Executive Summary
Summary | |
---|---|
Title | Wireshark: Multiple vulnerabilities |
Informations | |||
---|---|---|---|
Name | GLSA-201110-02 | First vendor Publication | 2011-10-09 |
Vendor | Gentoo | Last vendor Modification | 2011-10-09 |
Severity (Vendor) | Normal | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Synopsis Multiple vulnerabilities in Wireshark allow for the remote execution of arbitrary code, or a Denial of Service condition. Background Description Impact Workaround Resolution References Availability http://security.gentoo.org/glsa/glsa-201110-02.xml |
Original Source
Url : http://security.gentoo.org/glsa/glsa-201110-02.xml |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
42 % | CWE-399 | Resource Management Errors |
39 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
16 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
3 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10970 | |||
Oval ID: | oval:org.mitre.oval:def:10970 | ||
Title: | DSA-2066 wireshark -- several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in the Wireshark network traffic analyzer. It was discovered that null pointer dereferences, buffer overflows and infinite loops in the SMB, SMB PIPE, ASN1.1 and SigComp dissectors could lead to denial of service or the execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2066 CVE-2010-2283 CVE-2010-2284 CVE-2010-2285 CVE-2010-2286 CVE-2010-2287 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | wireshark |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11488 | |||
Oval ID: | oval:org.mitre.oval:def:11488 | ||
Title: | Wireshark Dissector LWRES Multiple Buffer Overflow Vulnerabilities | ||
Description: | The SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-2285 | Version: | 11 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:11498 | |||
Oval ID: | oval:org.mitre.oval:def:11498 | ||
Title: | Untrusted search path vulnerability in Wireshark 0.8.4 through 1.0.15 and 1.2.0 through 1.2.10 | ||
Description: | Untrusted search path vulnerability in Wireshark 0.8.4 through 1.0.15 and 1.2.0 through 1.2.10 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse airpcap.dll, and possibly other DLLs, that is located in the same folder as a file that automatically launches Wireshark. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3133 | Version: | 13 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:11608 | |||
Oval ID: | oval:org.mitre.oval:def:11608 | ||
Title: | Wireshark Dissector LWRES Multiple Buffer Overflow Vulnerabilities | ||
Description: | The SMB dissector in Wireshark 0.99.6 through 1.0.13, and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-2283 | Version: | 11 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:11651 | |||
Oval ID: | oval:org.mitre.oval:def:11651 | ||
Title: | Vulnerability in packet-gsm_a_rr.c in the GSM A RR dissector in Wireshark | ||
Description: | packet-gsm_a_rr.c in the GSM A RR dissector in Wireshark 1.2.2 through 1.2.9 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger a NULL pointer dereference. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-2992 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:11775 | |||
Oval ID: | oval:org.mitre.oval:def:11775 | ||
Title: | DSA-2127-1 wireshark -- denial of service | ||
Description: | A flaw has been found in wireshark, a network protocol analyzer. It was found that the ASN.1 BER dissector was susceptible to a stack overflow, causing the application to crash. For the stable distribution, the problem has been fixed in version 1.0.2-3+lenny11. For the testing distribution and the unstable distribution, this problem has been fixed in version 1.2.11-3. We recommend that you upgrade your wireshark packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2127-1 CVE-2010-3445 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | wireshark |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11792 | |||
Oval ID: | oval:org.mitre.oval:def:11792 | ||
Title: | Wireshark Dissector LWRES Multiple Buffer Overflow Vulnerabilities | ||
Description: | The SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.7 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-2286 | Version: | 11 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:11836 | |||
Oval ID: | oval:org.mitre.oval:def:11836 | ||
Title: | Wireshark Dissector LWRES Multiple Buffer Overflow Vulnerabilities | ||
Description: | Buffer overflow in the SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-2287 | Version: | 11 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:11888 | |||
Oval ID: | oval:org.mitre.oval:def:11888 | ||
Title: | Wireshark Dissector LWRES Multiple Buffer Overflow Vulnerabilities | ||
Description: | Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-2284 | Version: | 11 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:12031 | |||
Oval ID: | oval:org.mitre.oval:def:12031 | ||
Title: | Vulnerability in IPMI dissector in Wireshark | ||
Description: | The IPMI dissector in Wireshark 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-2993 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:12047 | |||
Oval ID: | oval:org.mitre.oval:def:12047 | ||
Title: | Stack-based buffer overflow in the ASN.1 BER dissector in Wireshark | ||
Description: | Stack-based buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.14 and 1.2.0 through 1.2.9 has unknown impact and remote attack vectors. NOTE: this issue exists because of a CVE-2010-2284 regression. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-2994 | Version: | 10 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:12049 | |||
Oval ID: | oval:org.mitre.oval:def:12049 | ||
Title: | Vulnerability in SigComp Universal Decompressor Virtual Machine (UDVM) in Wireshark | ||
Description: | The SigComp Universal Decompressor Virtual Machine (UDVM) in Wireshark 0.10.8 through 1.0.14 and 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to sigcomp-udvm.c and an off-by-one error, which triggers a buffer overflow, different vulnerabilities than CVE-2010-2287. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-2995 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:12075 | |||
Oval ID: | oval:org.mitre.oval:def:12075 | ||
Title: | DSA-2274-1 wireshark -- several | ||
Description: | Huzaifa Sidhpurwala, David Maciejak and others discovered several vulnerabilities in the X.509if and DICOM dissectors and in the code to process various capture and dictionary files, which could lead to denial of service or the execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2274-1 CVE-2011-1590 CVE-2011-1957 CVE-2011-1958 CVE-2011-1959 CVE-2011-2174 CVE-2011-2175 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | wireshark |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12408 | |||
Oval ID: | oval:org.mitre.oval:def:12408 | ||
Title: | DSA-2101-1 wireshark -- several | ||
Description: | Several implementation errors in the dissector of the Wireshark network traffic analyzer for the ASN.1 BER protocol and in the SigComp Universal Decompressor Virtual Machine may lead to the execution of arbitrary code. For the stable distribution, these problems have been fixed in version 1.0.2-3+lenny10. For the unstable distribution, these problems have been fixed in version 1.2.10-1. We recommend that you upgrade your wireshark packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2101-1 CVE-2010-2994 CVE-2010-2995 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | wireshark |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12668 | |||
Oval ID: | oval:org.mitre.oval:def:12668 | ||
Title: | DSA-2144-1 wireshark -- buffer overflow | ||
Description: | It was discovered that a buffer overflow in the ENTTEC dissector may lead to the execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2144-1 CVE-2010-4538 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:13474 | |||
Oval ID: | oval:org.mitre.oval:def:13474 | ||
Title: | DSA-2066-1 wireshark -- several | ||
Description: | Several remote vulnerabilities have been discovered in the Wireshark network traffic analyzer. It was discovered that null pointer dereferences, buffer overflows and infinite loops in the SMB, SMB PIPE, ASN1.1 and SigComp dissectors could lead to denial of service or the execution of arbitrary code. For the stable distribution, these problems have been fixed in version 1.0.2-3+lenny9. For the upcoming stable distribution and the unstable distribution, these problems have been fixed in version 1.2.9-1. We recommend that you upgrade your wireshark packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2066-1 CVE-2010-2283 CVE-2010-2284 CVE-2010-2285 CVE-2010-2286 CVE-2010-2287 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | wireshark |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14283 | |||
Oval ID: | oval:org.mitre.oval:def:14283 | ||
Title: | Buffer overflow in the MAC-LTE dissector in Wireshark 1.2.0 through 1.2.13 and 1.4.0 through 1.4.2 | ||
Description: | Buffer overflow in the MAC-LTE dissector (epan/dissectors/packet-mac-lte.c) in Wireshark 1.2.0 through 1.2.13 and 1.4.0 through 1.4.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of RARs. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0444 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14287 | |||
Oval ID: | oval:org.mitre.oval:def:14287 | ||
Title: | Heap-based buffer overflow in the dissect_ldss_transfer function in the LDSS dissector in Wireshark 1.2.0 through 1.2.12 and 1.4.0 through 1.4.1 | ||
Description: | Heap-based buffer overflow in the dissect_ldss_transfer function (epan/dissectors/packet-ldss.c) in the LDSS dissector in Wireshark 1.2.0 through 1.2.12 and 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an LDSS packet with a long digest line that triggers memory corruption. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-4300 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14325 | |||
Oval ID: | oval:org.mitre.oval:def:14325 | ||
Title: | Vulnerability in dissect_dcm_main function in epan/dissectors/packet-dcm.c in the DICOM dissector in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 | ||
Description: | The dissect_dcm_main function in epan/dissectors/packet-dcm.c in the DICOM dissector in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (infinite loop) via an invalid PDU length. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1957 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14505 | |||
Oval ID: | oval:org.mitre.oval:def:14505 | ||
Title: | Vulnerability in ASN.1 BER dissector in Wireshark 1.4.0 through 1.4.2 | ||
Description: | The ASN.1 BER dissector in Wireshark 1.4.0 through 1.4.2 allows remote attackers to cause a denial of service (assertion failure) via crafted packets, as demonstrated by fuzz-2010-12-30-28473.pcap. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0445 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14605 | |||
Oval ID: | oval:org.mitre.oval:def:14605 | ||
Title: | Vulnerability in pcap-ng processing in Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3, and 1.5.0 | ||
Description: | Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3, and 1.5.0 frees an uninitialized pointer during processing of a .pcap file in the pcap-ng format, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed file. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0538 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14607 | |||
Oval ID: | oval:org.mitre.oval:def:14607 | ||
Title: | Stack consumption vulnerability in the dissect_ber_unknown function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.4.x before 1.4.1 and 1.2.x before 1.2.12 | ||
Description: | Stack consumption vulnerability in the dissect_ber_unknown function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.4.x before 1.4.1 and 1.2.x before 1.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a long string in an unknown ASN.1/BER encoded packet, as demonstrated using SNMP. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3445 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14610 | |||
Oval ID: | oval:org.mitre.oval:def:14610 | ||
Title: | ANSI MAP dissector vulnerability in Wireshark 1.4.x before 1.4.8 and 1.6.x before 1.6.1 | ||
Description: | Off-by-one error in the elem_cell_id_aux function in epan/dissectors/packet-ansi_a.c in the ANSI MAP dissector in Wireshark 1.4.x before 1.4.8 and 1.6.x before 1.6.1 allows remote attackers to cause a denial of service (infinite loop) via an invalid packet. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-2698 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14645 | |||
Oval ID: | oval:org.mitre.oval:def:14645 | ||
Title: | Integer underflow in the visual_read function in wiretap/visual.c vulnerability in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 | ||
Description: | Integer underflow in the visual_read function in wiretap/visual.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a malformed Visual Networks file that triggers a heap-based buffer over-read. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-2175 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14656 | |||
Oval ID: | oval:org.mitre.oval:def:14656 | ||
Title: | Vulnerability in the snoop_read function in wiretap/snoop.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 | ||
Description: | The snoop_read function in wiretap/snoop.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 does not properly handle certain virtualizable buffers, which allows remote attackers to cause a denial of service (application crash) via a large length value in a snoop file that triggers a stack-based buffer over-read. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1959 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14713 | |||
Oval ID: | oval:org.mitre.oval:def:14713 | ||
Title: | Vulnerability in ZigBee ZCL dissector in Wireshark 1.4.0 through 1.4.1 | ||
Description: | epan/dissectors/packet-zbee-zcl.c in the ZigBee ZCL dissector in Wireshark 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted ZCL packet, related to Discover Attributes. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-4301 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14715 | |||
Oval ID: | oval:org.mitre.oval:def:14715 | ||
Title: | Multiple stack consumption vulnerabilities in the dissect_ms_compressed_string and dissect_mscldap_string functions in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 | ||
Description: | Multiple stack consumption vulnerabilities in the dissect_ms_compressed_string and dissect_mscldap_string functions in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allow remote attackers to cause a denial of service (infinite recursion) via a crafted (1) SMB or (2) Connection-less LDAP (CLDAP) packet. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1140 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14724 | |||
Oval ID: | oval:org.mitre.oval:def:14724 | ||
Title: | Stack consumption vulnerability in the dissect_ber_choice function in the BER dissector in Wireshark 1.2.x through 1.2.15 and 1.4.x through 1.4.4 | ||
Description: | Stack consumption vulnerability in the dissect_ber_choice function in the BER dissector in Wireshark 1.2.x through 1.2.15 and 1.4.x through 1.4.4 might allow remote attackers to cause a denial of service (infinite loop) via vectors involving self-referential ASN.1 CHOICE values. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1142 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14766 | |||
Oval ID: | oval:org.mitre.oval:def:14766 | ||
Title: | Heap-based buffer overflow in wiretap/dct3trace.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 | ||
Description: | Heap-based buffer overflow in wiretap/dct3trace.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long record in a Nokia DCT3 trace file. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0713 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14777 | |||
Oval ID: | oval:org.mitre.oval:def:14777 | ||
Title: | Double free vulnerability in the tvb_uncompress function in epan/tvbuff.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 | ||
Description: | Double free vulnerability in the tvb_uncompress function in epan/tvbuff.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a packet with malformed data that uses zlib compression. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-2174 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14794 | |||
Oval ID: | oval:org.mitre.oval:def:14794 | ||
Title: | Lucent/Ascend file parser vulnerability in Wireshark 1.2.x before 1.2.18, 1.4.x through 1.4.7, and 1.6.0 | ||
Description: | The Lucent/Ascend file parser in Wireshark 1.2.x before 1.2.18, 1.4.x through 1.4.7, and 1.6.0 allows remote attackers to cause a denial of service (infinite loop) via malformed packets. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-2597 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14837 | |||
Oval ID: | oval:org.mitre.oval:def:14837 | ||
Title: | DSA-2324-1 wireshark -- programming error | ||
Description: | The Microsoft Vulnerability Research group discovered that insecure load path handling could lead to execution of arbitrary Lua script code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2324-1 CVE-2011-3360 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | wireshark |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14886 | |||
Oval ID: | oval:org.mitre.oval:def:14886 | ||
Title: | CSN.1 dissector in Wireshark 1.6.x before 1.6.2 denial of service vulnerability | ||
Description: | The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark 1.6.x before 1.6.2 does not initialize a certain structure member, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-3482 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14937 | |||
Oval ID: | oval:org.mitre.oval:def:14937 | ||
Title: | Buffer overflow in the sect_enttec_dmx_da function in epan/dissectors/packet-enttec.c in Wireshark 1.4.2 | ||
Description: | Buffer overflow in the sect_enttec_dmx_da function in epan/dissectors/packet-enttec.c in Wireshark 1.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ENTTEC DMX packet with Run Length Encoding (RLE) compression. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-4538 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14943 | |||
Oval ID: | oval:org.mitre.oval:def:14943 | ||
Title: | Vulnerability in bytes_repr_len function in Wireshark 1.4.5 | ||
Description: | The bytes_repr_len function in Wireshark 1.4.5 uses an incorrect pointer argument, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via arbitrary TCP traffic. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1956 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14971 | |||
Oval ID: | oval:org.mitre.oval:def:14971 | ||
Title: | Wireshark 1.6.x before 1.6.2 buffer exception handling vulnerability | ||
Description: | Wireshark 1.6.x before 1.6.2 allows remote attackers to cause a denial of service (application crash) via a malformed capture file that leads to an invalid root tvbuff, related to a "buffer exception handling vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-3483 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14974 | |||
Oval ID: | oval:org.mitre.oval:def:14974 | ||
Title: | Vulnerability in epan/dissectors/packet-ldap.c in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 | ||
Description: | epan/dissectors/packet-ldap.c in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (memory consumption) via (1) a long LDAP filter string or (2) an LDAP filter string containing many elements. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1141 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14987 | |||
Oval ID: | oval:org.mitre.oval:def:14987 | ||
Title: | NFS dissector in epan/dissectors/packet-nfs.c vulnerability in Wireshark 1.4.x before 1.4.5 on Windows | ||
Description: | The NFS dissector in epan/dissectors/packet-nfs.c in Wireshark 1.4.x before 1.4.5 on Windows uses an incorrect integer data type during decoding of SETCLIENTID calls, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1592 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14997 | |||
Oval ID: | oval:org.mitre.oval:def:14997 | ||
Title: | Vulnerability in wiretap/pcapng.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 | ||
Description: | wiretap/pcapng.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) via a pcap-ng file that contains a large packet-length field. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1139 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:15000 | |||
Oval ID: | oval:org.mitre.oval:def:15000 | ||
Title: | Stack-based buffer overflow in the DECT dissector in epan/dissectors/packet-dect.c in Wireshark 1.4.x before 1.4.5 | ||
Description: | Stack-based buffer overflow in the DECT dissector in epan/dissectors/packet-dect.c in Wireshark 1.4.x before 1.4.5 allows remote attackers to execute arbitrary code via a crafted .pcap file. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1591 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:15042 | |||
Oval ID: | oval:org.mitre.oval:def:15042 | ||
Title: | proto_tree_add_item function vulnerability in Wireshark 1.4.x through 1.4.8 and 1.6.0 through 1.6.1 | ||
Description: | The proto_tree_add_item function in Wireshark 1.6.0 through 1.6.1 and 1.4.0 through 1.4.8, when the IKEv1 protocol dissector is used, allows user-assisted remote attackers to cause a denial of service (infinite loop) via vectors involving a malformed IKE packet and many items in a tree. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-3266 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:15045 | |||
Oval ID: | oval:org.mitre.oval:def:15045 | ||
Title: | Diameter dictionary file vulnerability in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 | ||
Description: | Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows user-assisted remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Diameter dictionary file. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1958 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:15050 | |||
Oval ID: | oval:org.mitre.oval:def:15050 | ||
Title: | Vulnerability in X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 | ||
Description: | The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 does not properly initialize certain global variables, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1590 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:15059 | |||
Oval ID: | oval:org.mitre.oval:def:15059 | ||
Title: | Untrusted search path vulnerability in Wireshark 1.4.x before 1.4.9 and 1.6.x before 1.6.2 | ||
Description: | Untrusted search path vulnerability in Wireshark 1.4.x before 1.4.9 and 1.6.x before 1.6.2 allows local users to gain privileges via a Trojan horse Lua script in an unspecified directory. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-3360 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:16209 | |||
Oval ID: | oval:org.mitre.oval:def:16209 | ||
Title: | epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted .pcap file | ||
Description: | epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted .pcap file. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1143 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:16299 | |||
Oval ID: | oval:org.mitre.oval:def:16299 | ||
Title: | Off-by-one error in the dissect_6lowpan_iphc function in packet-6lowpan.c in Wireshark 1.4.0 through 1.4.3 on 32-bit platforms allows remote attackers to cause a denial of service (application crash) via a malformed 6LoWPAN IPv6 packet | ||
Description: | Off-by-one error in the dissect_6lowpan_iphc function in packet-6lowpan.c in Wireshark 1.4.0 through 1.4.3 on 32-bit platforms allows remote attackers to cause a denial of service (application crash) via a malformed 6LoWPAN IPv6 packet. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1138 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:18399 | |||
Oval ID: | oval:org.mitre.oval:def:18399 | ||
Title: | DSA-2201-1 wireshark - several | ||
Description: | Huzaifa Sidhpurwala, Joernchen, and Xiaopeng Zhang discovered several vulnerabilities in the Wireshark network traffic analyzer. Vulnerabilities in the DCT3, LDAP and SMB dissectors and in the code to parse pcag-ng files could lead to denial of service or the execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2201-1 CVE-2011-0538 CVE-2011-0713 CVE-2011-1139 CVE-2011-1140 CVE-2011-1141 | Version: | 7 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | wireshark |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21259 | |||
Oval ID: | oval:org.mitre.oval:def:21259 | ||
Title: | RHSA-2011:0013: wireshark security update (Moderate) | ||
Description: | Buffer overflow in the sect_enttec_dmx_da function in epan/dissectors/packet-enttec.c in Wireshark 1.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ENTTEC DMX packet with Run Length Encoding (RLE) compression. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:0013-02 CVE-2010-4538 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 | Product(s): | wireshark |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21771 | |||
Oval ID: | oval:org.mitre.oval:def:21771 | ||
Title: | RHSA-2011:0370: wireshark security update (Moderate) | ||
Description: | epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted .pcap file. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:0370-01 CESA-2011:0370 CVE-2010-3445 CVE-2011-0024 CVE-2011-0538 CVE-2011-1139 CVE-2011-1140 CVE-2011-1141 CVE-2011-1143 | Version: | 94 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:21869 | |||
Oval ID: | oval:org.mitre.oval:def:21869 | ||
Title: | RHSA-2011:0369: wireshark security update (Moderate) | ||
Description: | epan/dissectors/packet-ldap.c in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (memory consumption) via (1) a long LDAP filter string or (2) an LDAP filter string containing many elements. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:0369-01 CVE-2011-0444 CVE-2011-0538 CVE-2011-0713 CVE-2011-1139 CVE-2011-1140 CVE-2011-1141 | Version: | 81 |
Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:21990 | |||
Oval ID: | oval:org.mitre.oval:def:21990 | ||
Title: | RHSA-2010:0924: wireshark security update (Moderate) | ||
Description: | Heap-based buffer overflow in the dissect_ldss_transfer function (epan/dissectors/packet-ldss.c) in the LDSS dissector in Wireshark 1.2.0 through 1.2.12 and 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an LDSS packet with a long digest line that triggers memory corruption. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2010:0924-01 CVE-2010-3445 CVE-2010-4300 | Version: | 29 |
Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22021 | |||
Oval ID: | oval:org.mitre.oval:def:22021 | ||
Title: | RHSA-2010:0625: wireshark security update (Moderate) | ||
Description: | The SigComp Universal Decompressor Virtual Machine (UDVM) in Wireshark 0.10.8 through 1.0.14 and 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to sigcomp-udvm.c and an off-by-one error, which triggers a buffer overflow, different vulnerabilities than CVE-2010-2287. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2010:0625-01 CESA-2010:0625 CVE-2010-1455 CVE-2010-2283 CVE-2010-2284 CVE-2010-2286 CVE-2010-2287 CVE-2010-2995 | Version: | 81 |
Platform(s): | Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22896 | |||
Oval ID: | oval:org.mitre.oval:def:22896 | ||
Title: | ELSA-2011:0369: wireshark security update (Moderate) | ||
Description: | epan/dissectors/packet-ldap.c in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (memory consumption) via (1) a long LDAP filter string or (2) an LDAP filter string containing many elements. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:0369-01 CVE-2011-0444 CVE-2011-0538 CVE-2011-0713 CVE-2011-1139 CVE-2011-1140 CVE-2011-1141 | Version: | 29 |
Platform(s): | Oracle Linux 6 | Product(s): | wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22926 | |||
Oval ID: | oval:org.mitre.oval:def:22926 | ||
Title: | DEPRECATED: ELSA-2011:0013: wireshark security update (Moderate) | ||
Description: | Buffer overflow in the sect_enttec_dmx_da function in epan/dissectors/packet-enttec.c in Wireshark 1.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ENTTEC DMX packet with Run Length Encoding (RLE) compression. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:0013-02 CVE-2010-4538 | Version: | 7 |
Platform(s): | Oracle Linux 6 Oracle Linux 5 | Product(s): | wireshark |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23018 | |||
Oval ID: | oval:org.mitre.oval:def:23018 | ||
Title: | ELSA-2010:0625: wireshark security update (Moderate) | ||
Description: | The SigComp Universal Decompressor Virtual Machine (UDVM) in Wireshark 0.10.8 through 1.0.14 and 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to sigcomp-udvm.c and an off-by-one error, which triggers a buffer overflow, different vulnerabilities than CVE-2010-2287. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010:0625-01 CVE-2010-1455 CVE-2010-2283 CVE-2010-2284 CVE-2010-2286 CVE-2010-2287 CVE-2010-2995 | Version: | 31 |
Platform(s): | Oracle Linux 3 Oracle Linux 4 Oracle Linux 5 | Product(s): | wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23063 | |||
Oval ID: | oval:org.mitre.oval:def:23063 | ||
Title: | ELSA-2011:0013: wireshark security update (Moderate) | ||
Description: | Buffer overflow in the sect_enttec_dmx_da function in epan/dissectors/packet-enttec.c in Wireshark 1.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ENTTEC DMX packet with Run Length Encoding (RLE) compression. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:0013-02 CVE-2010-4538 | Version: | 6 |
Platform(s): | Oracle Linux 6 Oracle Linux 5 | Product(s): | wireshark |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23150 | |||
Oval ID: | oval:org.mitre.oval:def:23150 | ||
Title: | ELSA-2011:0370: wireshark security update (Moderate) | ||
Description: | epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted .pcap file. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:0370-01 CVE-2010-3445 CVE-2011-0024 CVE-2011-0538 CVE-2011-1139 CVE-2011-1140 CVE-2011-1141 CVE-2011-1143 | Version: | 33 |
Platform(s): | Oracle Linux 5 | Product(s): | wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23387 | |||
Oval ID: | oval:org.mitre.oval:def:23387 | ||
Title: | ELSA-2010:0924: wireshark security update (Moderate) | ||
Description: | Heap-based buffer overflow in the dissect_ldss_transfer function (epan/dissectors/packet-ldss.c) in the LDSS dissector in Wireshark 1.2.0 through 1.2.12 and 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an LDSS packet with a long digest line that triggers memory corruption. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010:0924-01 CVE-2010-3445 CVE-2010-4300 | Version: | 13 |
Platform(s): | Oracle Linux 6 | Product(s): | wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26393 | |||
Oval ID: | oval:org.mitre.oval:def:26393 | ||
Title: | Heap based buffer overflow vulnerability in Wireshark before 1.2 | ||
Description: | Heap-based buffer overflow in wiretap/pcapng.c in Wireshark before 1.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted capture file. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0024 | Version: | 4 |
Platform(s): | Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2 | Product(s): | Wireshark |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27893 | |||
Oval ID: | oval:org.mitre.oval:def:27893 | ||
Title: | DEPRECATED: ELSA-2011-0369 -- wireshark security update (moderate) | ||
Description: | [1.2.15-1.0.1.el6_0.1] - Add oracle-ocfs2-network.patch to allow disassembly of OCFS2 interconnect [1.2.15-1] - upgrade to 1.2.15 - see http://www.wireshark.org/docs/relnotes/wireshark-1.2.14.html - see http://www.wireshark.org/docs/relnotes/wireshark-1.2.15.html - Resolves: CVE-2011-0444 CVE-2011-0538 CVE-2011-0713 CVE-2011-1139 CVE-2011-1140 CVE-2011-1141 CVE-2011-1143 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-0369 CVE-2011-0444 CVE-2011-0538 CVE-2011-0713 CVE-2011-1139 CVE-2011-1140 CVE-2011-1141 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | wireshark |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
SAINT Exploits
Description | Link |
---|---|
Wireshark Lua Untrusted Search Path vulnerability | More info here |
Wireshark DECT Dissector PCAP File Processing Overflow | More info here |
Wireshark DECT Dissector Remote Stack Buffer Overflow | More info here |
OpenVAS Exploits
Date | Description |
---|---|
2012-08-14 | Name : Fedora Update for tomcat6 FEDORA-2012-7593 File : nvt/gb_fedora_2012_7593_tomcat6_fc16.nasl |
2012-07-30 | Name : CentOS Update for wireshark CESA-2011:0013 centos4 x86_64 File : nvt/gb_CESA-2011_0013_wireshark_centos4_x86_64.nasl |
2012-07-30 | Name : CentOS Update for wireshark CESA-2011:0370 centos5 x86_64 File : nvt/gb_CESA-2011_0370_wireshark_centos5_x86_64.nasl |
2012-07-30 | Name : CentOS Update for wireshark CESA-2012:0509 centos6 File : nvt/gb_CESA-2012_0509_wireshark_centos6.nasl |
2012-07-30 | Name : Wireshark ASN.1 BER Dissector Denial of Service Vulnerability (Mac OS X) File : nvt/gb_wireshark_asn1ber_dissector_dos_vuln_mac.nasl |
2012-07-30 | Name : Wireshark MAC-LTE dissector Buffer Overflow Vulnerability (Mac OS X) File : nvt/gb_wireshark_mac_lte_dissector_bof_vuln_mac.nasl |
2012-07-09 | Name : RedHat Update for wireshark RHSA-2012:0509-01 File : nvt/gb_RHSA-2012_0509-01_wireshark.nasl |
2012-06-29 | Name : Wireshark Multiple Denial of Service Vulnerabilities June-11 (Mac OS X) File : nvt/secpod_wireshark_mult_dos_vuln_jun11_macosx.nasl |
2012-06-27 | Name : Wireshark Denial of Service Vulnerability-01 March 11 (Mac OS X) File : nvt/gb_wireshark_dos_vuln01_mar11_macosx.nasl |
2012-06-27 | Name : Wireshark Denial of Service Vulnerability-02 March 11 (Mac OS X) File : nvt/gb_wireshark_dos_vuln02_mar11_macosx.nasl |
2012-06-27 | Name : Wireshark Denial of Service Vulnerability March-11 (Mac OS X) File : nvt/gb_wireshark_dos_vuln_mar11_macosx.nasl |
2012-06-27 | Name : Wireshark Multiple Vulnerabilities-01 March 11 (Mac OS X) File : nvt/gb_wireshark_mult_vuln01_mar11_macosx.nasl |
2012-06-27 | Name : Wireshark Multiple Vulnerabilities March-11 (Mac OS X) File : nvt/gb_wireshark_mult_vuln_mar11_macosx.nasl |
2012-06-06 | Name : RedHat Update for wireshark RHSA-2011:0369-01 File : nvt/gb_RHSA-2011_0369-01_wireshark.nasl |
2012-05-04 | Name : Wireshark BER Dissector Stack Consumption Vulnerability (Mac OS X) File : nvt/gb_wireshark_ber_dissector_stack_consumption_vuln_macosx.nasl |
2012-05-04 | Name : Wireshark LDSS Dissector Buffer Overflow Vulnerability (Mac OS X) File : nvt/gb_wireshark_ldss_dissector_bof_vuln_macosx.nasl |
2012-05-04 | Name : Wireshark ZigBee ZCL Dissector Denial of Service Vulnerability (Mac OS X) File : nvt/gb_wireshark_zigbee_zcl_dissector_dos_vuln_macosx.nasl |
2012-05-03 | Name : Wireshark Lucent/Ascend File Parser Denial of Service Vulnerability (Mac OS X) File : nvt/gb_wireshark_lucent_ascend_file_parser_dos_vuln_macosx.nasl |
2012-05-02 | Name : Wireshark ANSI A MAP Files Denial of Service Vulnerability (Mac OS X) File : nvt/gb_wireshark_ansi_map_dos_vuln_macosx.nasl |
2012-05-02 | Name : Wireshark Code Execution and Denial of Service Vulnerabilities (Mac OS X) File : nvt/gb_wireshark_code_exec_n_dos_vuln_macosx.nasl |
2012-05-02 | Name : Wireshark Multiple Denial of Service Vulnerabilities (Mac OS X) File : nvt/gb_wireshark_mult_dos_vuln_macosx_oct11.nasl |
2012-04-26 | Name : Wireshark X.509if Dissector Denial of Service Vulnerability (Mac OS X) File : nvt/secpod_wireshark_dissector_dos_vuln_macosx.nasl |
2012-04-25 | Name : Wireshark DECT Buffer Overflow Vulnerability (Mac OS X) File : nvt/secpod_wireshark_dect_bof_vuln_macosx.nasl |
2012-04-25 | Name : Wireshark Denial of Service Vulnerability (Mac OS X) File : nvt/secpod_wireshark_dos_vuln_macosx.nasl |
2012-04-02 | Name : Fedora Update for wireshark FEDORA-2011-12399 File : nvt/gb_fedora_2011_12399_wireshark_fc16.nasl |
2012-02-12 | Name : Gentoo Security Advisory GLSA 201110-02 (wireshark) File : nvt/glsa_201110_02.nasl |
2012-02-11 | Name : Debian Security Advisory DSA 2324-1 (wireshark) File : nvt/deb_2324_1.nasl |
2012-02-11 | Name : Debian Security Advisory DSA 2395-1 (wireshark) File : nvt/deb_2395_1.nasl |
2011-10-04 | Name : Wireshark Lua Script File Arbitrary Code Execution Vulnerability (Windows) File : nvt/gb_wireshark_lua_script_code_exec_vuln_win.nasl |
2011-10-04 | Name : Wireshark Multiple Denial of Service Vulnerabilities (Windows) File : nvt/gb_wireshark_mult_dos_vuln_win_oct11.nasl |
2011-09-23 | Name : Fedora Update for wireshark FEDORA-2011-12423 File : nvt/gb_fedora_2011_12423_wireshark_fc14.nasl |
2011-09-20 | Name : Fedora Update for wireshark FEDORA-2011-12403 File : nvt/gb_fedora_2011_12403_wireshark_fc15.nasl |
2011-08-26 | Name : Wireshark ANSI A MAP Files Denial of Service Vulnerability (Win) File : nvt/secpod_wireshark_ansi_map_dos_vuln_win.nasl |
2011-08-26 | Name : Wireshark IKE Packet Denial of Service Vulnerability (Win) File : nvt/secpod_wireshark_ike_packet_dos_vuln_win.nasl |
2011-08-12 | Name : Fedora Update for wireshark FEDORA-2011-9638 File : nvt/gb_fedora_2011_9638_wireshark_fc15.nasl |
2011-08-12 | Name : Fedora Update for wireshark FEDORA-2011-9640 File : nvt/gb_fedora_2011_9640_wireshark_fc14.nasl |
2011-08-09 | Name : CentOS Update for wireshark CESA-2011:0370 centos5 i386 File : nvt/gb_CESA-2011_0370_wireshark_centos5_i386.nasl |
2011-08-03 | Name : Debian Security Advisory DSA 2274-1 (wireshark) File : nvt/deb_2274_1.nasl |
2011-07-27 | Name : Mandriva Update for wireshark MDVSA-2011:118 (wireshark) File : nvt/gb_mandriva_MDVSA_2011_118.nasl |
2011-07-14 | Name : Wireshark Lucent/Ascend File Parser Denial of Service Vulnerability (Win) File : nvt/gb_wireshark_lucent_ascend_file_parser_dos_vuln_win.nasl |
2011-07-12 | Name : Fedora Update for wireshark FEDORA-2011-7821 File : nvt/gb_fedora_2011_7821_wireshark_fc15.nasl |
2011-06-20 | Name : Fedora Update for wireshark FEDORA-2011-7846 File : nvt/gb_fedora_2011_7846_wireshark_fc14.nasl |
2011-06-20 | Name : Fedora Update for wireshark FEDORA-2011-7858 File : nvt/gb_fedora_2011_7858_wireshark_fc13.nasl |
2011-06-13 | Name : Wireshark 'bytes_repr_len' Denial of Service Vulnerability (Mac OS X) File : nvt/gb_wireshark_bytes_repr_len_dos_vuln_macosx.nasl |
2011-06-13 | Name : Wireshark 'bytes_repr_len' Function Denial of Service Vulnerability (Windows) File : nvt/gb_wireshark_bytes_repr_len_dos_vuln_win.nasl |
2011-06-13 | Name : Wireshark Multiple Denial of Service Vulnerabilities (Windows) File : nvt/gb_wireshark_mult_dos_vuln_win_jun11.nasl |
2011-05-17 | Name : Mandriva Update for wireshark MDVSA-2011:083 (wireshark) File : nvt/gb_mandriva_MDVSA_2011_083.nasl |
2011-05-16 | Name : Wireshark X.509if Dissector Denial of service vulnerability (Windows) File : nvt/gb_wireshark_dissector_dos_vuln_win_may11.nasl |
2011-05-16 | Name : Wireshark Denial of Service and Buffer Overflow Vulnerabilities (Windows) File : nvt/gb_wireshark_mult_vuln_win_may11.nasl |
2011-05-12 | Name : Debian Security Advisory DSA 2201-1 (wireshark) File : nvt/deb_2201_1.nasl |
2011-05-05 | Name : Fedora Update for wireshark FEDORA-2011-5529 File : nvt/gb_fedora_2011_5529_wireshark_fc13.nasl |
2011-05-05 | Name : Fedora Update for wireshark FEDORA-2011-5569 File : nvt/gb_fedora_2011_5569_wireshark_fc14.nasl |
2011-03-25 | Name : CentOS Update for wireshark CESA-2011:0370 centos4 i386 File : nvt/gb_CESA-2011_0370_wireshark_centos4_i386.nasl |
2011-03-24 | Name : RedHat Update for wireshark RHSA-2011:0370-01 File : nvt/gb_RHSA-2011_0370-01_wireshark.nasl |
2011-03-15 | Name : Fedora Update for wireshark FEDORA-2011-2620 File : nvt/gb_fedora_2011_2620_wireshark_fc13.nasl |
2011-03-15 | Name : Fedora Update for wireshark FEDORA-2011-2632 File : nvt/gb_fedora_2011_2632_wireshark_fc14.nasl |
2011-03-15 | Name : Mandriva Update for wireshark MDVSA-2011:044 (wireshark) File : nvt/gb_mandriva_MDVSA_2011_044.nasl |
2011-03-09 | Name : Wireshark Denial of Service Vulnerability March-11 (Windows) File : nvt/gb_wireshark_dos_vuln_mar11_win.nasl |
2011-03-09 | Name : Wireshark Denial of Service Vulnerability - March-11 (Windows) File : nvt/gb_wireshark_dos_vuln_mar11_win01.nasl |
2011-03-09 | Name : Wireshark Denial of Service Vulnerability March-11 (Windows) File : nvt/gb_wireshark_dos_vuln_mar11_win02.nasl |
2011-03-09 | Name : Wireshark Multiple Vulnerabilities - March-11 (Windows) File : nvt/gb_wireshark_mult_vuln_mar11_win.nasl |
2011-03-09 | Name : Wireshark Multiple Vulnerabilities March-11 (Windows) File : nvt/gb_wireshark_mult_vuln_mar11_win01.nasl |
2011-03-07 | Name : Debian Security Advisory DSA 2144-1 (wireshark) File : nvt/deb_2144_1.nasl |
2011-02-15 | Name : Wireshark Denial of Service Vulnerability (Linux) File : nvt/gb_wireshark_dos_vuln_lin.nasl |
2011-02-15 | Name : Wireshark Denial of Service Vulnerability (Windows) File : nvt/gb_wireshark_dos_vuln_win.nasl |
2011-02-04 | Name : Fedora Update for wireshark FEDORA-2011-0450 File : nvt/gb_fedora_2011_0450_wireshark_fc14.nasl |
2011-02-04 | Name : Fedora Update for wireshark FEDORA-2011-0460 File : nvt/gb_fedora_2011_0460_wireshark_fc13.nasl |
2011-01-31 | Name : CentOS Update for wireshark CESA-2011:0013 centos4 i386 File : nvt/gb_CESA-2011_0013_wireshark_centos4_i386.nasl |
2011-01-31 | Name : Wireshark ASN.1 BER Dissector Denial of Service Vulnerability (Win) File : nvt/gb_wireshark_asn1ber_dissector_dos_vuln_win.nasl |
2011-01-31 | Name : Wireshark MAC-LTE dissector Buffer Overflow Vulnerability (Win) File : nvt/gb_wireshark_mac_lte_dissector_bof_vuln_win.nasl |
2011-01-27 | Name : Wireshark ENTTEC DMX Data RLE Buffer Overflow Vulnerability (Win) File : nvt/gb_wireshark_enttec_dmx_data_rle_bof_vuln_win.nasl |
2011-01-21 | Name : Mandriva Update for wireshark MDVSA-2011:007 (wireshark) File : nvt/gb_mandriva_MDVSA_2011_007.nasl |
2011-01-14 | Name : RedHat Update for wireshark RHSA-2011:0013-01 File : nvt/gb_RHSA-2011_0013-01_wireshark.nasl |
2011-01-14 | Name : Fedora Update for wireshark FEDORA-2011-0128 File : nvt/gb_fedora_2011_0128_wireshark_fc14.nasl |
2011-01-14 | Name : Fedora Update for wireshark FEDORA-2011-0167 File : nvt/gb_fedora_2011_0167_wireshark_fc13.nasl |
2011-01-11 | Name : Mandriva Update for wireshark MDVSA-2011:002 (wireshark) File : nvt/gb_mandriva_MDVSA_2011_002.nasl |
2010-12-09 | Name : Wireshark BER Dissector Stack Consumption Vulnerability (Win) File : nvt/gb_wireshark_ber_dissector_stack_consumption_vuln_win.nasl |
2010-12-09 | Name : Wireshark LDSS Dissector Buffer Overflow Vulnerability (Win) File : nvt/gb_wireshark_ldss_dissector_bof_vuln_win.nasl |
2010-12-09 | Name : Wireshark ZigBee ZCL Dissector Denial of Service Vulnerability (Win) File : nvt/gb_wireshark_zigbee_zcl_dissector_dos_vuln_win.nasl |
2010-12-02 | Name : Mandriva Update for wireshark MDVSA-2010:242 (wireshark) File : nvt/gb_mandriva_MDVSA_2010_242.nasl |
2010-11-17 | Name : FreeBSD Ports: wireshark File : nvt/freebsd_wireshark5.nasl |
2010-10-19 | Name : Mandriva Update for wireshark MDVSA-2010:200 (wireshark) File : nvt/gb_mandriva_MDVSA_2010_200.nasl |
2010-10-10 | Name : Debian Security Advisory DSA 2101-1 (wireshark) File : nvt/deb_2101_1.nasl |
2010-09-07 | Name : Fedora Update for wireshark FEDORA-2010-13416 File : nvt/gb_fedora_2010_13416_wireshark_fc13.nasl |
2010-09-07 | Name : Fedora Update for wireshark FEDORA-2010-13427 File : nvt/gb_fedora_2010_13427_wireshark_fc12.nasl |
2010-09-01 | Name : Wireshark File Opening Insecure Library Loading Vulnerability (Windows) File : nvt/secpod_wireshark_insecure_lib_load_vuln_win.nasl |
2010-08-30 | Name : CentOS Update for wireshark CESA-2010:0625 centos4 i386 File : nvt/gb_CESA-2010_0625_wireshark_centos4_i386.nasl |
2010-08-19 | Name : Wireshark Stack-based Buffer Overflow Vulnerability (Win) File : nvt/gb_wireshark_dissector_bof_vuln_win.nasl |
2010-08-19 | Name : Wireshark 'packet-gsm_a_rr.c' Denial of Service Vulnerability (Win) File : nvt/gb_wireshark_dissector_dos_vuln_win.nasl |
2010-08-19 | Name : Wireshark 'IPMI dissector' Denial of Service Vulnerability (Win) File : nvt/gb_wireshark_ipmi_dissector_dos_vuln_win.nasl |
2010-08-19 | Name : Wireshark Multiple Vulnerabilities (win) File : nvt/gb_wireshark_mult_vuln_win.nasl |
2010-08-13 | Name : RedHat Update for wireshark RHSA-2010:0625-01 File : nvt/gb_RHSA-2010_0625-01_wireshark.nasl |
2010-08-06 | Name : Mandriva Update for wireshark MDVSA-2010:144 (wireshark) File : nvt/gb_mandriva_MDVSA_2010_144.nasl |
2010-07-06 | Name : Debian Security Advisory DSA 2066-1 (wireshark) File : nvt/deb_2066_1.nasl |
2010-06-22 | Name : Wireshark ASN.1 BER Dissector Buffer Overflow Vulnerability (Windows) File : nvt/secpod_wireshark_asn_ber_dissector_bof_vuln_win.nasl |
2010-06-22 | Name : Wireshark SigComp Universal Decompressor Virtual Machine dissector BOF Vulner... File : nvt/secpod_wireshark_sigcomp_dissector_bof_vuln_win.nasl |
2010-06-22 | Name : Wireshark SigComp Universal Decompressor Virtual Machine dissector DOS Vulner... File : nvt/secpod_wireshark_sigcomp_dissector_dos_vuln_win.nasl |
2010-06-22 | Name : Wireshark SMB dissector Denial of Service Vulnerability (Windows) File : nvt/secpod_wireshark_smb_dissector_dos_vuln_win.nasl |
2010-06-22 | Name : Wireshark SMB PIPE Dissector Denial of Service Vulnerability (Windows) File : nvt/secpod_wireshark_smb_pipe_dissector_dos_vuln_win.nasl |
2010-06-11 | Name : Mandriva Update for wireshark MDVSA-2010:113 (wireshark) File : nvt/gb_mandriva_MDVSA_2010_113.nasl |
2010-04-09 | Name : Mandriva Update for rpmdrake MDVA-2010:113 (rpmdrake) File : nvt/gb_mandriva_MDVA_2010_113.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
75348 | Wireshark CSN.1 Dissector Packet Handling Remote DoS |
75347 | Wireshark DLL Hijacking Path Subversion Local Privilege Escalation |
75346 | Wireshark Packet Trace File Handling Remote DoS |
74732 | Wireshark IKEv1 Protocol Dissector proto_tree_add_item Function Infinite Loop... |
74731 | Wireshark ANSI MAP Dissector epan/dissectors/packet-ansi_a.c elem_cell_id_aux... |
73687 | Wireshark Lucent / Ascend File Parser Infinite Loop DoS |
73403 | Wireshark wiretap/pcapng.c Crafted Capture File Overflow DoS |
72979 | Wireshark wiretap/visual.c visual_read Function Visual Networks File Handling... |
72978 | Wireshark epan/tvbuff.c tvb_uncompress Function Double-free Remote DoS |
72977 | Wireshark wiretap/snoop.c snoop_read Function Virtualizable Buffer Handling R... |
72976 | Wireshark Diameter Dictionary File Handling Remote DoS |
72975 | Wireshark DICOM Dissector epan/dissectors/packet-dcm.c dissect_dcm_main Funct... |
72974 | Wireshark bytes_repr_len Function NULL Dereference Remote DoS |
71848 | Wireshark epan/dissectors/packet-dect.c DECT Dissector Overflow Wireshark is prone to an overflow condition. The DECT dissector in epan/dissectors/packet-dect.c fails to properly sanitize user-supplied input resulting in a buffer overflow. With a specially crafted packet, a remote attacker can potentially execute arbitrary code. |
71847 | Wireshark on Windows epan/dissectors/packet-nfs.c NFS Dissector DoS Wireshark on Windows contains a flaw that may allow a remote denial of service. The issue is triggered when a data type mismatch error occurs within the NFS dissector in epan/dissectors/packet-nfs.c, allowing an attacker to cause a denial of service via specially crafted packets. |
71846 | Wireshark X.509if Dissector Use-after-free DoS Wireshark contains a flaw that may allow a remote denial of service. The issue is triggered when a use-after-free error occurs within the X.509if dissector, allowing an attacker to cause a denial of service via specially crafted packets. |
71556 | Wireshark pcap-ng File Handling Memory Corruption A memory corruption flaw exists in Wireshark. The program frees an uninitialized pointer when processing .pcap files, resulting in memory corruption. With a specially crafted .pcap file, a context-dependent attacker can execute arbitrary code. |
71555 | Wireshark pcap-ng Large packet-length Field DoS Wireshark contains a flaw that may allow a remote denial of service. The issue is triggered when the wiretap/pcapng.c process fails to properly sanitize user-supplied input when handling pcap-ng files containing large packet-length fields, allowing a remote attacker to cause a denial of service. |
71554 | Wireshark Nokia DCT3 Trace File Handling Overflow Wireshark is prone to an overflow condition. The wiretap/dct3trace.c process fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted long record in a Nokia DCT3 trace file, a context-dependent attacker can potentially execute arbitrary code. |
71553 | Wireshark Multiple Function SMB Packet Handling DoS Wireshark contains a flaw that may allow a remote of service. The issue is triggered when an attacker directs an infinite recursive function call to the 'dissect_ms_compressed_string' and 'dissect_mscldap_string' functions via a a crafted SMB packet, resulting in a loss of availability. |
71552 | Wireshark Multiple Function CLDAP Packet Handling DoS Wireshark contains a flaw that may allow a remote of service. The issue is triggered when an attacker directs an infinite recursive function call to the 'dissect_ms_compressed_string' and 'dissect_mscldap_string' functions via a a crafted SMB orConnection-less LDAP (CLDAP) packet, resulting in a loss of availability. |
71551 | Wireshark packet-6lowpan.c dissect_6lowpan_iphc function Function Off-by-One ... Wireshark is prone to an overflow condition. The 'dissect_6lowpan_iphc()' function fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted 6LoWPAN IPv6 packet, a remote attacker can potentially cause a denial of service. |
71550 | Wireshark LDAP Dissector Filter String Memory Consumption DoS Wireshark contains a flaw that may allow a remote denial of service. The issue is triggered when 'epan/dissectors/packet-ldap.c' (LDAP Dissector) fails to properly process filter strings, allowing an attacker to use a crafted filter string to cause a denial of service via memory consumption. |
71549 | Wireshark BER Dissector ASN.1 CHOICE Value DoS Wireshark contains a flaw that may allow a remote denial of service. The issue is triggered when a stack consumption vulnerability occurs in the 'dissect_ber_choice' function in the 'BER dissector', allowing a remote attacker to cause an infinite loop denial of service via self-referential ASN.1 CHOICE values. |
71548 | Wireshark NTLMSSP Dissector PCAP File Handling DoS Wireshark contains a flaw that may allow a denial of service. The issue is triggered when the 'dissect_ntlmssp_string()' function in 'epan/dissectors/packet-ntlmssp.c' suffers a NULL pointer dereference error, allowing a context-dependent attacker to use a crafted pcap file to cause a denial of service. |
70403 | Wireshark MAC-LTE Dissector RAR Saturation Overflow Wireshark is prone to an overflow condition. The MAC-LTE dissector fails to properly sanitize user-supplied input resulting in a buffer overflow. With a saturation of RAR files, a context-dependent attacker can cause a denial of service. It is possible, though not yet confirmed, that this may allow the execution of arbitrary code as well. |
70402 | Wireshark ASN.1 BER Dissector Crafted Packet Handling Assertion Failure DoS Wireshark contains a flaw that may allow a remote denial of service. The issue is triggered when the ASN.1 BER dissector suffers from an assertation failure, allowing a remote attacker to cause a denial of service via crafted packets. |
70244 | Wireshark ENTTEC Dissector epan/dissectors/packet-enttec.c dissect_enttec_dmx... Wireshark is prone to an overflow condition. The the 'dissect_enttec_dmx_data()' function fails to properly sanitize user-supplied input resulting in a buffer overflow. With a specially crafted packet sent to UDP port 3333, a remote attacker can potentially execute arbitrary code. |
69355 | Wireshark ZigBee ZCL Discover Attribute Response Dissector Infinite Loop DoS Wireshark contains a flaw that may allow a remote denial of service. The issue is triggered when the ZigBee ZCL Discover Attribute Response Dissector is made to enter an infinite loop, and will result in loss of availability for the service. |
69354 | Wireshark LDSS Dissector epan/dissectors/packet-ldss.c dissect_ldss_transfer(... Wireshark is prone to an overflow condition. The program fails to properly sanitize user-supplied input resulting in a heap overflow. With a specially crafted request, a remote attacker can potentially cause a denial of service. |
68129 | Wireshark ASN.1 BER Dissector epan/dissectors/packet-ber.c dissect_unknown_be... |
67504 | Wireshark Path Subversion Arbitrary DLL Injection Code Execution Wireshark is prone to a flaw in the way it loads dynamic-link libraries (e.g., airpcap.dll). The program uses a fixed path to look for specific files or libraries. This path includes directories that may not be trusted or under user control. By placing a custom version of the file or library in the path, the program will load it before the legitimate version. This allows an attacker to inject custom code that will be run with the privilege of the program or user executing the program. This can be done by tricking a user into opening a .5vw, .acp, .apc, .atc, .bfr, .cap, .enc, .erf, .fdc, .pcap, .pcapng, .pkt, .rf5, .snoop, .syc, .tpc, .tr1, .trace, .trc, .wpc or .wpz file from the local file system or a USB drive in some cases. This attack can be leveraged remotely in some cases by placing the malicious file or library on a network share or extracted archive downloaded from a remote source. |
67191 | Wireshark SigComp Universal Decompressor Virtual Machine sigcomp-udvm.c Off-b... |
66793 | Wireshark IPMI Dissector Infinite Loop DoS |
66792 | Wireshark GSM A RR Dissector NULL Dereference DoS |
65375 | Wireshark SigComp Universal Decompressor Virtual Machine Overflow |
65374 | Wireshark SigComp Universal Decompressor Virtual Machine Infinite Loop DoS |
65373 | Wireshark SMB PIPE Dissector NULL Dereference DoS |
65372 | Wireshark ASN.1 BER Dissector Overflow |
65371 | Wireshark SMB Dissector NULL Dereference DoS |
Snort® IPS/IDS
Date | Description |
---|---|
2017-11-30 | Wireshark Sigcomp buffer overflow attempt RuleID : 44676 - Revision : 2 - Type : SERVER-OTHER |
2017-08-23 | Wireshark ENTTEC DMX RLE buffer overflow attempt RuleID : 43602 - Revision : 3 - Type : SERVER-OTHER |
2017-08-23 | Wireshark ENTTEC DMX RLE buffer overflow attempt RuleID : 43601 - Revision : 2 - Type : FILE-OTHER |
2017-08-23 | Wireshark ENTTEC DMX RLE buffer overflow attempt RuleID : 43600 - Revision : 2 - Type : FILE-OTHER |
2016-03-14 | Wireshark DECT packet dissector overflow attempt RuleID : 36855 - Revision : 3 - Type : FILE-OTHER |
2014-01-10 | Wireshark console.lua file load exploit attempt RuleID : 23239 - Revision : 9 - Type : SERVER-OTHER |
2014-01-10 | Wireshark console.lua file load exploit attempt RuleID : 23238 - Revision : 10 - Type : NETBIOS |
2014-01-10 | Wireshark DECT packet dissector overflow attempt RuleID : 20431 - Revision : 8 - Type : FILE-OTHER |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_wireshark_20111205.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_wireshark-101222.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_wireshark-110411.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_wireshark-110511.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_wireshark-111013.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_wireshark-111115.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_wireshark-110411.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_wireshark-110511.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_wireshark-111013.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_wireshark-111115.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-71.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0625.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0013.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0369.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0370.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0509.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0125.nasl - Type : ACT_GATHER_INFO |
2013-01-17 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0125.nasl - Type : ACT_GATHER_INFO |
2013-01-17 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130108_wireshark_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2013-01-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0125.nasl - Type : ACT_GATHER_INFO |
2012-09-06 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-138.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100811_wireshark_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101130_wireshark_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110110_wireshark_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110321_wireshark_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120423_wireshark_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-04-25 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0509.nasl - Type : ACT_GATHER_INFO |
2012-04-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0509.nasl - Type : ACT_GATHER_INFO |
2012-01-31 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2395.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_wireshark-111013.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_wireshark-111115.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_wireshark-7500.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_wireshark-7796.nasl - Type : ACT_GATHER_INFO |
2011-10-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_wireshark-7795.nasl - Type : ACT_GATHER_INFO |
2011-10-21 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2324.nasl - Type : ACT_GATHER_INFO |
2011-10-10 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201110-02.nasl - Type : ACT_GATHER_INFO |
2011-10-03 | Name : The remote Fedora host is missing a security update. File : fedora_2011-12399.nasl - Type : ACT_GATHER_INFO |
2011-09-20 | Name : The remote Fedora host is missing a security update. File : fedora_2011-12423.nasl - Type : ACT_GATHER_INFO |
2011-09-19 | Name : The remote Fedora host is missing a security update. File : fedora_2011-12403.nasl - Type : ACT_GATHER_INFO |
2011-09-12 | Name : The remote Windows host contains an application that is affected by multiple ... File : wireshark_1_4_9.nasl - Type : ACT_GATHER_INFO |
2011-09-12 | Name : The remote Windows host contains an application that is affected by multiple ... File : wireshark_1_6_2.nasl - Type : ACT_GATHER_INFO |
2011-08-10 | Name : The remote Fedora host is missing a security update. File : fedora_2011-9638.nasl - Type : ACT_GATHER_INFO |
2011-08-10 | Name : The remote Fedora host is missing a security update. File : fedora_2011-9640.nasl - Type : ACT_GATHER_INFO |
2011-07-25 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-118.nasl - Type : ACT_GATHER_INFO |
2011-07-08 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2274.nasl - Type : ACT_GATHER_INFO |
2011-07-05 | Name : The remote host has an application that is affected by multiple denial of ser... File : wireshark_1_2_18.nasl - Type : ACT_GATHER_INFO |
2011-06-23 | Name : The remote Windows host contains an application that is affected by a denial ... File : wireshark_1_4_6.nasl - Type : ACT_GATHER_INFO |
2011-06-16 | Name : The remote Fedora host is missing a security update. File : fedora_2011-7846.nasl - Type : ACT_GATHER_INFO |
2011-06-16 | Name : The remote Fedora host is missing a security update. File : fedora_2011-7858.nasl - Type : ACT_GATHER_INFO |
2011-06-09 | Name : The remote Fedora host is missing a security update. File : fedora_2011-7821.nasl - Type : ACT_GATHER_INFO |
2011-06-08 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12708.nasl - Type : ACT_GATHER_INFO |
2011-06-08 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_wireshark-110503.nasl - Type : ACT_GATHER_INFO |
2011-06-08 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_wireshark-7501.nasl - Type : ACT_GATHER_INFO |
2011-06-02 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-105.nasl - Type : ACT_GATHER_INFO |
2011-06-02 | Name : The remote Windows host contains an application that is affected by multiple ... File : wireshark_1_4_7.nasl - Type : ACT_GATHER_INFO |
2011-05-13 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-083.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_wireshark-101222.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_wireshark-101222.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_wireshark-110411.nasl - Type : ACT_GATHER_INFO |
2011-04-27 | Name : The remote Fedora host is missing a security update. File : fedora_2011-5529.nasl - Type : ACT_GATHER_INFO |
2011-04-27 | Name : The remote Fedora host is missing a security update. File : fedora_2011-5569.nasl - Type : ACT_GATHER_INFO |
2011-04-27 | Name : The remote Fedora host is missing a security update. File : fedora_2011-5621.nasl - Type : ACT_GATHER_INFO |
2011-04-18 | Name : The remote Windows host contains an application that is affected by multiple ... File : wireshark_1_4_5.nasl - Type : ACT_GATHER_INFO |
2011-04-07 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_wireshark-110331.nasl - Type : ACT_GATHER_INFO |
2011-03-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2201.nasl - Type : ACT_GATHER_INFO |
2011-03-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0370.nasl - Type : ACT_GATHER_INFO |
2011-03-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0369.nasl - Type : ACT_GATHER_INFO |
2011-03-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0370.nasl - Type : ACT_GATHER_INFO |
2011-03-14 | Name : The remote Fedora host is missing a security update. File : fedora_2011-2620.nasl - Type : ACT_GATHER_INFO |
2011-03-14 | Name : The remote Fedora host is missing a security update. File : fedora_2011-2632.nasl - Type : ACT_GATHER_INFO |
2011-03-09 | Name : The remote Fedora host is missing a security update. File : fedora_2011-2648.nasl - Type : ACT_GATHER_INFO |
2011-03-09 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-044.nasl - Type : ACT_GATHER_INFO |
2011-03-02 | Name : The remote Windows host contains an application that is affected by multiple ... File : wireshark_1_4_4.nasl - Type : ACT_GATHER_INFO |
2011-02-03 | Name : The remote Fedora host is missing a security update. File : fedora_2011-0450.nasl - Type : ACT_GATHER_INFO |
2011-02-03 | Name : The remote Fedora host is missing a security update. File : fedora_2011-0460.nasl - Type : ACT_GATHER_INFO |
2011-01-28 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0013.nasl - Type : ACT_GATHER_INFO |
2011-01-28 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-002.nasl - Type : ACT_GATHER_INFO |
2011-01-28 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-007.nasl - Type : ACT_GATHER_INFO |
2011-01-17 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2144.nasl - Type : ACT_GATHER_INFO |
2011-01-14 | Name : The remote Fedora host is missing a security update. File : fedora_2011-0128.nasl - Type : ACT_GATHER_INFO |
2011-01-14 | Name : The remote Fedora host is missing a security update. File : fedora_2011-0167.nasl - Type : ACT_GATHER_INFO |
2011-01-12 | Name : The remote Windows host contains an application that is affected by multiple ... File : wireshark_1_4_3.nasl - Type : ACT_GATHER_INFO |
2011-01-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0013.nasl - Type : ACT_GATHER_INFO |
2010-12-01 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0924.nasl - Type : ACT_GATHER_INFO |
2010-11-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2127.nasl - Type : ACT_GATHER_INFO |
2010-11-29 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-242.nasl - Type : ACT_GATHER_INFO |
2010-11-22 | Name : The remote Windows host contains an application that is affected by multiple ... File : wireshark_1_4_2.nasl - Type : ACT_GATHER_INFO |
2010-11-07 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_b2eaa7c2e64a11dfbc650022156e8794.nasl - Type : ACT_GATHER_INFO |
2010-10-14 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-200.nasl - Type : ACT_GATHER_INFO |
2010-10-14 | Name : The remote Windows host contains an application that is vulnerable to a denia... File : wireshark_1_4_1.nasl - Type : ACT_GATHER_INFO |
2010-09-03 | Name : The remote Fedora host is missing a security update. File : fedora_2010-13416.nasl - Type : ACT_GATHER_INFO |
2010-09-03 | Name : The remote Fedora host is missing a security update. File : fedora_2010-13427.nasl - Type : ACT_GATHER_INFO |
2010-09-01 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2101.nasl - Type : ACT_GATHER_INFO |
2010-08-31 | Name : The remote Windows host contains an application that allows arbitrary code ex... File : wireshark_1_2_11.nasl - Type : ACT_GATHER_INFO |
2010-08-24 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0625.nasl - Type : ACT_GATHER_INFO |
2010-08-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0625.nasl - Type : ACT_GATHER_INFO |
2010-08-05 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-144.nasl - Type : ACT_GATHER_INFO |
2010-08-02 | Name : The remote host has an application that is affected by multiple vulnerabilities. File : wireshark_1_2_10.nasl - Type : ACT_GATHER_INFO |
2010-07-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-113.nasl - Type : ACT_GATHER_INFO |
2010-07-02 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2066.nasl - Type : ACT_GATHER_INFO |
2010-06-11 | Name : The remote host has an application that is affected by multiple vulnerabilities. File : wireshark_1_2_9.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:36:59 |
|