rpm package
opensuse/wireshark&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/wireshark&distro=openSUSE%20Tumbleweed
Vulnerabilities (540)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2010-3445 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Nov 26, 2010 | Stack consumption vulnerability in the dissect_ber_unknown function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.4.x before 1.4.1 and 1.2.x before 1.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a long st | ||
| CVE-2010-2993 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Aug 13, 2010 | The IPMI dissector in Wireshark 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. | ||
| CVE-2010-1455 | — | < 2.2.2-1.1 | 2.2.2-1.1 | May 12, 2010 | The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0 through 1.2.7 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed packet trace file. | ||
| CVE-2009-3243 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Sep 18, 2009 | Unspecified vulnerability in the TLS dissector in Wireshark 1.2.0 and 1.2.1, when running on Windows, allows remote attackers to cause a denial of service (application crash) via unknown vectors related to TLS 1.2 conversations. | ||
| CVE-2009-3242 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Sep 18, 2009 | Unspecified vulnerability in packet.c in the GSM A RR dissector in Wireshark 1.2.0 and 1.2.1 allows remote attackers to cause a denial of service (application crash) via unknown vectors related to "an uninitialized dissector handle," which triggers an assertion failure. | ||
| CVE-2009-3241 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Sep 18, 2009 | Unspecified vulnerability in the OpcUa (OPC UA) dissector in Wireshark 0.99.6 through 1.0.8 and 1.2.0 through 1.2.1 allows remote attackers to cause a denial of service (memory and CPU consumption) via malformed OPCUA Service CallRequest packets. | ||
| CVE-2009-1269 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Apr 13, 2009 | Unspecified vulnerability in Wireshark 0.99.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file. | ||
| CVE-2009-1268 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Apr 13, 2009 | The Check Point High-Availability Protocol (CPHAP) dissector in Wireshark 0.9.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FWHA_MY_STATE packet. | ||
| CVE-2009-1267 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Apr 13, 2009 | Unspecified vulnerability in the LDAP dissector in Wireshark 0.99.2 through 1.0.6, when running on Windows, allows remote attackers to cause a denial of service (crash) via unknown attack vectors. | ||
| CVE-2009-1210 | — | < 2.2.2-1.1 | 2.2.2-1.1 | Apr 1, 2009 | Format string vulnerability in the PROFINET/DCP (PN-DCP) dissector in Wireshark 1.0.6 and earlier allows remote attackers to execute arbitrary code via a PN-DCP packet with format string specifiers in the station name. NOTE: some of these details are obtained from third party in | ||
| CVE-2007-0459 | — | < 3.4.8-1.2 | 3.4.8-1.2 | Feb 2, 2007 | packet-tcp.c in the TCP dissector in Wireshark (formerly Ethereal) 0.99.2 through 0.99.4 allows remote attackers to cause a denial of service (application crash or hang) via fragmented HTTP packets. | ||
| CVE-2007-0458 | — | < 3.4.8-1.2 | 3.4.8-1.2 | Feb 2, 2007 | Unspecified vulnerability in the HTTP dissector in Wireshark (formerly Ethereal) 0.99.3 and 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors, a different issue than CVE-2006-5468. | ||
| CVE-2007-0457 | — | < 3.4.8-1.2 | 3.4.8-1.2 | Feb 2, 2007 | Unspecified vulnerability in the IEEE 802.11 dissector in Wireshark (formerly Ethereal) 0.10.14 through 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors. | ||
| CVE-2007-0456 | — | < 3.4.8-1.2 | 3.4.8-1.2 | Feb 2, 2007 | Unspecified vulnerability in the LLT dissector in Wireshark (formerly Ethereal) 0.99.3 and 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors. | ||
| CVE-2006-5469 | — | < 3.4.8-1.2 | 3.4.8-1.2 | Oct 28, 2006 | Unspecified vulnerability in the WBXML dissector in Wireshark (formerly Ethereal) 0.10.11 through 0.99.3 allows remote attackers to cause a denial of service (crash) via certain vectors that trigger a null dereference. | ||
| CVE-2006-4574 | Hig | 7.5 | < 3.4.8-1.2 | 3.4.8-1.2 | Oct 28, 2006 | Off-by-one error in the MIME Multipart dissector in Wireshark (formerly Ethereal) 0.10.1 through 0.99.3 allows remote attackers to cause a denial of service (crash) via certain vectors that trigger an assertion error related to unexpected length values. | |
| CVE-2006-5740 | — | < 3.4.8-1.2 | 3.4.8-1.2 | Oct 27, 2006 | Unspecified vulnerability in the LDAP dissector in Wireshark (formerly Ethereal) 0.99.3 allows remote attackers to cause a denial of service (crash) via a crafted LDAP packet. | ||
| CVE-2006-5468 | — | < 3.4.8-1.2 | 3.4.8-1.2 | Oct 27, 2006 | Unspecified vulnerability in the HTTP dissector in Wireshark (formerly Ethereal) 0.99.3 allows remote attackers to cause a denial of service (crash) via unspecified vectors. | ||
| CVE-2006-4805 | — | < 3.4.8-1.2 | 3.4.8-1.2 | Oct 27, 2006 | epan/dissectors/packet-xot.c in the XOT dissector (dissect_xot_pdu) in Wireshark (formerly Ethereal) 0.9.8 through 0.99.3 allows remote attackers to cause a denial of service (memory consumption and crash) via an encoded XOT packet that produces a zero length value when it is dec | ||
| CVE-2006-1932 | — | < 3.4.8-1.2 | 3.4.8-1.2 | Apr 25, 2006 | Off-by-one error in the OID printing routine in Ethereal 0.10.x up to 0.10.14 has unknown impact and remote attack vectors. |
- CVE-2010-3445Nov 26, 2010affected < 2.2.2-1.1fixed 2.2.2-1.1
Stack consumption vulnerability in the dissect_ber_unknown function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.4.x before 1.4.1 and 1.2.x before 1.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a long st
- CVE-2010-2993Aug 13, 2010affected < 2.2.2-1.1fixed 2.2.2-1.1
The IPMI dissector in Wireshark 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.
- CVE-2010-1455May 12, 2010affected < 2.2.2-1.1fixed 2.2.2-1.1
The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0 through 1.2.7 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed packet trace file.
- CVE-2009-3243Sep 18, 2009affected < 2.2.2-1.1fixed 2.2.2-1.1
Unspecified vulnerability in the TLS dissector in Wireshark 1.2.0 and 1.2.1, when running on Windows, allows remote attackers to cause a denial of service (application crash) via unknown vectors related to TLS 1.2 conversations.
- CVE-2009-3242Sep 18, 2009affected < 2.2.2-1.1fixed 2.2.2-1.1
Unspecified vulnerability in packet.c in the GSM A RR dissector in Wireshark 1.2.0 and 1.2.1 allows remote attackers to cause a denial of service (application crash) via unknown vectors related to "an uninitialized dissector handle," which triggers an assertion failure.
- CVE-2009-3241Sep 18, 2009affected < 2.2.2-1.1fixed 2.2.2-1.1
Unspecified vulnerability in the OpcUa (OPC UA) dissector in Wireshark 0.99.6 through 1.0.8 and 1.2.0 through 1.2.1 allows remote attackers to cause a denial of service (memory and CPU consumption) via malformed OPCUA Service CallRequest packets.
- CVE-2009-1269Apr 13, 2009affected < 2.2.2-1.1fixed 2.2.2-1.1
Unspecified vulnerability in Wireshark 0.99.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file.
- CVE-2009-1268Apr 13, 2009affected < 2.2.2-1.1fixed 2.2.2-1.1
The Check Point High-Availability Protocol (CPHAP) dissector in Wireshark 0.9.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FWHA_MY_STATE packet.
- CVE-2009-1267Apr 13, 2009affected < 2.2.2-1.1fixed 2.2.2-1.1
Unspecified vulnerability in the LDAP dissector in Wireshark 0.99.2 through 1.0.6, when running on Windows, allows remote attackers to cause a denial of service (crash) via unknown attack vectors.
- CVE-2009-1210Apr 1, 2009affected < 2.2.2-1.1fixed 2.2.2-1.1
Format string vulnerability in the PROFINET/DCP (PN-DCP) dissector in Wireshark 1.0.6 and earlier allows remote attackers to execute arbitrary code via a PN-DCP packet with format string specifiers in the station name. NOTE: some of these details are obtained from third party in
- CVE-2007-0459Feb 2, 2007affected < 3.4.8-1.2fixed 3.4.8-1.2
packet-tcp.c in the TCP dissector in Wireshark (formerly Ethereal) 0.99.2 through 0.99.4 allows remote attackers to cause a denial of service (application crash or hang) via fragmented HTTP packets.
- CVE-2007-0458Feb 2, 2007affected < 3.4.8-1.2fixed 3.4.8-1.2
Unspecified vulnerability in the HTTP dissector in Wireshark (formerly Ethereal) 0.99.3 and 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors, a different issue than CVE-2006-5468.
- CVE-2007-0457Feb 2, 2007affected < 3.4.8-1.2fixed 3.4.8-1.2
Unspecified vulnerability in the IEEE 802.11 dissector in Wireshark (formerly Ethereal) 0.10.14 through 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
- CVE-2007-0456Feb 2, 2007affected < 3.4.8-1.2fixed 3.4.8-1.2
Unspecified vulnerability in the LLT dissector in Wireshark (formerly Ethereal) 0.99.3 and 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
- CVE-2006-5469Oct 28, 2006affected < 3.4.8-1.2fixed 3.4.8-1.2
Unspecified vulnerability in the WBXML dissector in Wireshark (formerly Ethereal) 0.10.11 through 0.99.3 allows remote attackers to cause a denial of service (crash) via certain vectors that trigger a null dereference.
- affected < 3.4.8-1.2fixed 3.4.8-1.2
Off-by-one error in the MIME Multipart dissector in Wireshark (formerly Ethereal) 0.10.1 through 0.99.3 allows remote attackers to cause a denial of service (crash) via certain vectors that trigger an assertion error related to unexpected length values.
- CVE-2006-5740Oct 27, 2006affected < 3.4.8-1.2fixed 3.4.8-1.2
Unspecified vulnerability in the LDAP dissector in Wireshark (formerly Ethereal) 0.99.3 allows remote attackers to cause a denial of service (crash) via a crafted LDAP packet.
- CVE-2006-5468Oct 27, 2006affected < 3.4.8-1.2fixed 3.4.8-1.2
Unspecified vulnerability in the HTTP dissector in Wireshark (formerly Ethereal) 0.99.3 allows remote attackers to cause a denial of service (crash) via unspecified vectors.
- CVE-2006-4805Oct 27, 2006affected < 3.4.8-1.2fixed 3.4.8-1.2
epan/dissectors/packet-xot.c in the XOT dissector (dissect_xot_pdu) in Wireshark (formerly Ethereal) 0.9.8 through 0.99.3 allows remote attackers to cause a denial of service (memory consumption and crash) via an encoded XOT packet that produces a zero length value when it is dec
- CVE-2006-1932Apr 25, 2006affected < 3.4.8-1.2fixed 3.4.8-1.2
Off-by-one error in the OID printing routine in Ethereal 0.10.x up to 0.10.14 has unknown impact and remote attack vectors.
Page 27 of 27