[CLOSE] OSVDB ID : 85971 - Disclosed: 2012-08-24

Description:

WireShark is prone to an overflow condition. The remote interface fails to properly sanitize user-supplied input passed via the host input and port input fields, which will result in an overflow. This may allow a remote attacker to potentially execute arbitrary code.

[CLOSE] OSVDB ID : 78257 - Disclosed: 2012-01-11

Description:

Wireshark contains an overflow condition in the RLC dissector component. The issue is triggered as user-supplied input is not properly validated when handling RLC packet capture files. With a specially crafted capture file, a context-dependent attacker can cause a buffer overflow, resulting in a denial of service or potentially execution of arbitrary code.

[CLOSE] OSVDB ID : 46650 - Disclosed: 2008-06-30

Description:

(Description Provided by CVE) : Unspecified vulnerability in the RMI dissector in Wireshark (formerly Ethereal) 0.9.5 through 1.0.0 allows remote attackers to read system memory via unspecified vectors.

[CLOSE] OSVDB ID : 89664 - Disclosed: 2012-08-29

Description:

Wireshark contains a flaw in the ROHC dissector that may allow a remote denial of service. The issue is triggered when parsing a specially crafted packet by the dissect_rohc_ir_packet function in epan/dissectors/packet-rohc.c . This may allow a remote attacker to cause the program to crash.

[CLOSE] OSVDB ID : 43839 - Disclosed: 2008-03-29

Description:

(Description Provided by CVE) : Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) 0.99.5 through 0.99.8 allow remote attackers to cause a denial of service (application crash) via a malformed packet to the (1) X.509sat or (2) Roofnet dissectors. NOTE: Vector 2 might also lead to a hang.

[CLOSE] OSVDB ID : 40459 - Disclosed: 2007-11-26

Description:

(Description Provided by CVE) : The RPL dissector in Wireshark (formerly Ethereal) 0.9.8 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.

[CLOSE] OSVDB ID : 87990 - Disclosed: 2012-11-28

Description:

Wireshark contains a flaw that may allow a remote denial of service. The issue is triggered when an error occurs in the RTCP dissector during the processing of a malformed packet or when viewing a trace file containing malformed traffic. This will cause an infinite loop, which will result in a loss of availability.

[CLOSE] OSVDB ID : 46649 - Disclosed: 2008-06-30

Description:

(Description Provided by CVE) : The RTMPT dissector in Wireshark (formerly Ethereal) 0.99.8 through 1.0.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: this might be due to a use-after-free error.

[CLOSE] OSVDB ID : 89677 - Disclosed: 2013-01-12

Description:

Wireshark contains a flaw in the RTPS dissector that may allow for a denial of service. The issue is triggered when the rtps_util_add_bitmap function in epan/dissectors/packet-rtps.c parses a specially crafted packet. This may allow a remote attacker to cause an infinite loop and crash the system.

[CLOSE] OSVDB ID : 90995 - Disclosed: 2013-03-06

Description:

Wireshark contains a flaw in the RTPS Dissector that may allow a remote denial of service. The issue is triggered when handling a specific type of malformed packet, either via the network, or when replayed via a trace file. This may allow a remote attacker to crash the program.

[CLOSE] OSVDB ID : 90991 - Disclosed: 2013-03-06

Description:

Wireshark contains a flaw in the RTPS2 Dissector that may allow a remote denial of service. The issue is triggered when handling a specific type of malformed packet, either via the network, or when replayed via a trace file. This may allow a remote attacker to crash the program.

[CLOSE] OSVDB ID : 84778 - Disclosed: 2012-08-15

Description:

Wireshark is prone to an overflow condition. The RTPS2 dissector fails to properly sanitize user-supplied input resulting in a buffer overflow. With a specially crafted packet, a remote attacker can potentially execute arbitrary code or cause a denial of service.

[CLOSE] OSVDB ID : 43841 - Disclosed: 2008-03-29

Description:

(Description Provided by CVE) : The "decode as" feature in packet-bssap.c in the SCCP dissector in Wireshark (formerly Ethereal) 0.99.6 through 0.99.8 allows remote attackers to cause a denial of service (application crash) via a malformed packet.

[CLOSE] OSVDB ID : 61648 - Disclosed: 2009-05-21

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 28196 - Disclosed: 2006-08-23

Description:

(Description Provided by CVE) : Unspecified vulnerability in the SCSI dissector in Wireshark (formerly Ethereal) 0.99.2 allows remote attackers to cause a denial of service (crash) via unspecified vectors.

[CLOSE] OSVDB ID : 42575 - Disclosed: 2008-02-27

Description:

Wireshark SCTP dissector contains a flaw that may allow a remote denial of service. The issue is triggered when malformed packets or trace files are loaded, and will result in loss of availability for the service.

[CLOSE] OSVDB ID : 87995 - Disclosed: 2012-11-28

Description:

Wireshark contains a flaw that may allow a remote denial of service. The issue is triggered when an error occurs in the SCTP dissector during the processing of a malformed packet or when viewing a trace file containing malformed traffic. This will cause an infinite loop, which will result in a loss of availability.

[CLOSE] OSVDB ID : 89669 - Disclosed: 2012-12-02

Description:

Wireshark contains a flaw in the SDP dissector that may allow a remote denial of service. The issue is triggered when the dissect_sdp_media_attribute function in epan/dissectors/packet-sdp.c parses a specially crafted packet. This may allow a remote attacker to cause an infinite loop and crash the system.

[CLOSE] OSVDB ID : 87996 - Disclosed: 2012-11-28

Description:

Wireshark contains a flaw that may allow a remote denial of service. The issue is triggered when an error occurs in the sFlow dissector during the processing of a malformed packet or when viewing a trace file containing malformed traffic. This will cause an infinite loop, which will result in a loss of availability.

[CLOSE] OSVDB ID : 56022 - Disclosed: 2009-07-20

Description:

Wireshark contains a flaw that may allow a remote denial of service. The issue is triggered when the sFlow dissector processes packets with more than 1,000,000 items in the tree, and will result in loss of availability for the service.

[CLOSE] OSVDB ID : 65374 - Disclosed: 2010-06-10

Description:

(Description Provided by CVE) : The SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.7 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.

[CLOSE] OSVDB ID : 65375 - Disclosed: 2010-06-10

Description:

(Description Provided by CVE) : Buffer overflow in the SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors.

[CLOSE] OSVDB ID : 67191 - Disclosed: 2010-06-11

Description:

(Description Provided by CVE) : The SigComp Universal Decompressor Virtual Machine (UDVM) in Wireshark 0.10.8 through 1.0.14 and 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to sigcomp-udvm.c and an off-by-one error, which triggers a buffer overflow, different vulnerabilities than CVE-2010-2287.

[CLOSE] OSVDB ID : 89668 - Disclosed: 2012-12-02

Description:

Wireshark contains a flaw in the SIP dissector that may allow a remote denial of service. The issue is triggered when the dissect_sip_p_charging_func_addresses function in epan/dissectors/packet-sip.c parses a specially crafted packet. This may allow a remote attacker to cause an infinite loop and crash the system.

[CLOSE] OSVDB ID : 61178 - Disclosed: 2009-12-17

Description:

(Description Provided by CVE) : The (1) SMB and (2) SMB2 dissectors in Wireshark 0.9.0 through 1.2.4 allow remote attackers to cause a denial of service (crash) via a crafted packet that triggers a NULL pointer dereference, as demonstrated by fuzz-2009-12-07-11141.pcap.

[CLOSE] OSVDB ID : 65371 - Disclosed: 2010-06-10

Description:

(Description Provided by CVE) : The SMB dissector in Wireshark 0.99.6 through 1.0.13, and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors.

[CLOSE] OSVDB ID : 59458 - Disclosed: 2009-10-26

Description:

Wireshark contains a flaw that may allow a remote denial of service. The issue is triggered when off-by-one error within the dissect_negprot_response() function in epan/dissectors/packet-smb.c of the SMB dissector occurs, and will result in loss of availability for the service.

[CLOSE] OSVDB ID : 40463 - Disclosed: 2007-11-26

Description:

(Description Provided by CVE) : Unspecified vulnerability in the SMB dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service via unknown vectors. NOTE: this identifier originally included MP3 and NCP, but those issues are already covered by CVE-2007-6111.

[CLOSE] OSVDB ID : 65373 - Disclosed: 2010-06-10

Description:

(Description Provided by CVE) : The SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors.

[CLOSE] OSVDB ID : 50069 - Disclosed: 2008-11-22

Description:

(Description Provided by CVE) : Wireshark 1.0.4 and earlier allows remote attackers to cause a denial of service via a long SMTP request, which triggers an infinite loop.