| CVE-2004-0176 | | 0.09 | — | 0.71 | | May 4, 2004 | Multiple buffer overflows in Ethereal 0.8.13 to 0.10.2 allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) NetFlow, (2) IGAP, (3) EIGRP, (4) PGM, (5) IrDA, (6) BGP, (7) ISUP, or (8) TCAP dissectors. |
| CVE-2004-0633 | | 0.06 | — | 0.37 | | Dec 6, 2004 | The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abort) via an integer overflow. |
| CVE-2005-3243 | | 0.05 | — | 0.20 | | Oct 27, 2005 | Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow remote attackers to execute arbitrary code via unknown vectors in the (1) SLIMP3 and (2) AgentX dissector. |
| CVE-2005-2367 | | 0.05 | — | 0.24 | | Aug 10, 2005 | Format string vulnerability in the proto_item_set_text function in Ethereal 0.9.4 through 0.10.11, as used in multiple dissectors, allows remote attackers to write to arbitrary memory locations and gain privileges via a crafted AFP packet. |
| CVE-2005-1461 | | 0.04 | — | 0.12 | | May 5, 2005 | Multiple buffer overflows in the (1) SIP, (2) CMIP, (3) CMP, (4) CMS, (5) CRMF, (6) ESS, (7) OCSP, (8) X.509, (9) ISIS, (10) DISTCC, (11) FCELS, (12) Q.931, (13) NCP, (14) TCAP, (15) ISUP, (16) MEGACO, (17) PKIX1Explitit, (18) PKIX_Qualified, (19) Presentation dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code. |
| CVE-2005-1470 | | 0.04 | — | 0.13 | | May 5, 2005 | Multiple unknown vulnerabilities in the (1) TZSP, (2) MGCP, (3) ISUP, (4) SMB, or (5) Bittorrent dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (segmentation fault) via unknown vectors. |
| CVE-2005-0739 | | 0.04 | — | 0.17 | | May 2, 2005 | The IAPP dissector (packet-iapp.c) for Ethereal 0.9.1 to 0.10.9 does not properly use certain routines for formatting strings, which could leave it vulnerable to buffer overflows, as demonstrated using modified length values that are not properly handled by the dissect_pdus and pduval_to_str functions. |
| CVE-2000-1174 | | 0.04 | — | 0.13 | | Jan 9, 2001 | Multiple buffer overflows in AFS ACL parser for Ethereal 0.8.13 and earlier allows remote attackers to execute arbitrary commands via a packet with a long username. |
| CVE-2000-0333 | | 0.04 | — | 0.07 | | May 31, 1999 | tcpdump, Ethereal, and other sniffer packages allow remote attackers to cause a denial of service via malformed DNS packets in which a jump offset refers to itself, which causes tcpdump to enter an infinite loop while decompressing the packet. |
| CVE-2006-3629 | | 0.01 | — | 0.11 | | Jul 21, 2006 | Unspecified vulnerability in the MOUNT dissector in Wireshark (aka Ethereal) 0.9.4 to 0.99.0 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. |
| CVE-2005-3244 | | 0.01 | — | 0.07 | | Oct 27, 2005 | The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. |
| CVE-2004-1142 | | 0.01 | — | 0.09 | | Dec 15, 2004 | Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet. |
| CVE-2004-0634 | | 0.01 | — | 0.11 | | Dec 6, 2004 | The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote attackers to cause a denial of service (process crash) via a handle without a policy name, which causes a null dereference. |
| CVE-2004-0635 | | 0.01 | — | 0.09 | | Dec 6, 2004 | The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers to cause a denial of service (process crash) via a (1) malformed or (2) missing community string, which causes an out-of-bounds read. |
| CVE-2004-0367 | | 0.01 | — | 0.09 | | May 4, 2004 | Ethereal 0.10.1 to 0.10.2 allows remote attackers to cause a denial of service (crash) via a zero-length Presentation protocol selector. |
| CVE-2003-0357 | | 0.01 | — | 0.14 | | Jun 9, 2003 | Multiple integer overflow vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) Mount and (2) PPP dissectors. |
| CVE-2010-1455 | | 0.00 | — | 0.01 | | May 12, 2010 | The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0 through 1.2.7 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed packet trace file. |
| CVE-2007-6111 | | 0.00 | — | 0.04 | | Nov 23, 2007 | Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) allow remote attackers to cause a denial of service (crash) via (1) a crafted MP3 file or (2) unspecified vectors to the NCP dissector. |
| CVE-2007-6118 | | 0.00 | — | 0.05 | | Nov 23, 2007 | The MEGACO dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of service (long loop and resource consumption) via unknown vectors. |
| CVE-2007-6121 | | 0.00 | — | 0.03 | | Nov 23, 2007 | Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 allows remote attackers to cause a denial of service (crash) via a malformed RPC Portmap packet. |
