VYPR

Ethereal

by Ethereal Group

Source repositories

CVEs (137)

  • CVE-2019-10901Apr 9, 2019
    risk 0.01cvss epss 0.06

    In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by handling file digests properly.

  • CVE-2019-10899Apr 9, 2019
    risk 0.01cvss epss 0.06

    In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the SRVLOC dissector could crash. This was addressed in epan/dissectors/packet-srvloc.c by preventing a heap-based buffer under-read.

  • CVE-2019-10896Apr 9, 2019
    risk 0.01cvss epss 0.06

    In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DOF dissector could crash. This was addressed in epan/dissectors/packet-dof.c by properly handling generated IID and OID bytes.

  • CVE-2019-10895Apr 9, 2019
    risk 0.01cvss epss 0.06

    In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the NetScaler file parser could crash. This was addressed in wiretap/netscaler.c by improving data validation.

  • CVE-2019-10894Apr 9, 2019
    risk 0.01cvss epss 0.06

    In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This was addressed in epan/dissectors/packet-gssapi.c by ensuring that a valid dissector is called.

  • CVE-2007-6115Nov 23, 2007
    risk 0.01cvss epss 0.06

    Buffer overflow in the ANSI MAP dissector for Wireshark (formerly Ethereal) 0.99.5 to 0.99.6, when running on unspecified platforms, allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown vectors.

  • CVE-2007-6114Nov 23, 2007
    risk 0.01cvss epss 0.06

    Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0 through 0.99.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) the SSL dissector or (2) the iSeries (OS/400) Communication trace file parser.

  • CVE-2007-6112Nov 23, 2007
    risk 0.01cvss epss 0.06

    Buffer overflow in the PPP dissector Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.

  • CVE-2006-3632Jul 21, 2006
    risk 0.01cvss epss 0.07

    Buffer overflow in Wireshark (aka Ethereal) 0.8.16 to 0.99.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the NFS dissector.

  • CVE-2005-3184Oct 20, 2005
    risk 0.01cvss epss 0.08

    Buffer overflow vulnerability in the unicode_to_bytes in the Service Location Protocol (srvloc) dissector (packet-srvloc.c) in Ethereal allows remote attackers to execute arbitrary code via a srvloc packet with a modified length value.

  • CVE-2005-0084May 2, 2005
    risk 0.01cvss epss 0.06

    Buffer overflow in the X11 dissector in Ethereal 0.8.10 through 0.10.8 allows remote attackers to execute arbitrary code via a crafted packet.

  • CVE-2005-0699Mar 8, 2005
    risk 0.01cvss epss 0.06

    Multiple buffer overflows in the dissect_a11_radius function in the CDMA A11 (3G-A11) dissector (packet-3g-a11.c) for Ethereal 0.10.9 and earlier allow remote attackers to execute arbitrary code via RADIUS authentication packets with large length values.

  • CVE-2004-0507Aug 18, 2004
    risk 0.01cvss epss 0.08

    Buffer overflow in the MMSE dissector for Ethereal 0.10.1 to 0.10.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code.

  • CVE-2003-0357Jun 9, 2003
    risk 0.01cvss epss 0.08

    Multiple integer overflow vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) Mount and (2) PPP dissectors.

  • CVE-2019-10902Apr 9, 2019
    risk 0.00cvss epss 0.05

    In Wireshark 3.0.0, the TSDNS dissector could crash. This was addressed in epan/dissectors/packet-tsdns.c by splitting strings safely.

  • CVE-2019-10900Apr 9, 2019
    risk 0.00cvss epss 0.05

    In Wireshark 3.0.0, the Rbm dissector could go into an infinite loop. This was addressed in epan/dissectors/file-rbm.c by handling unknown object types safely.

  • CVE-2019-10898Apr 9, 2019
    risk 0.00cvss epss 0.05

    In Wireshark 3.0.0, the GSUP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-gsm_gsup.c by rejecting an invalid Information Element length.

  • CVE-2019-10897Apr 9, 2019
    risk 0.00cvss epss 0.05

    In Wireshark 3.0.0, the IEEE 802.11 dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-ieee80211.c by detecting cases in which the bit offset does not advance.

  • CVE-2019-9209Feb 28, 2019
    risk 0.00cvss epss 0.01

    In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and related dissectors could crash. This was addressed in epan/dissectors/packet-ber.c by preventing a buffer overflow associated with excessive digits in time values.

  • CVE-2019-9214Feb 28, 2019
    risk 0.00cvss epss 0.04

    In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the RPCAP dissector could crash. This was addressed in epan/dissectors/packet-rpcap.c by avoiding an attempted dereference of a NULL conversation.

Page 2 of 7