[CLOSE] OSVDB ID : 56021 - Disclosed: 2009-07-20

Description:

Wireshark contains a flaw that may allow a remote denial of service. The issue is triggered when the MIOP dissector processes packets with malformed Unique ID lengths (>=256 bytes), and will result in loss of availability for the service.

[CLOSE] OSVDB ID : 82100 - Disclosed: 2012-05-23

Description:

Wireshark contains a flaw that may allow a remote denial of service. The issue is triggered by a misaligned memory error in SPARC and Itanium processors when parsing certain packets, and will result in loss of availability for the program.

[CLOSE] OSVDB ID : 84782 - Disclosed: 2012-08-15

Description:

Wireshark contains a flaw that may allow a remote denial of service. The issue is triggered when an error occurs in the MongoDB dissector during the parsing of a malformed packet. This will result in an infinite loop and a loss of availability for the program.

[CLOSE] OSVDB ID : 90996 - Disclosed: 2013-03-06

Description:

Wireshark contains a flaw in the Mount Dissector that may allow a remote denial of service. The issue is triggered when handling a specific type of malformed packet, either via the network, or when replayed via a trace file. This may allow a remote attacker to crash the program.

[CLOSE] OSVDB ID : 27365 - Disclosed: 2006-07-17

Description:

The Wireshark MOUNT dissector contains a flaw that may allow a remote denial of service. The issue is triggered by a malformed packet or trace file, and will result in loss of availability for the application.

[CLOSE] OSVDB ID : 80714 - Disclosed: 2012-03-27

Description:

Wireshark contains a flaw that may allow a remote denial of service. The issue is triggered when a specially crafted packet causes an error in the MP2T dissector when handling memory, and will result in a loss of availability.

[CLOSE] OSVDB ID : 40466 - Disclosed: 2007-11-26

Description:

(Description Provided by CVE) : Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) allow remote attackers to cause a denial of service (crash) via (1) a crafted MP3 file or (2) unspecified vectors to the NCP dissector.

[CLOSE] OSVDB ID : 93507 - Disclosed: 2013-03-15

Description:

Wireshark contains a flaw in the MPEG DSM-CC dissector that may allow a remote denial of service. The issue is triggered when handling a malformed packet. This may allow a remote attacker to crash the program.

[CLOSE] OSVDB ID : 89667 - Disclosed: 2012-12-02

Description:

Wireshark contains a flaw in the MPLS dissector that may allow a remote denial of service. The issue is triggered when the dissect_pw_eth_heuristic function in epan/dissectors/packet-pw-eth.c parses a specially crafted packet. This may allow a remote attacker to cause an infinite loop and crash the system.

[CLOSE] OSVDB ID : 90994 - Disclosed: 2013-03-06

Description:

Wireshark contains a flaw in the MPLS Echo Dissector that may allow a remote denial of service. The issue is triggered when handling a specific type of malformed packet, either via the network, or when replayed via a trace file. This may allow a remote attacker to cause an infinite loop, which will crash the program.

[CLOSE] OSVDB ID : 27363 - Disclosed: 2006-07-17

Description:

A format string flaw exists in the Wireshark MQ dissector. With a specially crafted packet, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 89675 - Disclosed: 2012-12-20

Description:

Wireshark contains a flaw in the MS-MMC dissector that may allow a remote denial of service. The issue is triggered when a function in epan/tvbuff.c parses a malformed packet. This may allow a remote attacker to cause the program to crash.

[CLOSE] OSVDB ID : 90993 - Disclosed: 2013-03-06

Description:

Wireshark contains a flaw in the MS-MMS Dissector that may allow a remote denial of service. The issue is triggered when handling a specific type of malformed packet, either via the network, or when replayed via a trace file. This may allow a remote attacker to crash the program.

[CLOSE] OSVDB ID : 71552 - Disclosed: 2011-02-22

Description:

Wireshark contains a flaw that may allow a remote of service. The issue is triggered when an attacker directs an infinite recursive function call to the 'dissect_ms_compressed_string' and 'dissect_mscldap_string' functions via a a crafted SMB orConnection-less LDAP (CLDAP) packet, resulting in a loss of availability.

[CLOSE] OSVDB ID : 71553 - Disclosed: 2011-02-22

Description:

Wireshark contains a flaw that may allow a remote of service. The issue is triggered when an attacker directs an infinite recursive function call to the 'dissect_ms_compressed_string' and 'dissect_mscldap_string' functions via a a crafted SMB packet, resulting in a loss of availability.

[CLOSE] OSVDB ID : 49344 - Disclosed: 2008-10-20

Description:

(Description Provided by CVE) : packet-frame in Wireshark 0.99.2 through 1.0.3 does not properly handle exceptions thrown by post dissectors, which allows remote attackers to cause a denial of service (application crash) via a certain series of packets, as demonstrated by enabling the (1) PRP or (2) MATE post dissector.

[CLOSE] OSVDB ID : 93505 - Disclosed: 2013-03-10

Description:

Wireshark contains a flaw in the MySQL dissector (packet-mysql.c) that may allow a remote denial of service. The issue is triggered when handling a malformed packet, which will result in an infinite loop. This will allow a remote attacker to crash the program.

[CLOSE] OSVDB ID : 47931 - Disclosed: 2008-09-03

Description:

(Description Provided by CVE) : Multiple buffer overflows in packet_ncp2222.inc in Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted NCP packet that causes an invalid pointer to be used.

[CLOSE] OSVDB ID : 47932 - Disclosed: 2008-09-03

Description:

(Description Provided by CVE) : Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allows attackers to cause a denial of service (hang) via a crafted NCP packet that triggers an infinite loop.

[CLOSE] OSVDB ID : 27366 - Disclosed: 2006-07-17

Description:

A remote overflow exists in the Wireshark NCP dissector. The application fails to properly iterate over a buffer resulting in a off-by-one overflow. With a specially crafted packet, an attacker can cause arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 40465 - Disclosed: 2007-11-26

Description:

(Description Provided by CVE) : Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) allow remote attackers to cause a denial of service (crash) via (1) a crafted MP3 file or (2) unspecified vectors to the NCP dissector.

[CLOSE] OSVDB ID : 27368 - Disclosed: 2006-07-17

Description:

A remote overflow exists in the Wireshark NDPS dissector. The application fails to properly iterate over a buffer resulting in a off-by-one overflow. With a specially crafted packet, an attacker can cause arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 84261 - Disclosed: 2012-05-02

Description:

Wireshark contains a flaw that may allow a remote denial of service. The issue is triggered when an error occurs in the NFS dissecotr when parsing a malformed packet, and will result in a consumption of resources and a loss of availability for the program.

[CLOSE] OSVDB ID : 27371 - Disclosed: 2006-07-17

Description:

A remote overflow exists in the Wireshark NFS dissector. The dissector fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted packet, an attacker can cause arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 27367 - Disclosed: 2006-07-17

Description:

A remote overflow exists in the Wireshark NMAS dissector. The application fails to properly iterate over a buffer resulting in a off-by-one overflow. With a specially crafted packet, an attacker can cause arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 71554 - Disclosed: 2011-03-01

Description:

Wireshark is prone to an overflow condition. The wiretap/dct3trace.c process fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted long record in a Nokia DCT3 trace file, a context-dependent attacker can potentially execute arbitrary code.

[CLOSE] OSVDB ID : 89681 - Disclosed: 2013-01-29

Description:

Wireshark contains a buffer overflow condition in the NTLMSSP dissector. The issue is triggered as user-supplied input is not properly validated when parsing a specially crafted packet. This may allow a remote attacker to cause a buffer overflow, resulting in a denial of service or potentially execution of arbitrary code.

[CLOSE] OSVDB ID : 71548 - Disclosed: 2011-03-01

Description:

Wireshark contains a flaw that may allow a denial of service. The issue is triggered when the 'dissect_ntlmssp_string()' function in 'epan/dissectors/packet-ntlmssp.c' suffers a NULL pointer dereference error, allowing a context-dependent attacker to use a crafted pcap file to cause a denial of service.

[CLOSE] OSVDB ID : 27369 - Disclosed: 2006-07-17

Description:

A format string flaw exists in the Wireshark NTP dissector. With a specially crafted packet, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 76769 - Disclosed: 2011-11-01

Description:

(Description Provided by CVE) : The dissect_infiniband_common function in epan/dissectors/packet-infiniband.c in the Infiniband dissector in Wireshark 1.4.0 through 1.4.9 and 1.6.x before 1.6.3 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed packet.