| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2013-2488 |
20 |
|
DoS |
2013-03-07 |
2013-04-10 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
The DTLS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not validate the fragment offset before invoking the reassembly state machine, which allows remote attackers to cause a denial of service (application crash) via a large offset value that triggers write access to an invalid memory location. |
|
2 |
CVE-2013-2481 |
189 |
|
DoS |
2013-03-07 |
2013-04-10 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
Integer signedness error in the dissect_mount_dirpath_call function in epan/dissectors/packet-mount.c in the Mount dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6, when nfs_file_name_snooping is enabled, allows remote attackers to cause a denial of service (application crash) via a negative length value. |
|
3 |
CVE-2013-1590 |
119 |
|
DoS Overflow |
2013-02-02 |
2013-03-06 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
Buffer overflow in the NTLMSSP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
4 |
CVE-2013-1589 |
399 |
|
DoS |
2013-02-02 |
2013-02-11 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
Double free vulnerability in epan/proto.c in the dissection engine in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
5 |
CVE-2013-1588 |
119 |
|
DoS Overflow |
2013-02-02 |
2013-03-06 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
Multiple buffer overflows in the dissect_pft_fec_detailed function in the DCP-ETSI dissector in epan/dissectors/packet-dcp-etsi.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allow remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
6 |
CVE-2013-1587 |
|
|
DoS |
2013-02-02 |
2013-02-04 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
The dissect_rohc_ir_packet function in epan/dissectors/packet-rohc.c in the ROHC dissector in Wireshark 1.8.x before 1.8.5 does not properly handle unknown profiles, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
7 |
CVE-2013-1586 |
|
|
DoS |
2013-02-02 |
2013-03-06 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
The fragment_set_tot_len function in epan/reassemble.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly determine the length of a reassembled packet for the DTLS dissector, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
8 |
CVE-2013-1585 |
20 |
|
DoS |
2013-02-02 |
2013-02-06 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
epan/tvbuff.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly validate certain length values for the MS-MMC dissector, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
9 |
CVE-2013-1584 |
20 |
|
DoS |
2013-02-02 |
2013-02-06 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
The dissect_version_5_and_6_primary_header function in epan/dissectors/packet-dtn.c in the DTN dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 accesses an inappropriate pointer, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
10 |
CVE-2013-1583 |
20 |
|
DoS |
2013-02-02 |
2013-02-06 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
The dissect_version_4_primary_header function in epan/dissectors/packet-dtn.c in the DTN dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 accesses an inappropriate pointer, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
11 |
CVE-2013-1582 |
189 |
|
DoS |
2013-02-02 |
2013-03-06 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
The dissect_clnp function in epan/dissectors/packet-clnp.c in the CLNP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly manage an offset variable, which allows remote attackers to cause a denial of service (infinite loop or application crash) via a malformed packet. |
|
12 |
CVE-2013-1581 |
20 |
|
DoS |
2013-02-02 |
2013-02-11 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
The dissect_pft_fec_detailed function in epan/dissectors/packet-dcp-etsi.c in the DCP-ETSI dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle fragment gaps, which allows remote attackers to cause a denial of service (loop) via a malformed packet. |
|
13 |
CVE-2013-1580 |
20 |
|
DoS |
2013-02-02 |
2013-02-11 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
The dissect_cmstatus_tlv function in plugins/docsis/packet-cmstatus.c in the DOCSIS CM-STATUS dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 uses an incorrect data type for a position variable, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. |
|
14 |
CVE-2013-1579 |
399 |
|
DoS |
2013-02-02 |
2013-02-04 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
The rtps_util_add_bitmap function in epan/dissectors/packet-rtps.c in the RTPS dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly implement certain nested loops for processing bitmap data, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. |
|
15 |
CVE-2013-1578 |
20 |
|
DoS |
2013-02-02 |
2013-02-11 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
The dissect_pw_eth_heuristic function in epan/dissectors/packet-pw-eth.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle apparent Ethernet address values at the beginning of MPLS data, which allows remote attackers to cause a denial of service (loop) via a malformed packet. |
|
16 |
CVE-2013-1577 |
20 |
|
DoS |
2013-02-02 |
2013-02-11 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
The dissect_sip_p_charging_func_addresses function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle offset data associated with a quoted string, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. |
|
17 |
CVE-2013-1576 |
310 |
|
DoS |
2013-02-02 |
2013-02-11 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
The dissect_sdp_media_attribute function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly process crypto-suite parameters, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. |
|
18 |
CVE-2013-1575 |
20 |
|
DoS |
2013-02-02 |
2013-02-11 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
The dissect_r3_cmd_alarmconfigure function in epan/dissectors/packet-assa_r3.c in the R3 dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle a certain alarm length, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. |
|
19 |
CVE-2013-1572 |
20 |
|
DoS |
2013-02-02 |
2013-02-11 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
The dissect_oampdu_event_notification function in epan/dissectors/packet-slowprotocols.c in the IEEE 802.3 Slow Protocols dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle certain short lengths, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. |
|
20 |
CVE-2012-4049 |
94 |
|
DoS |
2012-07-24 |
2012-09-07 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before 1.6.9, and 1.8.x before 1.8.1 allows remote attackers to cause a denial of service (loop and CPU consumption) via a crafted packet. |
|
21 |
CVE-2012-0042 |
|
|
DoS |
2012-04-11 |
2013-04-01 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 does not properly perform certain string conversions, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet, related to epan/to_str.c. |
|
22 |
CVE-2011-3266 |
399 |
|
DoS |
2011-08-23 |
2012-08-13 |
2.6 |
None |
Remote |
High |
Not required |
None |
None |
Partial |
|
The proto_tree_add_item function in Wireshark 1.6.0 through 1.6.1 and 1.4.0 through 1.4.8, when the IKEv1 protocol dissector is used, allows user-assisted remote attackers to cause a denial of service (infinite loop) via vectors involving a malformed IKE packet and many items in a tree. |
|
23 |
CVE-2009-0601 |
134 |
|
DoS |
2009-02-16 |
2009-03-17 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local users to cause a denial of service (application crash) via format string specifiers in the HOME environment variable. |
