Wireshark
by Wireshark
Source repositories
CVEs (736)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2010-2285 | 0.00 | — | 0.01 | Jun 15, 2010 | The SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors. | |||
| CVE-2010-2284 | 0.00 | — | 0.01 | Jun 15, 2010 | Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors. | |||
| CVE-2010-2283 | 0.00 | — | 0.01 | Jun 15, 2010 | The SMB dissector in Wireshark 0.99.6 through 1.0.13, and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors. | |||
| CVE-2010-1455 | 0.00 | — | 0.02 | May 12, 2010 | The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0 through 1.2.7 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed packet trace file. | |||
| CVE-2009-4378 | 0.00 | — | 0.02 | Dec 21, 2009 | The IPMI dissector in Wireshark 1.2.0 through 1.2.4 on Windows allows remote attackers to cause a denial of service (crash) via a crafted packet, related to "formatting a date/time using strftime." | |||
| CVE-2009-4377 | 0.00 | — | 0.03 | Dec 21, 2009 | The (1) SMB and (2) SMB2 dissectors in Wireshark 0.9.0 through 1.2.4 allow remote attackers to cause a denial of service (crash) via a crafted packet that triggers a NULL pointer dereference, as demonstrated by fuzz-2009-12-07-11141.pcap. | |||
| CVE-2009-3829 | 0.00 | — | 0.06 | Oct 30, 2009 | Integer overflow in wiretap/erf.c in Wireshark before 1.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted erf file, related to an "unsigned integer wrap vulnerability." | |||
| CVE-2009-3551 | 0.00 | — | 0.02 | Oct 30, 2009 | Off-by-one error in the dissect_negprot_response function in packet-smb.c in the SMB dissector in Wireshark 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace. NOTE: some of these details… | |||
| CVE-2009-3550 | 0.00 | — | 0.02 | Oct 30, 2009 | The DCERPC/NT dissector in Wireshark 0.10.10 through 1.0.9 and 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a file that records a malformed packet trace. NOTE: some of these details are obtained… | |||
| CVE-2009-3549 | 0.00 | — | 0.03 | Oct 30, 2009 | packet-paltalk.c in the Paltalk dissector in Wireshark 1.2.0 through 1.2.2, on SPARC and certain other platforms, allows remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace. | |||
| CVE-2009-2563 | 0.00 | — | 0.03 | Jul 21, 2009 | Unspecified vulnerability in the Infiniband dissector in Wireshark 1.0.6 through 1.2.0, when running on unspecified platforms, allows remote attackers to cause a denial of service (crash) via unknown vectors. | |||
| CVE-2009-2562 | 0.00 | — | 0.03 | Jul 21, 2009 | Unspecified vulnerability in the AFS dissector in Wireshark 0.9.2 through 1.2.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. | |||
| CVE-2009-2561 | 0.00 | — | 0.02 | Jul 21, 2009 | Unspecified vulnerability in the sFlow dissector in Wireshark 1.2.0 allows remote attackers to cause a denial of service (CPU and memory consumption) via unspecified vectors. | |||
| CVE-2009-2560 | 0.00 | — | 0.02 | Jul 21, 2009 | Multiple unspecified vulnerabilities in Wireshark 1.2.0 allow remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace and is processed by the (1) Bluetooth L2CAP, (2) RADIUS, or (3) MIOP dissector. NOTE: it was later… | |||
| CVE-2009-2559 | 0.00 | — | 0.02 | Jul 21, 2009 | Buffer overflow in the IPMI dissector in Wireshark 1.2.0 allows remote attackers to cause a denial of service (crash) via unspecified vectors related to an array index error. NOTE: some of these details are obtained from third party information. | |||
| CVE-2009-1829 | 0.00 | — | 0.02 | May 29, 2009 | Unspecified vulnerability in the PCNFSD dissector in Wireshark 0.8.20 through 1.0.7 allows remote attackers to cause a denial of service (crash) via crafted PCNFSD packets. | |||
| CVE-2009-1266 | 0.00 | — | 0.02 | Apr 21, 2009 | Unspecified vulnerability in Wireshark before 1.0.7 has unknown impact and attack vectors. | |||
| CVE-2009-1269 | 0.00 | — | 0.02 | Apr 13, 2009 | Unspecified vulnerability in Wireshark 0.99.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file. | |||
| CVE-2009-1268 | 0.00 | — | 0.02 | Apr 13, 2009 | The Check Point High-Availability Protocol (CPHAP) dissector in Wireshark 0.9.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FWHA_MY_STATE packet. | |||
| CVE-2009-1267 | 0.00 | — | 0.02 | Apr 13, 2009 | Unspecified vulnerability in the LDAP dissector in Wireshark 0.99.2 through 1.0.6, when running on Windows, allows remote attackers to cause a denial of service (crash) via unknown attack vectors. |
- CVE-2010-2285Jun 15, 2010risk 0.00cvss —epss 0.01
The SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors.
- CVE-2010-2284Jun 15, 2010risk 0.00cvss —epss 0.01
Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors.
- CVE-2010-2283Jun 15, 2010risk 0.00cvss —epss 0.01
The SMB dissector in Wireshark 0.99.6 through 1.0.13, and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors.
- CVE-2010-1455May 12, 2010risk 0.00cvss —epss 0.02
The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0 through 1.2.7 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed packet trace file.
- CVE-2009-4378Dec 21, 2009risk 0.00cvss —epss 0.02
The IPMI dissector in Wireshark 1.2.0 through 1.2.4 on Windows allows remote attackers to cause a denial of service (crash) via a crafted packet, related to "formatting a date/time using strftime."
- CVE-2009-4377Dec 21, 2009risk 0.00cvss —epss 0.03
The (1) SMB and (2) SMB2 dissectors in Wireshark 0.9.0 through 1.2.4 allow remote attackers to cause a denial of service (crash) via a crafted packet that triggers a NULL pointer dereference, as demonstrated by fuzz-2009-12-07-11141.pcap.
- CVE-2009-3829Oct 30, 2009risk 0.00cvss —epss 0.06
Integer overflow in wiretap/erf.c in Wireshark before 1.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted erf file, related to an "unsigned integer wrap vulnerability."
- CVE-2009-3551Oct 30, 2009risk 0.00cvss —epss 0.02
Off-by-one error in the dissect_negprot_response function in packet-smb.c in the SMB dissector in Wireshark 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace. NOTE: some of these details…
- CVE-2009-3550Oct 30, 2009risk 0.00cvss —epss 0.02
The DCERPC/NT dissector in Wireshark 0.10.10 through 1.0.9 and 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a file that records a malformed packet trace. NOTE: some of these details are obtained…
- CVE-2009-3549Oct 30, 2009risk 0.00cvss —epss 0.03
packet-paltalk.c in the Paltalk dissector in Wireshark 1.2.0 through 1.2.2, on SPARC and certain other platforms, allows remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace.
- CVE-2009-2563Jul 21, 2009risk 0.00cvss —epss 0.03
Unspecified vulnerability in the Infiniband dissector in Wireshark 1.0.6 through 1.2.0, when running on unspecified platforms, allows remote attackers to cause a denial of service (crash) via unknown vectors.
- CVE-2009-2562Jul 21, 2009risk 0.00cvss —epss 0.03
Unspecified vulnerability in the AFS dissector in Wireshark 0.9.2 through 1.2.0 allows remote attackers to cause a denial of service (crash) via unknown vectors.
- CVE-2009-2561Jul 21, 2009risk 0.00cvss —epss 0.02
Unspecified vulnerability in the sFlow dissector in Wireshark 1.2.0 allows remote attackers to cause a denial of service (CPU and memory consumption) via unspecified vectors.
- CVE-2009-2560Jul 21, 2009risk 0.00cvss —epss 0.02
Multiple unspecified vulnerabilities in Wireshark 1.2.0 allow remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace and is processed by the (1) Bluetooth L2CAP, (2) RADIUS, or (3) MIOP dissector. NOTE: it was later…
- CVE-2009-2559Jul 21, 2009risk 0.00cvss —epss 0.02
Buffer overflow in the IPMI dissector in Wireshark 1.2.0 allows remote attackers to cause a denial of service (crash) via unspecified vectors related to an array index error. NOTE: some of these details are obtained from third party information.
- CVE-2009-1829May 29, 2009risk 0.00cvss —epss 0.02
Unspecified vulnerability in the PCNFSD dissector in Wireshark 0.8.20 through 1.0.7 allows remote attackers to cause a denial of service (crash) via crafted PCNFSD packets.
- CVE-2009-1266Apr 21, 2009risk 0.00cvss —epss 0.02
Unspecified vulnerability in Wireshark before 1.0.7 has unknown impact and attack vectors.
- CVE-2009-1269Apr 13, 2009risk 0.00cvss —epss 0.02
Unspecified vulnerability in Wireshark 0.99.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file.
- CVE-2009-1268Apr 13, 2009risk 0.00cvss —epss 0.02
The Check Point High-Availability Protocol (CPHAP) dissector in Wireshark 0.9.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FWHA_MY_STATE packet.
- CVE-2009-1267Apr 13, 2009risk 0.00cvss —epss 0.02
Unspecified vulnerability in the LDAP dissector in Wireshark 0.99.2 through 1.0.6, when running on Windows, allows remote attackers to cause a denial of service (crash) via unknown attack vectors.
Page 34 of 37