Wireshark : Security Vulnerabilities, CVEs, Published In 2009 (Denial of service) CVSS score >= 1
The IPMI dissector in Wireshark 1.2.0 through 1.2.4 on Windows allows remote attackers to cause a denial of service (crash) via a crafted packet, related to "formatting a date/time using strftime."
Max CVSS
4.3
EPSS Score
0.22%
Published
2009-12-21
Updated
2017-09-19
The (1) SMB and (2) SMB2 dissectors in Wireshark 0.9.0 through 1.2.4 allow remote attackers to cause a denial of service (crash) via a crafted packet that triggers a NULL pointer dereference, as demonstrated by fuzz-2009-12-07-11141.pcap.
Max CVSS
4.3
EPSS Score
0.57%
Published
2009-12-21
Updated
2017-09-19
Buffer overflow in the daintree_sna_read function in the Daintree SNA file parser in Wireshark 1.2.0 through 1.2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet.
Max CVSS
9.3
EPSS Score
4.32%
Published
2009-12-21
Updated
2017-09-19
Integer overflow in wiretap/erf.c in Wireshark before 1.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted erf file, related to an "unsigned integer wrap vulnerability."
Max CVSS
9.3
EPSS Score
6.41%
Published
2009-10-30
Updated
2017-09-19
Off-by-one error in the dissect_negprot_response function in packet-smb.c in the SMB dissector in Wireshark 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace. NOTE: some of these details are obtained from third party information.
Max CVSS
5.0
EPSS Score
0.43%
Published
2009-10-30
Updated
2023-02-13
The DCERPC/NT dissector in Wireshark 0.10.10 through 1.0.9 and 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a file that records a malformed packet trace. NOTE: some of these details are obtained from third party information.
Max CVSS
4.3
EPSS Score
0.18%
Published
2009-10-30
Updated
2023-02-13
packet-paltalk.c in the Paltalk dissector in Wireshark 1.2.0 through 1.2.2, on SPARC and certain other platforms, allows remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace.
Max CVSS
5.0
EPSS Score
0.41%
Published
2009-10-30
Updated
2017-09-19
Unspecified vulnerability in the TLS dissector in Wireshark 1.2.0 and 1.2.1, when running on Windows, allows remote attackers to cause a denial of service (application crash) via unknown vectors related to TLS 1.2 conversations.
Max CVSS
5.0
EPSS Score
3.96%
Published
2009-09-18
Updated
2017-09-19
Unspecified vulnerability in packet.c in the GSM A RR dissector in Wireshark 1.2.0 and 1.2.1 allows remote attackers to cause a denial of service (application crash) via unknown vectors related to "an uninitialized dissector handle," which triggers an assertion failure.
Max CVSS
5.0
EPSS Score
3.96%
Published
2009-09-18
Updated
2017-09-19
Unspecified vulnerability in the OpcUa (OPC UA) dissector in Wireshark 0.99.6 through 1.0.8 and 1.2.0 through 1.2.1 allows remote attackers to cause a denial of service (memory and CPU consumption) via malformed OPCUA Service CallRequest packets.
Max CVSS
7.8
EPSS Score
7.06%
Published
2009-09-18
Updated
2017-09-19
Unspecified vulnerability in the Infiniband dissector in Wireshark 1.0.6 through 1.2.0, when running on unspecified platforms, allows remote attackers to cause a denial of service (crash) via unknown vectors.
Max CVSS
7.1
EPSS Score
0.22%
Published
2009-07-21
Updated
2017-09-19
Unspecified vulnerability in the AFS dissector in Wireshark 0.9.2 through 1.2.0 allows remote attackers to cause a denial of service (crash) via unknown vectors.
Max CVSS
5.0
EPSS Score
3.63%
Published
2009-07-21
Updated
2017-09-19
Unspecified vulnerability in the sFlow dissector in Wireshark 1.2.0 allows remote attackers to cause a denial of service (CPU and memory consumption) via unspecified vectors.
Max CVSS
5.0
EPSS Score
0.41%
Published
2009-07-21
Updated
2017-09-19
Multiple unspecified vulnerabilities in Wireshark 1.2.0 allow remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace and is processed by the (1) Bluetooth L2CAP, (2) RADIUS, or (3) MIOP dissector. NOTE: it was later reported that the RADIUS issue also affects 0.10.13 through 1.0.9.
Max CVSS
5.0
EPSS Score
0.34%
Published
2009-07-21
Updated
2017-09-19
Buffer overflow in the IPMI dissector in Wireshark 1.2.0 allows remote attackers to cause a denial of service (crash) via unspecified vectors related to an array index error. NOTE: some of these details are obtained from third party information.
Max CVSS
5.0
EPSS Score
0.30%
Published
2009-07-21
Updated
2017-09-19
Unspecified vulnerability in the PCNFSD dissector in Wireshark 0.8.20 through 1.0.7 allows remote attackers to cause a denial of service (crash) via crafted PCNFSD packets.
Max CVSS
5.0
EPSS Score
0.34%
Published
2009-05-29
Updated
2017-09-29
Unspecified vulnerability in Wireshark 0.99.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file.
Max CVSS
5.0
EPSS Score
0.34%
Published
2009-04-13
Updated
2018-10-10
The Check Point High-Availability Protocol (CPHAP) dissector in Wireshark 0.9.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FWHA_MY_STATE packet.
Max CVSS
4.3
EPSS Score
0.28%
Published
2009-04-13
Updated
2018-10-10
Unspecified vulnerability in the LDAP dissector in Wireshark 0.99.2 through 1.0.6, when running on Windows, allows remote attackers to cause a denial of service (crash) via unknown attack vectors.
Max CVSS
5.0
EPSS Score
0.33%
Published
2009-04-13
Updated
2018-10-10
Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local users to cause a denial of service (application crash) via format string specifiers in the HOME environment variable.
Max CVSS
2.1
EPSS Score
0.05%
Published
2009-02-16
Updated
2018-10-10
Wireshark 0.99.6 through 1.0.5 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted Tektronix K12 text capture file, as demonstrated by a file with exactly one frame.
Max CVSS
4.3
EPSS Score
0.61%
Published
2009-02-16
Updated
2018-10-10
Buffer overflow in wiretap/netscreen.c in Wireshark 0.99.7 through 1.0.5 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed NetScreen snoop file.
Max CVSS
5.0
EPSS Score
0.91%
Published
2009-02-16
Updated
2018-10-10
The WLCCP dissector in Wireshark 0.99.7 through 1.0.4 allows remote attackers to cause a denial of service (infinite loop) via unspecified vectors.
Max CVSS
4.3
EPSS Score
0.15%
Published
2009-03-14
Updated
2017-09-29
23 vulnerabilities found