CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Wireshark : Security Vulnerabilities Published In 2007 (Denial Of Service)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2007-6451 399 DoS 2007-12-19 2010-08-21
4.3
None Remote Medium Not required None None Partial
Unspecified vulnerability in the CIP dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger allocation of large amounts of memory.
2 CVE-2007-6450 DoS 2007-12-19 2010-08-21
5.0
None Remote Low Not required None None Partial
The RPL dissector in Wireshark (formerly Ethereal) 0.9.8 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.
3 CVE-2007-6441 264 DoS 2007-12-19 2012-08-13
3.3
None Local Network Low Not required None None Partial
The WiMAX dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) via unknown vectors related to "unaligned access on some platforms."
4 CVE-2007-6439 399 DoS 2007-12-19 2012-08-13
6.1
None Local Network Low Not required None None Complete
Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (infinite or large loop) via the (1) IPv6 or (2) USB dissector, which can trigger resource consumption or a crash. NOTE: this identifier originally included Firebird/Interbase, but it is already covered by CVE-2007-6116. The DCP ETSI issue is already covered by CVE-2007-6119.
5 CVE-2007-6438 119 DoS Overflow 2007-12-19 2012-08-13
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in the SMB dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service via unknown vectors. NOTE: this identifier originally included MP3 and NCP, but those issues are already covered by CVE-2007-6111.
6 CVE-2007-6121 20 DoS 2007-11-23 2010-08-21
5.0
None Remote Low Not required None None Partial
Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 allows remote attackers to cause a denial of service (crash) via a malformed RPC Portmap packet.
7 CVE-2007-6120 119 DoS Overflow 2007-11-23 2012-08-13
5.0
None Remote Low Not required None None Partial
The Bluetooth SDP dissector Wireshark (formerly Ethereal) 0.99.2 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.
8 CVE-2007-6119 DoS 2007-11-23 2012-08-13
7.8
None Remote Low Not required None None Complete
The DCP ETSI dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (long loop and resource consumption) via unknown vectors.
9 CVE-2007-6118 DoS 2007-11-23 2010-08-21
7.8
None Remote Low Not required None None Complete
The MEGACO dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of service (long loop and resource consumption) via unknown vectors.
10 CVE-2007-6117 DoS Exec Code 2007-11-23 2011-03-29
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in the HTTP dissector for Wireshark (formerly Ethereal) 0.10.14 to 0.99.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted chunked messages.
11 CVE-2007-6116 DoS 2007-11-23 2012-08-13
5.0
None Remote Low Not required None None Partial
The Firebird/Interbase dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (infinite loop or crash) via unknown vectors.
12 CVE-2007-6115 119 DoS Exec Code Overflow 2007-11-23 2012-08-13
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in the ANSI MAP dissector for Wireshark (formerly Ethereal) 0.99.5 to 0.99.6, when running on unspecified platforms, allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown vectors.
13 CVE-2007-6114 119 DoS Exec Code Overflow 2007-11-23 2010-08-21
10.0
None Remote Low Not required Complete Complete Complete
Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0 through 0.99.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) the SSL dissector or (2) the iSeries (OS/400) Communication trace file parser.
14 CVE-2007-6113 189 1 DoS 2007-11-23 2011-03-09
4.3
None Remote Medium Not required None None Partial
Integer signedness error in the DNP3 dissector in Wireshark (formerly Ethereal) 0.10.12 to 0.99.6 allows remote attackers to cause a denial of service (long loop) via a malformed DNP3 packet.
15 CVE-2007-6112 119 DoS Exec Code Overflow 2007-11-23 2012-08-13
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in the PPP dissector Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.
16 CVE-2007-6111 DoS 2007-11-23 2010-08-21
7.1
None Remote Medium Not required None None Complete
Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) allow remote attackers to cause a denial of service (crash) via (1) a crafted MP3 file or (2) unspecified vectors to the NCP dissector.
17 CVE-2007-3393 DoS 2007-06-25 2012-10-30
5.0
None Remote Low Not required None None Partial
Off-by-one error in the DHCP/BOOTP dissector in Wireshark before 0.99.6 allows remote attackers to cause a denial of service (crash) via crafted DHCP-over-DOCSIS packets.
18 CVE-2007-3392 DoS 2007-06-25 2010-08-21
5.0
None Remote Low Not required None None Partial
Wireshark before 0.99.6 allows remote attackers to cause a denial of service via malformed (1) SSL or (2) MMS packets that trigger an infinite loop.
19 CVE-2007-3391 20 DoS 2007-06-25 2012-10-30
7.8
None Remote Low Not required None None Complete
Wireshark 0.99.5 allows remote attackers to cause a denial of service (memory consumption) via a malformed DCP ETSI packet that triggers an infinite loop.
20 CVE-2007-3390 DoS 2007-06-25 2012-10-30
5.0
None Remote Low Not required None None Partial
Wireshark 0.99.5 and 0.10.x up to 0.10.14, when running on certain systems, allows remote attackers to cause a denial of service (crash) via crafted iSeries capture files that trigger a SIGTRAP.
21 CVE-2007-3389 20 DoS 2007-06-25 2012-10-30
5.0
None Remote Low Not required None None Partial
Wireshark before 0.99.6 allows remote attackers to cause a denial of service (crash) via a crafted chunked encoding in an HTTP response, possibly related to a zero-length payload.
22 CVE-2007-0459 DoS 2007-02-02 2012-08-13
5.0
None Remote Low Not required None None Partial
packet-tcp.c in the TCP dissector in Wireshark (formerly Ethereal) 0.99.2 through 0.99.4 allows remote attackers to cause a denial of service (application crash or hang) via fragmented HTTP packets.
23 CVE-2007-0458 DoS 2007-02-02 2012-08-13
4.3
None Remote Medium Not required None None Partial
Unspecified vulnerability in the HTTP dissector in Wireshark (formerly Ethereal) 0.99.3 and 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors, a different issue than CVE-2006-5468.
24 CVE-2007-0457 DoS 2007-02-02 2010-08-21
4.3
None Remote Medium Not required None None Partial
Unspecified vulnerability in the IEEE 802.11 dissector in Wireshark (formerly Ethereal) 0.10.14 through 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
25 CVE-2007-0456 DoS 2007-02-02 2012-08-13
4.3
None Remote Medium Not required None None Partial
Unspecified vulnerability in the LLT dissector in Wireshark (formerly Ethereal) 0.99.3 and 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
Total number of vulnerabilities : 25   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.