VYPR

Wireshark

by Wireshark

Source repositories

CVEs (736)

  • CVE-2008-6472Mar 14, 2009
    risk 0.00cvss epss 0.02

    The WLCCP dissector in Wireshark 0.99.7 through 1.0.4 allows remote attackers to cause a denial of service (infinite loop) via unspecified vectors.

  • CVE-2009-0601Feb 16, 2009
    risk 0.00cvss epss 0.00

    Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local users to cause a denial of service (application crash) via format string specifiers in the HOME environment variable.

  • CVE-2009-0600Feb 16, 2009
    risk 0.00cvss epss 0.02

    Wireshark 0.99.6 through 1.0.5 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted Tektronix K12 text capture file, as demonstrated by a file with exactly one frame.

  • CVE-2009-0599Feb 16, 2009
    risk 0.00cvss epss 0.03

    Buffer overflow in wiretap/netscreen.c in Wireshark 0.99.7 through 1.0.5 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed NetScreen snoop file.

  • CVE-2008-5285Dec 1, 2008
    risk 0.00cvss epss 0.02

    Wireshark 1.0.4 and earlier allows remote attackers to cause a denial of service via a long SMTP request, which triggers an infinite loop.

  • CVE-2008-4685Oct 22, 2008
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in the dissect_q931_cause_ie function in packet-q931.c in the Q.931 dissector in Wireshark 0.10.3 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via certain packets that trigger an exception.

  • CVE-2008-4684Oct 22, 2008
    risk 0.00cvss epss 0.02

    packet-frame in Wireshark 0.99.2 through 1.0.3 does not properly handle exceptions thrown by post dissectors, which allows remote attackers to cause a denial of service (application crash) via a certain series of packets, as demonstrated by enabling the (1) PRP or (2) MATE post…

  • CVE-2008-4683Oct 22, 2008
    risk 0.00cvss epss 0.02

    The dissect_btacl function in packet-bthci_acl.c in the Bluetooth ACL dissector in Wireshark 0.99.2 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via a packet with an invalid length, related to an erroneous tvb_memcpy call.

  • CVE-2008-4681Oct 22, 2008
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the Bluetooth RFCOMM dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via unknown packets.

  • CVE-2008-4680Oct 22, 2008
    risk 0.00cvss epss 0.03

    packet-usb.c in the USB dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via a malformed USB Request Block (URB).

  • CVE-2008-3932Sep 4, 2008
    risk 0.00cvss epss 0.02

    Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allows attackers to cause a denial of service (hang) via a crafted NCP packet that triggers an infinite loop.

  • CVE-2008-3933Sep 4, 2008
    risk 0.00cvss epss 0.01

    Wireshark (formerly Ethereal) 0.10.14 through 1.0.2 allows attackers to cause a denial of service (crash) via a packet with crafted zlib-compressed data that triggers an invalid read in the tvb_uncompress function.

  • CVE-2008-3934Sep 4, 2008
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in Wireshark (formerly Ethereal) 0.99.6 through 1.0.2 allows attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file.

  • CVE-2008-3146Sep 2, 2008
    risk 0.00cvss epss 0.04

    Multiple buffer overflows in packet_ncp2222.inc in Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted NCP packet that causes an invalid pointer to be used.

  • CVE-2008-3145Jul 16, 2008
    risk 0.00cvss epss 0.02

    The fragment_add_work function in epan/reassemble.c in Wireshark 0.8.19 through 1.0.1 allows remote attackers to cause a denial of service (crash) via a series of fragmented packets with non-sequential fragmentation offset values, which lead to a buffer over-read.

  • CVE-2008-3139Jul 10, 2008
    risk 0.00cvss epss 0.03

    The RTMPT dissector in Wireshark (formerly Ethereal) 0.99.8 through 1.0.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: this might be due to a use-after-free error.

  • CVE-2008-3141Jul 10, 2008
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in the RMI dissector in Wireshark (formerly Ethereal) 0.9.5 through 1.0.0 allows remote attackers to read system memory via unspecified vectors.

  • CVE-2008-3138Jul 10, 2008
    risk 0.00cvss epss 0.02

    The (1) PANA and (2) KISMET dissectors in Wireshark (formerly Ethereal) 0.99.3 through 1.0.0 allow remote attackers to cause a denial of service (application stop) via unknown vectors.

  • CVE-2008-3137Jul 10, 2008
    risk 0.00cvss epss 0.02

    The GSM SMS dissector in Wireshark (formerly Ethereal) 0.99.2 through 1.0.0 allows remote attackers to cause a denial of service (application crash) via unknown vectors.

  • CVE-2008-1072Feb 28, 2008
    risk 0.00cvss epss 0.01

    The TFTP dissector in Wireshark (formerly Ethereal) 0.6.0 through 0.99.7, when running on Ubuntu 7.10, allows remote attackers to cause a denial of service (crash or memory consumption) via a malformed packet, possibly related to a Cairo library bug.