  • EPSS 0.17%
  • Veröffentlicht 04.09.2008 19:41:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Wireshark (formerly Ethereal) 0.10.14 through 1.0.2 allows attackers to cause a denial of service (crash) via a packet with crafted zlib-compressed data that triggers an invalid read in the tvb_uncompress function.

3.3

CVE-2008-3934

  • EPSS 0.17%
  • Veröffentlicht 04.09.2008 19:41:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Unspecified vulnerability in Wireshark (formerly Ethereal) 0.99.6 through 1.0.2 allows attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file.

10

CVE-2008-3146

  • EPSS 1.78%
  • Veröffentlicht 02.09.2008 14:24:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple buffer overflows in packet_ncp2222.inc in Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted NCP packet that causes an invalid ...

5

CVE-2008-3145

  • EPSS 2.42%
  • Veröffentlicht 16.07.2008 18:41:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The fragment_add_work function in epan/reassemble.c in Wireshark 0.8.19 through 1.0.1 allows remote attackers to cause a denial of service (crash) via a series of fragmented packets with non-sequential fragmentation offset values, which lead to a buf...

4.3

CVE-2008-3137

Exploit
  • EPSS 2.92%
  • Veröffentlicht 10.07.2008 23:41:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The GSM SMS dissector in Wireshark (formerly Ethereal) 0.99.2 through 1.0.0 allows remote attackers to cause a denial of service (application crash) via unknown vectors.