This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:wireshark:wireshark:0.10.3
Detail
VendorWiresharkFirst view 2007-02-02
ProductWiresharkLast view 2009-10-30
Version0.10.3TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:wireshark:wireshark

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
9.3 2009-10-30 CVE-2009-3829 Network Medium None Requ...
4.3 2009-10-30 CVE-2009-3550 Network Medium None Requ...
10 2009-04-21 CVE-2009-1266 Network Low None Requ...
10 2009-04-01 CVE-2009-1210 Network Low None Requ...
5 2008-12-01 CVE-2008-5285 Network Low None Requ...
Hide | Show 6 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
5 2008-10-22 CVE-2008-4685 Network Low None Requ...
3.3 2008-09-04 CVE-2008-3933 Adjacent ... Low None Requ...
5 2008-09-04 CVE-2008-3932 Network Low None Requ...
4.3 2007-11-23 CVE-2007-6113 Network Medium None Requ...
5 2007-06-25 CVE-2007-3390 Network Low None Requ...
4.3 2007-02-02 CVE-2007-0457 Network Medium None Requ...

CWE : Common Weakness Enumeration

%idName
28% (2)CWE-399Resource Management Errors
28% (2)CWE-189Numeric Errors
28% (2)CWE-20Improper Input Validation
14% (1)CWE-134Uncontrolled Format String

CAPEC : Common Attack Pattern Enumeration & Classification

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idName
CAPEC-3Using Leading 'Ghost' Character Sequences to Bypass Input Filters
CAPEC-7Blind SQL Injection
CAPEC-8Buffer Overflow in an API Call
CAPEC-9Buffer Overflow in Local Command-Line Utilities
CAPEC-10Buffer Overflow via Environment Variables
Hide | Show 20 More...
idName
CAPEC-13Subverting Environment Variable Values
CAPEC-14Client-side Injection-induced Buffer Overflow
CAPEC-18Embedding Scripts in Nonscript Elements
CAPEC-22Exploiting Trust in Client (aka Make the Client Invisible)
CAPEC-24Filter Failure through Buffer Overflow
CAPEC-28Fuzzing
CAPEC-31Accessing/Intercepting/Modifying HTTP Cookies
CAPEC-32Embedding Scripts in HTTP Query Strings
CAPEC-42MIME Conversion
CAPEC-43Exploiting Multiple Input Interpretation Layers
CAPEC-45Buffer Overflow via Symbolic Links
CAPEC-46Overflow Variables and Tags
CAPEC-47Buffer Overflow via Parameter Expansion
CAPEC-52Embedding NULL Bytes
CAPEC-53Postfix, Null Terminate, and Backslash
CAPEC-63Simple Script Injection
CAPEC-64Using Slashes and URL Encoding Combined to Bypass Validation Logic
CAPEC-66SQL Injection
CAPEC-67String Format Overflow in syslog()
CAPEC-71Using Unicode Encoding to Bypass Validation Logic

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:11003Unspecified vulnerability in the IEEE 802.11 dissector in Wireshark (formerly...
oval:org.mitre.oval:def:10865Wireshark 0.99.5 and 0.10.x up to 0.10.14, when running on certain systems, a...
oval:org.mitre.oval:def:9841Integer signedness error in the DNP3 dissector in Wireshark (formerly Etherea...
oval:org.mitre.oval:def:11273Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allows attackers to cause a...
oval:org.mitre.oval:def:9620Wireshark (formerly Ethereal) 0.10.14 through 1.0.2 allows attackers to cause...
Hide | Show 12 More...
idName
oval:org.mitre.oval:def:8237DSA-1673 wireshark -- several vulnerabilities
oval:org.mitre.oval:def:20196DSA-1673-1 wireshark - several vulnerabilities
oval:org.mitre.oval:def:10788Use-after-free vulnerability in the dissect_q931_cause_ie function in packet-...
oval:org.mitre.oval:def:11351Wireshark 1.0.4 and earlier allows remote attackers to cause a denial of serv...
oval:org.mitre.oval:def:9526Format string vulnerability in the PROFINET/DCP (PN-DCP) dissector in Wiresha...
oval:org.mitre.oval:def:5976Wireshark PROFINET/DCP (PN-DCP) dissector Denial of Service Vulnerability
oval:org.mitre.oval:def:6005Wireshark DoS Vulnerability due to the DCERPC/NT dissector
oval:org.mitre.oval:def:10103The DCERPC/NT dissector in Wireshark 0.10.10 through 1.0.9 and 1.2.0 through ...
oval:org.mitre.oval:def:9945Integer overflow in wiretap/erf.c in Wireshark before 1.2.2 allows remote att...
oval:org.mitre.oval:def:7586DSA-1942 wireshark -- several vulnerabilities
oval:org.mitre.oval:def:5979Wireshark Integer overflow vulnerability in wiretap/erf.c
oval:org.mitre.oval:def:13282DSA-1942-1 wireshark -- several

Open Source Vulnerability Database (OSVDB)

idDescription
59478Wireshark wiretap/erf.c Unsigned Integer Wrap ERF File Handling Overflow
59460Wireshark DCERPC/NT Dissector Unspecified DoS
53903Wireshark Unspecified Issue
52996Wireshark PN-DCP Dissector Station Name Handling Format String
50069Wireshark SMTP Dissector Packet Handling Infinite Loop DoS
Hide | Show 6 More...
idDescription
49345Wireshark Q.931 Dissector packet-q931.c dissect_q931_cause_ie Function Use-af...
47933Wireshark zlib-compressed Packet Data Uncompression DoS
47932Wireshark NCP Dissector Unspecified Infinite Loop DoS
40456Wireshark DNP3 Dissector Malformed Packet Handling Remote Infinite Loop DoS
37642Wireshark Crafted iSeries Capture File Handling Remote DoS
33074Wireshark IEEE 802.11 Dissector Unspecified DoS

Milw0rm Exploits

idDescription
2009-03-30Wireshark <= 1.0.6 PN-DCP Format String Exploit PoC
2007-08-31Wireshark < 0.99.5 DNP3 Dissector Infinite Loop Exploit

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2011-08-09Name : CentOS Update for wireshark CESA-2009:0313 centos3 i386
File : nvt/gb_CESA-2009_0313_wireshark_centos3_i386.nasl
2011-08-09Name : CentOS Update for wireshark CESA-2009:0313 centos4 i386
File : nvt/gb_CESA-2009_0313_wireshark_centos4_i386.nasl
2011-08-09Name : CentOS Update for wireshark CESA-2010:0360 centos5 i386
File : nvt/gb_CESA-2010_0360_wireshark_centos5_i386.nasl
2011-08-09Name : CentOS Update for wireshark CESA-2009:1100 centos3 i386
File : nvt/gb_CESA-2009_1100_wireshark_centos3_i386.nasl
2011-08-09Name : CentOS Update for wireshark CESA-2009:1100 centos5 i386
File : nvt/gb_CESA-2009_1100_wireshark_centos5_i386.nasl
Hide | Show 20 More...
idDescription
2010-04-29Name : CentOS Update for wireshark CESA-2010:0360 centos3 i386
File : nvt/gb_CESA-2010_0360_wireshark_centos3_i386.nasl
2010-04-29Name : CentOS Update for wireshark CESA-2010:0360 centos4 i386
File : nvt/gb_CESA-2010_0360_wireshark_centos4_i386.nasl
2010-04-29Name : RedHat Update for wireshark RHSA-2010:0360-01
File : nvt/gb_RHSA-2010_0360-01_wireshark.nasl
2009-12-14Name : SLES11: Security update for wireshark
File : nvt/sles11_wireshark1.nasl
2009-12-10Name : Fedora Core 10 FEDORA-2009-7998 (wireshark)
File : nvt/fcore_2009_7998.nasl
2009-12-10Name : Mandriva Security Advisory MDVSA-2009:292-1 (wireshark)
File : nvt/mdksa_2009_292_1.nasl
2009-12-10Name : Debian Security Advisory DSA 1942-1 (wireshark)
File : nvt/deb_1942_1.nasl
2009-12-03Name : SLES10: Security update for ethereal
File : nvt/sles10_ethereal4.nasl
2009-12-03Name : Gentoo Security Advisory GLSA 200911-05 (wireshark)
File : nvt/glsa_200911_05.nasl
2009-12-03Name : SLES9: Security update for ethereal
File : nvt/sles9p5063382.nasl
2009-11-11Name : Mandriva Security Advisory MDVSA-2009:292 (wireshark)
File : nvt/mdksa_2009_292.nasl
2009-11-04Name : Wireshark 'wiretap/erf.c' Unsigned Integer Wrap Vulnerability - Nov09 (Linux)
File : nvt/gb_wireshark_wiretap_dos_vuln_nov09_lin.nasl
2009-11-04Name : Wireshark 'wiretap/erf.c' Unsigned Integer Wrap Vulnerability - Nov09 (Win)
File : nvt/gb_wireshark_wiretap_dos_vuln_nov09_win.nasl
2009-11-04Name : Wireshark 'DCERPC/NT' Dissector DOS Vulnerability - Nov09 (Linux)
File : nvt/gb_wireshark_dcerpcnt_dos_vuln_nov09_lin.nasl
2009-11-04Name : Wireshark 'DCERPC/NT' Dissector DOS Vulnerability - Nov09 (Win)
File : nvt/gb_wireshark_dcerpcnt_dos_vuln_nov09_win.nasl
2009-10-13Name : SLES10: Security update for ethereal
File : nvt/sles10_ethereal.nasl
2009-10-13Name : SLES10: Security update for ethereal
File : nvt/sles10_ethereal2.nasl
2009-10-11Name : SLES11: Security update for wireshark
File : nvt/sles11_wireshark.nasl
2009-10-10Name : SLES9: Security update for ethereal
File : nvt/sles9p5009131.nasl
2009-10-10Name : SLES9: Security update for ethereal
File : nvt/sles9p5040200.nasl

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2007-0066.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2008-0890.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0360.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-0313.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1100.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2008-0058.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2008-0059.nasl - Type : ACT_GATHER_INFO
2013-06-28Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2007-0709.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20081001_wireshark_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100420_wireshark_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090304_wireshark_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20071107_wireshark_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20071115_wireshark_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090615_wireshark_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20080121_wireshark_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2010-10-11Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_ethereal-6628.nasl - Type : ACT_GATHER_INFO
2010-05-11Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0360.nasl - Type : ACT_GATHER_INFO
2010-04-22Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0360.nasl - Type : ACT_GATHER_INFO
2010-02-24Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1942.nasl - Type : ACT_GATHER_INFO
2010-01-06Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2008-0058.nasl - Type : ACT_GATHER_INFO
2009-12-09Name : The remote SuSE 11 host is missing a security update.
File : suse_11_wireshark-091125.nasl - Type : ACT_GATHER_INFO
2009-12-04Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-292.nasl - Type : ACT_GATHER_INFO
2009-12-01Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_ethereal-6627.nasl - Type : ACT_GATHER_INFO
2009-12-01Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12530.nasl - Type : ACT_GATHER_INFO
2009-12-01Name : The remote openSUSE host is missing a security update.
File : suse_11_1_wireshark-091125.nasl - Type : ACT_GATHER_INFO