Executive Summary
This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
| Summary | |
|---|---|
| Title | Wireshark: Multiple vulnerabilities |
| Informations | |||
|---|---|---|---|
| Name | GLSA-201308-05 | First vendor Publication | 2013-08-28 |
| Vendor | Gentoo | Last vendor Modification | 2013-08-28 |
| Severity (Vendor) | High | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:A/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 8.3 | Attack Range | Adjacent network |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 6.5 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Synopsis Multiple vulnerabilities have been found in Wireshark, allowing remote attackers to execute arbitrary code or cause Denial of Service. Background Description Impact Workaround Resolution All Wireshark 1.8 users should upgrade to the latest version: References Availability http://security.gentoo.org/glsa/glsa-201308-05.xml |
Original Source
| Url : http://security.gentoo.org/glsa/glsa-201308-05.xml |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 28 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
| 24 % | CWE-20 | Improper Input Validation |
| 22 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 17 % | CWE-399 | Resource Management Errors |
| 3 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 2 % | CWE-352 | Cross-Site Request Forgery (CSRF) (CWE/SANS Top 25) |
| 2 % | CWE-134 | Uncontrolled Format String (CWE/SANS Top 25) |
| 2 % | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE/SANS Top 25) |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:14642 | |||
| Oval ID: | oval:org.mitre.oval:def:14642 | ||
| Title: | DEPRECATED: Vulnerability in dissect_packet function in epan/packet.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 | ||
| Description: | The dissect_packet function in epan/packet.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a long packet in a capture file, as demonstrated by an airopeek file. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2012-0041 | Version: | 2 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:14963 | |||
| Oval ID: | oval:org.mitre.oval:def:14963 | ||
| Title: | epan/dissectors/packet-afp.c in the AFP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a large number of ACL entries | ||
| Description: | epan/dissectors/packet-afp.c in the AFP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a large number of ACL entries. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2012-4289 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15061 | |||
| Oval ID: | oval:org.mitre.oval:def:15061 | ||
| Title: | DEPRECATED: String conversion vulnerability in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 | ||
| Description: | Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 does not properly perform certain string conversions, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet, related to epan/to_str.c. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2012-0042 | Version: | 2 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15065 | |||
| Oval ID: | oval:org.mitre.oval:def:15065 | ||
| Title: | DSA-2395-1 wireshark -- buffer underflow | ||
| Description: | Laurent Butti discovered a buffer underflow in the LANalyzer dissector of the Wireshark network traffic analyzer, which could lead to the execution of arbitrary code. This update also addresses several bugs, which can lead to crashes of Wireshark. These are not treated as security issues, but are fixed nonetheless if security updates are scheduled: CVE-2011-3483, CVE-2012-0041, CVE-2012-0042, CVE-2012-0066 and CVE-2012-0067. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2395-1 CVE-2011-3483 CVE-2012-0041 CVE-2012-0042 CVE-2012-0066 CVE-2012-0067 CVE-2012-0068 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15111 | |||
| Oval ID: | oval:org.mitre.oval:def:15111 | ||
| Title: | Long packet handling vulnerability in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 | ||
| Description: | Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a long packet in a (1) Accellent 5Views (aka .5vw) file, (2) I4B trace file, or (3) NETMON 2 capture file. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2012-0066 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15158 | |||
| Oval ID: | oval:org.mitre.oval:def:15158 | ||
| Title: | The dissect_stun_message function in epan/dissectors/packet-stun.c in the STUN dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly interact with key-destruction behavior in a certain tree library | ||
| Description: | The dissect_stun_message function in epan/dissectors/packet-stun.c in the STUN dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly interact with key-destruction behavior in a certain tree library, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2012-4292 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15192 | |||
| Oval ID: | oval:org.mitre.oval:def:15192 | ||
| Title: | Vulnerability in wiretap/iptrace.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 | ||
| Description: | wiretap/iptrace.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a long packet in an AIX iptrace file. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2012-0067 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15252 | |||
| Oval ID: | oval:org.mitre.oval:def:15252 | ||
| Title: | DEPRECATED: Long packet handling vulnerability in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 | ||
| Description: | Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a long packet in a (1) Accellent 5Views (aka .5vw) file, (2) I4B trace file, or (3) NETMON 2 capture file. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2012-0066 | Version: | 2 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15297 | |||
| Oval ID: | oval:org.mitre.oval:def:15297 | ||
| Title: | Vulnerability in dissect_packet function in epan/packet.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 | ||
| Description: | The dissect_packet function in epan/packet.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a long packet in a capture file, as demonstrated by an airopeek file. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2012-0041 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15319 | |||
| Oval ID: | oval:org.mitre.oval:def:15319 | ||
| Title: | DEPRECATED: Vulnerability in lanalyzer_read function in wiretap/lanalyzer.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 | ||
| Description: | The lanalyzer_read function in wiretap/lanalyzer.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a Novell catpure file containing a record that is too small. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2012-0068 | Version: | 2 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15324 | |||
| Oval ID: | oval:org.mitre.oval:def:15324 | ||
| Title: | RLC dissector vulnerability in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 | ||
| Description: | Buffer overflow in the reassemble_message function in epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a series of fragmented RLC packets. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2012-0043 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15357 | |||
| Oval ID: | oval:org.mitre.oval:def:15357 | ||
| Title: | DEPRECATED: RLC dissector vulnerability in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 | ||
| Description: | Buffer overflow in the reassemble_message function in epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a series of fragmented RLC packets. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2012-0043 | Version: | 2 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15368 | |||
| Oval ID: | oval:org.mitre.oval:def:15368 | ||
| Title: | String conversion vulnerability in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 | ||
| Description: | Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 does not properly perform certain string conversions, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet, related to epan/to_str.c. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2012-0042 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15379 | |||
| Oval ID: | oval:org.mitre.oval:def:15379 | ||
| Title: | Vulnerability in lanalyzer_read function in wiretap/lanalyzer.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 | ||
| Description: | The lanalyzer_read function in wiretap/lanalyzer.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a Novell catpure file containing a record that is too small. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2012-0068 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15489 | |||
| Oval ID: | oval:org.mitre.oval:def:15489 | ||
| Title: | DEPRECATED: Vulnerability in wiretap/iptrace.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 | ||
| Description: | wiretap/iptrace.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a long packet in an AIX iptrace file. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2012-0067 | Version: | 2 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15527 | |||
| Oval ID: | oval:org.mitre.oval:def:15527 | ||
| Title: | plugins/ethercat/packet-ecatmb.c in the EtherCAT Mailbox dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly handle certain integer fields | ||
| Description: | plugins/ethercat/packet-ecatmb.c in the EtherCAT Mailbox dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly handle certain integer fields, which allows remote attackers to cause a denial of service (application exit) via a malformed packet. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2012-4293 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15547 | |||
| Oval ID: | oval:org.mitre.oval:def:15547 | ||
| Title: | Vulnerability in the PPP dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before 1.6.9, and 1.8.x before 1.8.1 | ||
| Description: | The PPP dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before 1.6.9, and 1.8.x before 1.8.1 allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) via a crafted packet, as demonstrated by a usbmon dump. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2012-4048 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15583 | |||
| Oval ID: | oval:org.mitre.oval:def:15583 | ||
| Title: | Buffer overflow in epan/dissectors/packet-rtps2.c in the RTPS2 dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 | ||
| Description: | Buffer overflow in epan/dissectors/packet-rtps2.c in the RTPS2 dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (CPU consumption) via a malformed packet. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2012-4296 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15619 | |||
| Oval ID: | oval:org.mitre.oval:def:15619 | ||
| Title: | The CTDB dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a malformed packet | ||
| Description: | The CTDB dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a malformed packet. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2012-4290 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15646 | |||
| Oval ID: | oval:org.mitre.oval:def:15646 | ||
| Title: | The dissect_drda function in epan/dissectors/packet-drda.c in Wireshark 1.6.x through 1.6.10 and 1.8.x through 1.8.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a small value for a certain length field in a capture file | ||
| Description: | The dissect_drda function in epan/dissectors/packet-drda.c in Wireshark 1.6.x through 1.6.10 and 1.8.x through 1.8.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a small value for a certain length field in a capture file. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2012-3548 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15673 | |||
| Oval ID: | oval:org.mitre.oval:def:15673 | ||
| Title: | Buffer overflow in the channelised_fill_sdh_g707_format function in epan/dissectors/packet-erf.c in the ERF dissector in Wireshark 1.8.x before 1.8.2 | ||
| Description: | Buffer overflow in the channelised_fill_sdh_g707_format function in epan/dissectors/packet-erf.c in the ERF dissector in Wireshark 1.8.x before 1.8.2 allows remote attackers to execute arbitrary code via a large speed (aka rate) value. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2012-4294 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15693 | |||
| Oval ID: | oval:org.mitre.oval:def:15693 | ||
| Title: | The pcapng_read_packet_block function in wiretap/pcapng.c in the pcap-ng file parser in Wireshark 1.8.x before 1.8.2 allows user-assisted remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted pcap-ng file | ||
| Description: | The pcapng_read_packet_block function in wiretap/pcapng.c in the pcap-ng file parser in Wireshark 1.8.x before 1.8.2 allows user-assisted remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted pcap-ng file. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2012-4286 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15707 | |||
| Oval ID: | oval:org.mitre.oval:def:15707 | ||
| Title: | Vulnerability in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before 1.6.9, and 1.8.x before 1.8.1 | ||
| Description: | epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before 1.6.9, and 1.8.x before 1.8.1 allows remote attackers to cause a denial of service (loop and CPU consumption) via a crafted packet. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2012-4049 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15712 | |||
| Oval ID: | oval:org.mitre.oval:def:15712 | ||
| Title: | The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a zero-length message | ||
| Description: | The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a zero-length message. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2012-4285 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15718 | |||
| Oval ID: | oval:org.mitre.oval:def:15718 | ||
| Title: | Array index error in the channelised_fill_sdh_g707_format function in epan/dissectors/packet-erf.c in the ERF dissector in Wireshark 1.8.x before 1.8.2 | ||
| Description: | Array index error in the channelised_fill_sdh_g707_format function in epan/dissectors/packet-erf.c in the ERF dissector in Wireshark 1.8.x before 1.8.2 might allow remote attackers to cause a denial of service (application crash) via a crafted speed (aka rate) value. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2012-4295 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15741 | |||
| Oval ID: | oval:org.mitre.oval:def:15741 | ||
| Title: | Buffer overflow in the dissect_gsm_rlcmac_downlink function in epan/dissectors/packet-gsm_rlcmac.c in the GSM RLC MAC dissector in Wireshark 1.6.x before 1.6.10 and 1.8.x before 1.8.2 | ||
| Description: | Buffer overflow in the dissect_gsm_rlcmac_downlink function in epan/dissectors/packet-gsm_rlcmac.c in the GSM RLC MAC dissector in Wireshark 1.6.x before 1.6.10 and 1.8.x before 1.8.2 allows remote attackers to execute arbitrary code via a malformed packet. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2012-4297 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15777 | |||
| Oval ID: | oval:org.mitre.oval:def:15777 | ||
| Title: | Integer signedness error in the vwr_read_rec_data_ethernet function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.2 | ||
| Description: | Integer signedness error in the vwr_read_rec_data_ethernet function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.2 allows user-assisted remote attackers to execute arbitrary code via a crafted packet-trace file that triggers a buffer overflow. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2012-4298 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15789 | |||
| Oval ID: | oval:org.mitre.oval:def:15789 | ||
| Title: | Integer overflow in the dissect_xtp_ecntl function in epan/dissectors/packet-xtp.c in the XTP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop or application crash) via a large value for a span length | ||
| Description: | Integer overflow in the dissect_xtp_ecntl function in epan/dissectors/packet-xtp.c in the XTP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop or application crash) via a large value for a span length. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2012-4288 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15813 | |||
| Oval ID: | oval:org.mitre.oval:def:15813 | ||
| Title: | The CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet | ||
| Description: | The CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2012-4291 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15818 | |||
| Oval ID: | oval:org.mitre.oval:def:15818 | ||
| Title: | epan/dissectors/packet-mongo.c in the MongoDB dissector in Wireshark 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a small value for a BSON document length | ||
| Description: | epan/dissectors/packet-mongo.c in the MongoDB dissector in Wireshark 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a small value for a BSON document length. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2012-4287 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:16228 | |||
| Oval ID: | oval:org.mitre.oval:def:16228 | ||
| Title: | epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.8.x before 1.8.7 uses incorrect integer data types | ||
| Description: | epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.8.x before 1.8.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (integer overflow, and heap memory corruption or NULL pointer dereference, and application crash) via a malformed packet. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3559 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:16375 | |||
| Oval ID: | oval:org.mitre.oval:def:16375 | ||
| Title: | The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.6.x before 1.6.16, 1.8.x before 1.8.8, and 1.10.0 does not validate a certain fragment length value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet | ||
| Description: | The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.6.x before 1.6.16, 1.8.x before 1.8.8, and 1.10.0 does not validate a certain fragment length value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-4083 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:16417 | |||
| Oval ID: | oval:org.mitre.oval:def:16417 | ||
| Title: | The dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c in the PPP CCP dissector in Wireshark 1.8.x before 1.8.7 does not terminate a bit-field list | ||
| Description: | The dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c in the PPP CCP dissector in Wireshark 1.8.x before 1.8.7 does not terminate a bit-field list, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3558 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:16521 | |||
| Oval ID: | oval:org.mitre.oval:def:16521 | ||
| Title: | The dissect_ber_choice function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.6.x before 1.6.15 and 1.8.x before 1.8.7 does not properly initialize a certain variable | ||
| Description: | The dissect_ber_choice function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.6.x before 1.6.15 and 1.8.x before 1.8.7 does not properly initialize a certain variable, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3557 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:16676 | |||
| Oval ID: | oval:org.mitre.oval:def:16676 | ||
| Title: | Buffer overflow in the dissect_iphc_crtp_fh function in epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (application crash) via a crafted packet | ||
| Description: | Buffer overflow in the dissect_iphc_crtp_fh function in epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (application crash) via a crafted packet. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-4076 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:16691 | |||
| Oval ID: | oval:org.mitre.oval:def:16691 | ||
| Title: | The dissect_schedule_message function in epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (infinite loop and application hang) via a crafted packet | ||
| Description: | The dissect_schedule_message function in epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (infinite loop and application hang) via a crafted packet. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-4079 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:16696 | |||
| Oval ID: | oval:org.mitre.oval:def:16696 | ||
| Title: | Multiple integer signedness errors in the tvb_unmasked function in epan/dissectors/packet-websocket.c in the Websocket dissector in Wireshark 1.8.x before 1.8.7 | ||
| Description: | Multiple integer signedness errors in the tvb_unmasked function in epan/dissectors/packet-websocket.c in the Websocket dissector in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (application crash) via a malformed packet. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3562 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:16698 | |||
| Oval ID: | oval:org.mitre.oval:def:16698 | ||
| Title: | The dissect_capwap_data function in epan/dissectors/packet-capwap.c in the CAPWAP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 incorrectly uses a -1 data value to represent an error condition, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | ||
| Description: | The dissect_capwap_data function in epan/dissectors/packet-capwap.c in the CAPWAP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 incorrectly uses a -1 data value to represent an error condition, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-4074 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:16731 | |||
| Oval ID: | oval:org.mitre.oval:def:16731 | ||
| Title: | Memory leak in the dissect_dcom_ActivationProperties function in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 | ||
| Description: | Memory leak in the dissect_dcom_ActivationProperties function in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (memory consumption) via crafted packets. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-4923 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:16751 | |||
| Oval ID: | oval:org.mitre.oval:def:16751 | ||
| Title: | The dissect_dsmcc_un_download function in epan/dissectors/packet-mpeg-dsmcc.c in the MPEG DSM-CC dissector in Wireshark 1.8.x before 1.8.7 uses an incorrect format string | ||
| Description: | The dissect_dsmcc_un_download function in epan/dissectors/packet-mpeg-dsmcc.c in the MPEG DSM-CC dissector in Wireshark 1.8.x before 1.8.7 uses an incorrect format string, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3560 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:16755 | |||
| Oval ID: | oval:org.mitre.oval:def:16755 | ||
| Title: | Multiple integer overflows in Wireshark 1.8.x before 1.8.7 | ||
| Description: | Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (loop or application crash) via a malformed packet, related to a crash of the Websocket dissector, an infinite loop in the MySQL dissector, and a large loop in the ETCH dissector. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3561 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:16779 | |||
| Oval ID: | oval:org.mitre.oval:def:16779 | ||
| Title: | epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshark 1.8.x before 1.8.7 calls incorrect functions in certain contexts related to ciphers | ||
| Description: | epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshark 1.8.x before 1.8.7 calls incorrect functions in certain contexts related to ciphers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3555 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:16820 | |||
| Oval ID: | oval:org.mitre.oval:def:16820 | ||
| Title: | The http_payload_subdissector function in epan/dissectors/packet-http.c in the HTTP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 does not properly determine when to use a recursive approach, which allows remote attackers to cause a denial of service (stack consumption) via a crafted packet | ||
| Description: | The http_payload_subdissector function in epan/dissectors/packet-http.c in the HTTP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 does not properly determine when to use a recursive approach, which allows remote attackers to cause a denial of service (stack consumption) via a crafted packet. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-4081 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:16829 | |||
| Oval ID: | oval:org.mitre.oval:def:16829 | ||
| Title: | Array index error in the NBAP dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to nbap.cnf and packet-nbap.c. | ||
| Description: | Array index error in the NBAP dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to nbap.cnf and packet-nbap.c. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-4077 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:16859 | |||
| Oval ID: | oval:org.mitre.oval:def:16859 | ||
| Title: | epan/dissectors/packet-gmr1_bcch.c in the GMR-1 BCCH dissector in Wireshark 1.8.x before 1.8.8 does not properly initialize memory, which allows remote attackers to cause a denial of service (application crash) via a crafted packet | ||
| Description: | epan/dissectors/packet-gmr1_bcch.c in the GMR-1 BCCH dissector in Wireshark 1.8.x before 1.8.8 does not properly initialize memory, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-4075 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:16873 | |||
| Oval ID: | oval:org.mitre.oval:def:16873 | ||
| Title: | The dissect_r3_upstreamcommand_queryconfig function in epan/dissectors/packet-assa_r3.c in the Assa Abloy R3 dissector in Wireshark 1.8.x before 1.8.8 does not properly handle a zero-length item, which allows remote attackers to cause a denial of service (infinite loop, and CPU and memory consumption) via a crafted packet | ||
| Description: | The dissect_r3_upstreamcommand_queryconfig function in epan/dissectors/packet-assa_r3.c in the Assa Abloy R3 dissector in Wireshark 1.8.x before 1.8.8 does not properly handle a zero-length item, which allows remote attackers to cause a denial of service (infinite loop, and CPU and memory consumption) via a crafted packet. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-4080 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:16886 | |||
| Oval ID: | oval:org.mitre.oval:def:16886 | ||
| Title: | The vwr_read function in wiretap/vwr.c in Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.8 does not validate the relationship between a record length and a trailer length, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) via a crafted packet | ||
| Description: | The vwr_read function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.8 does not validate the relationship between a record length and a trailer length, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) via a crafted packet. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-4082 | Version: | 4 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:16929 | |||
| Oval ID: | oval:org.mitre.oval:def:16929 | ||
| Title: | The dissect_dvbci_tpdu_hdr function in epan/dissectors/packet-dvbci.c in the DVB-CI dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not validate a certain length value before decrementing it | ||
| Description: | The dissect_dvbci_tpdu_hdr function in epan/dissectors/packet-dvbci.c in the DVB-CI dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not validate a certain length value before decrementing it, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted packet. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-4930 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:16936 | |||
| Oval ID: | oval:org.mitre.oval:def:16936 | ||
| Title: | epan/dissectors/packet-rdp.c in the RDP dissector in Wireshark 1.8.x before 1.8.8 does not validate return values during checks for data availability, which allows remote attackers to cause a denial of service (application crash) via a crafted packet | ||
| Description: | epan/dissectors/packet-rdp.c in the RDP dissector in Wireshark 1.8.x before 1.8.8 does not validate return values during checks for data availability, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-4078 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:16971 | |||
| Oval ID: | oval:org.mitre.oval:def:16971 | ||
| Title: | The dissect_smtp function in epan/dissectors/packet-smtp.c in the PROFINET Real-Time dissector in Wireshark 1.10.x before 1.10.1 does not initialize certain structure members | ||
| Description: | The IsDFP_Frame function in plugins/profinet/packet-pn-rt.c in the PROFINET Real-Time dissector in Wireshark 1.10.x before 1.10.1 does not validate MAC addresses, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-4936 | Version: | 4 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:17028 | |||
| Oval ID: | oval:org.mitre.oval:def:17028 | ||
| Title: | The parseFields function in epan/dissectors/packet-dis-pdus.c in the DIS dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not terminate packet-data processing after finding zero remaining bytes | ||
| Description: | The parseFields function in epan/dissectors/packet-dis-pdus.c in the DIS dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not terminate packet-data processing after finding zero remaining bytes, which allows remote attackers to cause a denial of service (loop) via a crafted packet. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-4929 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:17089 | |||
| Oval ID: | oval:org.mitre.oval:def:17089 | ||
| Title: | The P1 dissector in Wireshark 1.10.x before 1.10.1 does not properly initialize a global variable | ||
| Description: | The P1 dissector in Wireshark 1.10.x before 1.10.1 does not properly initialize a global variable, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-4920 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:17260 | |||
| Oval ID: | oval:org.mitre.oval:def:17260 | ||
| Title: | Multiple array index errors in epan/dissectors/packet-gsm_a_common.c in the GSM A Common dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 | ||
| Description: | Multiple array index errors in epan/dissectors/packet-gsm_a_common.c in the GSM A Common dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allow remote attackers to cause a denial of service (application crash) via a crafted packet. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-4932 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:17325 | |||
| Oval ID: | oval:org.mitre.oval:def:17325 | ||
| Title: | epan/proto.c in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (loop) via a crafted packet that is not properly handled by the GSM RR dissector | ||
| Description: | epan/proto.c in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (loop) via a crafted packet that is not properly handled by the GSM RR dissector. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-4931 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:17412 | |||
| Oval ID: | oval:org.mitre.oval:def:17412 | ||
| Title: | The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not properly allocate memory | ||
| Description: | The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) via a crafted packet-trace file. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-4933 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:17417 | |||
| Oval ID: | oval:org.mitre.oval:def:17417 | ||
| Title: | The dissect_per_length_determinant function in epan/dissectors/packet-per.c in the ASN.1 PER dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize a length field in certain abnormal situations | ||
| Description: | The dissect_per_length_determinant function in epan/dissectors/packet-per.c in the ASN.1 PER dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize a length field in certain abnormal situations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-4935 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:17456 | |||
| Oval ID: | oval:org.mitre.oval:def:17456 | ||
| Title: | Double free vulnerability in the dissect_dcom_ActivationProperties function in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 | ||
| Description: | Double free vulnerability in the dissect_dcom_ActivationProperties function in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-4922 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:17514 | |||
| Oval ID: | oval:org.mitre.oval:def:17514 | ||
| Title: | Off-by-one error in the dissect_radiotap function in epan/dissectors/packet-ieee80211-radiotap.c in the Radiotap dissector in Wireshark 1.10.x before 1.10.1 | ||
| Description: | Off-by-one error in the dissect_radiotap function in epan/dissectors/packet-ieee80211-radiotap.c in the Radiotap dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-4921 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:17540 | |||
| Oval ID: | oval:org.mitre.oval:def:17540 | ||
| Title: | Integer signedness error in the dissect_headers function in epan/dissectors/packet-btobex.c in the Bluetooth OBEX dissector in Wireshark 1.10.x before 1.10.1 | ||
| Description: | Integer signedness error in the dissect_headers function in epan/dissectors/packet-btobex.c in the Bluetooth OBEX dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-4928 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:17547 | |||
| Oval ID: | oval:org.mitre.oval:def:17547 | ||
| Title: | epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 does not properly determine whether there is remaining packet data to process | ||
| Description: | epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 does not properly determine whether there is remaining packet data to process, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-4926 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:17584 | |||
| Oval ID: | oval:org.mitre.oval:def:17584 | ||
| Title: | The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize certain structure members | ||
| Description: | The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize certain structure members, which allows remote attackers to cause a denial of service (application crash) via a crafted packet-trace file. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-4934 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:17585 | |||
| Oval ID: | oval:org.mitre.oval:def:17585 | ||
| Title: | Integer signedness error in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 | ||
| Description: | Integer signedness error in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted packet. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-4925 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:17636 | |||
| Oval ID: | oval:org.mitre.oval:def:17636 | ||
| Title: | Integer signedness error in the get_type_length function in epan/dissectors/packet-btsdp.c in the Bluetooth SDP dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 | ||
| Description: | Integer signedness error in the get_type_length function in epan/dissectors/packet-btsdp.c in the Bluetooth SDP dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (loop and CPU consumption) via a crafted packet. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-4927 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:17701 | |||
| Oval ID: | oval:org.mitre.oval:def:17701 | ||
| Title: | epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 does not properly validate certain index values | ||
| Description: | epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 does not properly validate certain index values, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted packet. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-4924 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:18499 | |||
| Oval ID: | oval:org.mitre.oval:def:18499 | ||
| Title: | DSA-2709-1 wireshark - several | ||
| Description: | Multiple vulnerabilities were discovered in the dissectors for CAPWAP, GMR-1 BCCH, PPP, NBAP, RDP, HTTP, DCP ETSI and in the Ixia IxVeriWave file parser, which could result in denial of service or the execution of arbitrary code. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2709-1 CVE-2013-4074 CVE-2013-4075 CVE-2013-4076 CVE-2013-4077 CVE-2013-4078 CVE-2013-4081 CVE-2013-4082 CVE-2013-4083 | Version: | 8 |
| Platform(s): | Debian GNU/Linux 7 Debian GNU/kFreeBSD 7 | Product(s): | wireshark |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18881 | |||
| Oval ID: | oval:org.mitre.oval:def:18881 | ||
| Title: | DSA-2734-1 wireshark - several | ||
| Description: | Multiple vulnerabilities were discovered in the dissectors for DVB-CI, GSM A Common and ASN.1 PER and in the Netmon file parser. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2734-1 CVE-2013-4930 CVE-2013-4932 CVE-2013-4933 CVE-2013-4934 CVE-2013-4935 | Version: | 8 |
| Platform(s): | Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7 | Product(s): | wireshark |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19925 | |||
| Oval ID: | oval:org.mitre.oval:def:19925 | ||
| Title: | DSA-2590-1 wireshark - several | ||
| Description: | Bjorn Mork and Laurent Butti discovered crashes in the PPP and RTPS2 dissectors, which could potentially result in the execution of arbitrary code. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2590-1 CVE-2012-4048 CVE-2012-4296 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | wireshark |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19928 | |||
| Oval ID: | oval:org.mitre.oval:def:19928 | ||
| Title: | DSA-2700-1 wireshark - several | ||
| Description: | Multiple vulnerabilities were discovered in the dissectors for GTPv2, ASN.1 BER, PPP CCP, DCP ETSI, MPEG DSM-CC and Websocket, which could result in denial of service or the execution of arbitrary code. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2700-1 CVE-2013-3555 CVE-2013-3557 CVE-2013-3558 CVE-2013-3559 CVE-2013-3560 CVE-2013-3562 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 7 Debian GNU/kFreeBSD 7 | Product(s): | wireshark |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20890 | |||
| Oval ID: | oval:org.mitre.oval:def:20890 | ||
| Title: | RHSA-2013:0125: wireshark security, bug fix, and enhancement update (Moderate) | ||
| Description: | The CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2013:0125-00 CESA-2013:0125 CVE-2011-1958 CVE-2011-1959 CVE-2011-2175 CVE-2011-2698 CVE-2011-4102 CVE-2012-0041 CVE-2012-0042 CVE-2012-0066 CVE-2012-0067 CVE-2012-4285 CVE-2012-4289 CVE-2012-4290 CVE-2012-4291 | Version: | 185 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | wireshark |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:23298 | |||
| Oval ID: | oval:org.mitre.oval:def:23298 | ||
| Title: | ELSA-2013:0125: wireshark security, bug fix, and enhancement update (Moderate) | ||
| Description: | The CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2013:0125-00 CVE-2011-1958 CVE-2011-1959 CVE-2011-2175 CVE-2011-2698 CVE-2011-4102 CVE-2012-0041 CVE-2012-0042 CVE-2012-0066 CVE-2012-0067 CVE-2012-4285 CVE-2012-4289 CVE-2012-4290 CVE-2012-4291 | Version: | 57 |
| Platform(s): | Oracle Linux 5 | Product(s): | wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:25205 | |||
| Oval ID: | oval:org.mitre.oval:def:25205 | ||
| Title: | SUSE-SU-2013:1276-1 -- Security update for wireshark | ||
| Description: | This wireshark version update to 1.6.16 includes several security and general bug fixes. http://www.wireshark.org/docs/relnotes/wireshark-1.6.16.html <http://www.wireshark.org/docs/relnotes/wireshark-1.6.16.htm l> * The CAPWAP dissector could crash. Discovered by Laurent Butti. (CVE-2013-4074) * The HTTP dissector could overrun the stack. Discovered by David Keeler. (CVE-2013-4081) * The DCP ETSI dissector could crash. (CVE-2013-4083) http://www.wireshark.org/docs/relnotes/wireshark-1.6.15.html <http://www.wireshark.org/docs/relnotes/wireshark-1.6.15.htm l> * The ASN.1 BER dissector could crash. ( CVE-2013-3556 CVE-2013-3557 ) The releases also fix various non-security issues. Additionally, a crash in processing SCTP filters has been fixed. (bug#816887) | ||
| Family: | unix | Class: | patch |
| Reference(s): | SUSE-SU-2013:1276-1 CVE-2013-4074 CVE-2013-4081 CVE-2013-4083 CVE-2013-3556 CVE-2013-3557 CVE-2013-2486 CVE-2013-2487 CVE-2013-3555 CVE-2013-3558 CVE-2013-3559 CVE-2013-3560 CVE-2013-3561 CVE-2013-3562 CVE-2013-4075 CVE-2013-4076 CVE-2013-4077 CVE-2013-4078 CVE-2013-4079 CVE-2013-4080 CVE-2013-4082 | Version: | 3 |
| Platform(s): | SUSE Linux Enterprise Server 10 SUSE Linux Enterprise Desktop 10 | Product(s): | wireshark |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:25218 | |||
| Oval ID: | oval:org.mitre.oval:def:25218 | ||
| Title: | SUSE-SU-2013:1265-1 -- Security update for wireshark | ||
| Description: | This wireshark version update to 1.8.8 includes several security and general bug fixes. | ||
| Family: | unix | Class: | patch |
| Reference(s): | SUSE-SU-2013:1265-1 CVE-2013-4074 CVE-2013-4075 CVE-2013-4076 CVE-2013-4077 CVE-2013-4078 CVE-2013-4079 CVE-2013-4080 CVE-2013-4081 CVE-2013-4082 CVE-2013-4083 CVE-2013-2486 CVE-2013-2487 CVE-2013-3555 CVE-2013-3556 CVE-2013-3557 CVE-2013-3558 CVE-2013-3559 CVE-2013-3560 CVE-2013-3561 CVE-2013-3562 | Version: | 3 |
| Platform(s): | SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11 | Product(s): | wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:25996 | |||
| Oval ID: | oval:org.mitre.oval:def:25996 | ||
| Title: | Denial of service vulnerability in ASN.1 BER dissector in Wireshark | ||
| Description: | The fragment_add_seq_common function in epan/reassemble.c in the ASN.1 BER dissector in Wireshark before r48943 has an incorrect pointer dereference during a comparison, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-3556 | Version: | 4 |
| Platform(s): | Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2 | Product(s): | Wireshark |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:27311 | |||
| Oval ID: | oval:org.mitre.oval:def:27311 | ||
| Title: | DEPRECATED: ELSA-2013-0125 -- wireshark security, bug fix, and enhancement update (moderate) | ||
| Description: | [1.0.15-5.0.1.el5] - Added oracle-ocfs2-network.patch - increase max packet size to 65536 (Herbert van den Bergh) [orabug 13542633] [1.0.15-5] - fixed CVE-2012-4285, CVE-2012-4289, CVE-2012-4291 and CVE-2012-4290 (#849521) | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2013-0125 CVE-2011-1958 CVE-2011-1959 CVE-2011-2175 CVE-2011-2698 CVE-2011-4102 CVE-2012-0041 CVE-2012-0042 CVE-2012-0066 CVE-2012-0067 CVE-2012-4285 CVE-2012-4289 CVE-2012-4290 CVE-2012-4291 | Version: | 4 |
| Platform(s): | Oracle Linux 5 | Product(s): | wireshark |
| Definition Synopsis: | |||
CPE : Common Platform Enumeration
ExploitDB Exploits
| id | Description |
|---|---|
| 2013-06-13 | Airlive IP Cameras - Multiple Vulnerabilities |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2013-09-18 | Name : Debian Security Advisory DSA 2590-1 (wireshark - several vulnerabilities) File : nvt/deb_2590_1.nasl |
| 2012-12-28 | Name : Wireshark Multiple Vulnerabilities-02 Dec 2012 (Mac OS X) File : nvt/gb_wireshark_mult_vuln02_dec12_macosx.nasl |
| 2012-12-28 | Name : Wireshark Multiple Vulnerabilities-01 Dec 2012 (Mac OS X) File : nvt/gb_wireshark_mult_vuln01_dec12_macosx.nasl |
| 2012-12-28 | Name : Wireshark GSM RLC MAC dissector Buffer Overflow Vulnerability (Mac OS X) File : nvt/gb_wireshark_gsm_rlcmac_bof_macosx.nasl |
| 2012-09-07 | Name : FreeBSD Ports: wireshark File : nvt/freebsd_wireshark8.nasl |
| 2012-08-30 | Name : FreeBSD Ports: wireshark File : nvt/freebsd_wireshark7.nasl |
| 2012-08-30 | Name : Fedora Update for wireshark FEDORA-2012-12085 File : nvt/gb_fedora_2012_12085_wireshark_fc16.nasl |
| 2012-08-30 | Name : Fedora Update for wireshark FEDORA-2012-12091 File : nvt/gb_fedora_2012_12091_wireshark_fc17.nasl |
| 2012-08-21 | Name : Wireshark Multiple Vulnerabilities - August 2012 (Windows) File : nvt/gb_wireshark_mult_vuln_aug12_win.nasl |
| 2012-08-21 | Name : Wireshark Multiple Vulnerabilities(01) - August 2012 (Windows) File : nvt/gb_wireshark_mult_vuln01_aug12_win.nasl |
| 2012-08-21 | Name : Wireshark GSM RLC MAC dissector Buffer Overflow Vulnerability (Windows) File : nvt/gb_wireshark_dissect_gsm_rlcmac_downlink_bof_win.nasl |
| 2012-08-17 | Name : Mandriva Update for wireshark MDVSA-2012:134 (wireshark) File : nvt/gb_mandriva_MDVSA_2012_134.nasl |
| 2012-08-09 | Name : Mandriva Update for wireshark MDVSA-2012:125 (wireshark) File : nvt/gb_mandriva_MDVSA_2012_125.nasl |
| 2012-07-30 | Name : CentOS Update for wireshark CESA-2012:0509 centos6 File : nvt/gb_CESA-2012_0509_wireshark_centos6.nasl |
| 2012-07-27 | Name : Wireshark PPP And NFS Dissector Denial of Service Vulnerabilities (Mac OS X) File : nvt/gb_wireshark_ppp_n_nfs_dos_vuln_macosx.nasl |
| 2012-07-27 | Name : Wireshark PPP And NFS Dissector Denial of Service Vulnerabilities (Windows) File : nvt/gb_wireshark_ppp_n_nfs_dos_vuln_win.nasl |
| 2012-07-09 | Name : RedHat Update for wireshark RHSA-2012:0509-01 File : nvt/gb_RHSA-2012_0509-01_wireshark.nasl |
| 2012-04-24 | Name : Wireshark Multiple Vulnerabilities (Mac OS X) File : nvt/gb_wireshark_mult_vuln_macosx.nasl |
| 2012-04-23 | Name : Wireshark Multiple Vulnerabilities - April 12 (Windows) File : nvt/gb_wireshark_mult_vuln_win_apr12.nasl |
| 2012-04-02 | Name : Fedora Update for wireshark FEDORA-2012-0435 File : nvt/gb_fedora_2012_0435_wireshark_fc16.nasl |
| 2012-02-12 | Name : FreeBSD Ports: wireshark File : nvt/freebsd_wireshark6.nasl |
| 2012-02-11 | Name : Debian Security Advisory DSA 2395-1 (wireshark) File : nvt/deb_2395_1.nasl |
| 2012-01-25 | Name : Fedora Update for wireshark FEDORA-2012-0440 File : nvt/gb_fedora_2012_0440_wireshark_fc15.nasl |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-03-06 | Airlive IP Camera directory traversal attempt RuleID : 29595 - Revision : 3 - Type : SERVER-WEBAPP |
| 2014-03-06 | Airlive IP Camera CSRF attempt RuleID : 29593 - Revision : 4 - Type : SERVER-WEBAPP |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2017-04-06 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20170321_wireshark_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2017-04-05 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2017-813.nasl - Type : ACT_GATHER_INFO |
| 2017-03-30 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2017-0631.nasl - Type : ACT_GATHER_INFO |
| 2017-03-27 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2017-0631.nasl - Type : ACT_GATHER_INFO |
| 2017-03-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2017-0631.nasl - Type : ACT_GATHER_INFO |
| 2016-06-01 | Name : The remote Debian host is missing a security update. File : debian_DLA-497.nasl - Type : ACT_GATHER_INFO |
| 2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2013-1276-1.nasl - Type : ACT_GATHER_INFO |
| 2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_wireshark_20130924_2.nasl - Type : ACT_GATHER_INFO |
| 2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_wireshark_20130924.nasl - Type : ACT_GATHER_INFO |
| 2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_wireshark_20130129.nasl - Type : ACT_GATHER_INFO |
| 2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_wireshark_20121120.nasl - Type : ACT_GATHER_INFO |
| 2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_wireshark_20120404.nasl - Type : ACT_GATHER_INFO |
| 2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_wireshark_20120918.nasl - Type : ACT_GATHER_INFO |
| 2014-11-28 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15868.nasl - Type : ACT_GATHER_INFO |
| 2014-11-12 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1569.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-123.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-470.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-526.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_wireshark-120201.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-626.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-536.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-540.nasl - Type : ACT_GATHER_INFO |
| 2014-04-01 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0341.nasl - Type : ACT_GATHER_INFO |
| 2014-04-01 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0341.nasl - Type : ACT_GATHER_INFO |
| 2014-04-01 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0341.nasl - Type : ACT_GATHER_INFO |
| 2014-04-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140331_wireshark_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2013-12-20 | Name : The remote Fedora host is missing a security update. File : fedora_2013-17635.nasl - Type : ACT_GATHER_INFO |
| 2013-12-10 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20131121_wireshark_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2013-12-10 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-251.nasl - Type : ACT_GATHER_INFO |
| 2013-11-27 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1569.nasl - Type : ACT_GATHER_INFO |
| 2013-11-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1569.nasl - Type : ACT_GATHER_INFO |
| 2013-10-03 | Name : The remote Fedora host is missing a security update. File : fedora_2013-17627.nasl - Type : ACT_GATHER_INFO |
| 2013-09-28 | Name : The remote Fedora host is missing a security update. File : fedora_2013-17661.nasl - Type : ACT_GATHER_INFO |
| 2013-09-17 | Name : The remote Fedora host is missing a security update. File : fedora_2013-16696.nasl - Type : ACT_GATHER_INFO |
| 2013-09-14 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_wireshark-130812.nasl - Type : ACT_GATHER_INFO |
| 2013-09-14 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_wireshark-130814.nasl - Type : ACT_GATHER_INFO |
| 2013-09-13 | Name : The remote Windows host contains an application that is affected by multiple ... File : wireshark_1_8_10.nasl - Type : ACT_GATHER_INFO |
| 2013-09-13 | Name : The remote Windows host contains an application that is affected by multiple ... File : wireshark_1_10_2.nasl - Type : ACT_GATHER_INFO |
| 2013-09-12 | Name : The remote Fedora host is missing a security update. File : fedora_2013-16362.nasl - Type : ACT_GATHER_INFO |
| 2013-08-29 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201308-05.nasl - Type : ACT_GATHER_INFO |
| 2013-08-07 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2734.nasl - Type : ACT_GATHER_INFO |
| 2013-07-31 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_wireshark-8659.nasl - Type : ACT_GATHER_INFO |
| 2013-07-31 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-204.nasl - Type : ACT_GATHER_INFO |
| 2013-07-29 | Name : The remote Windows host contains an application that is affected by multiple ... File : wireshark_1_10_1.nasl - Type : ACT_GATHER_INFO |
| 2013-07-29 | Name : The remote Windows host contains an application that is affected by multiple ... File : wireshark_1_8_9.nasl - Type : ACT_GATHER_INFO |
| 2013-07-28 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_wireshark-130711.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0509.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0125.nasl - Type : ACT_GATHER_INFO |
| 2013-06-18 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2709.nasl - Type : ACT_GATHER_INFO |
| 2013-06-14 | Name : The remote Windows host contains an application that is affected by multiple ... File : wireshark_1_8_8.nasl - Type : ACT_GATHER_INFO |
| 2013-06-14 | Name : The remote Windows host contains an application that is affected by multiple ... File : wireshark_1_6_16.nasl - Type : ACT_GATHER_INFO |
| 2013-06-13 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-172.nasl - Type : ACT_GATHER_INFO |
| 2013-06-03 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2700.nasl - Type : ACT_GATHER_INFO |
| 2013-05-22 | Name : The remote Windows host contains an application that is affected by multiple ... File : wireshark_1_8_7.nasl - Type : ACT_GATHER_INFO |
| 2013-05-22 | Name : The remote Windows host contains an application that is affected by a denial ... File : wireshark_1_6_15.nasl - Type : ACT_GATHER_INFO |
| 2013-04-20 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-055.nasl - Type : ACT_GATHER_INFO |
| 2013-01-25 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_wireshark-120831.nasl - Type : ACT_GATHER_INFO |
| 2013-01-17 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130108_wireshark_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2013-01-17 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0125.nasl - Type : ACT_GATHER_INFO |
| 2013-01-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0125.nasl - Type : ACT_GATHER_INFO |
| 2012-12-27 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2590.nasl - Type : ACT_GATHER_INFO |
| 2012-10-22 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_a77064141be711e29aad902b343deec9.nasl - Type : ACT_GATHER_INFO |
| 2012-10-10 | Name : The remote Windows host contains an application that is affected by multiple ... File : wireshark_1_8_3.nasl - Type : ACT_GATHER_INFO |
| 2012-10-10 | Name : The remote Windows host contains an application that is affected by a denial ... File : wireshark_1_6_11.nasl - Type : ACT_GATHER_INFO |
| 2012-09-18 | Name : The remote Fedora host is missing a security update. File : fedora_2012-11981.nasl - Type : ACT_GATHER_INFO |
| 2012-09-14 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_wireshark-8267.nasl - Type : ACT_GATHER_INFO |
| 2012-09-06 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-134.nasl - Type : ACT_GATHER_INFO |
| 2012-09-06 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-125.nasl - Type : ACT_GATHER_INFO |
| 2012-09-04 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_5415f1b3f33d11e18bd80022156e8794.nasl - Type : ACT_GATHER_INFO |
| 2012-08-28 | Name : The remote Fedora host is missing a security update. File : fedora_2012-12091.nasl - Type : ACT_GATHER_INFO |
| 2012-08-28 | Name : The remote Fedora host is missing a security update. File : fedora_2012-12085.nasl - Type : ACT_GATHER_INFO |
| 2012-08-20 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_4cdfe875e8d611e1bea0002354ed89bc.nasl - Type : ACT_GATHER_INFO |
| 2012-08-17 | Name : The remote Windows host contains an application that is affected by multiple ... File : wireshark_1_8_2.nasl - Type : ACT_GATHER_INFO |
| 2012-08-17 | Name : The remote Windows host contains an application that is affected by multiple ... File : wireshark_1_4_15.nasl - Type : ACT_GATHER_INFO |
| 2012-08-17 | Name : The remote Windows host contains an application that is affected by multiple ... File : wireshark_1_6_10.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120423_wireshark_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-07-25 | Name : The remote Windows host contains an application that is affected by multiple ... File : wireshark_1_4_14.nasl - Type : ACT_GATHER_INFO |
| 2012-07-25 | Name : The remote Windows host contains an application that is affected by multiple ... File : wireshark_1_8_1.nasl - Type : ACT_GATHER_INFO |
| 2012-07-25 | Name : The remote Windows host contains an application that is affected by multiple ... File : wireshark_1_6_9.nasl - Type : ACT_GATHER_INFO |
| 2012-04-25 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0509.nasl - Type : ACT_GATHER_INFO |
| 2012-04-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0509.nasl - Type : ACT_GATHER_INFO |
| 2012-02-24 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_wireshark-120131.nasl - Type : ACT_GATHER_INFO |
| 2012-02-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_wireshark-7943.nasl - Type : ACT_GATHER_INFO |
| 2012-01-31 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2395.nasl - Type : ACT_GATHER_INFO |
| 2012-01-25 | Name : The remote Fedora host is missing a security update. File : fedora_2012-0440.nasl - Type : ACT_GATHER_INFO |
| 2012-01-24 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_3ebb2dc8460911e19f4700e0815b8da8.nasl - Type : ACT_GATHER_INFO |
| 2012-01-23 | Name : The remote Fedora host is missing a security update. File : fedora_2012-0435.nasl - Type : ACT_GATHER_INFO |
| 2012-01-13 | Name : The remote Windows host contains an application that is affected by multiple ... File : wireshark_1_6_5.nasl - Type : ACT_GATHER_INFO |
| 2012-01-13 | Name : The remote Windows host contains an application that is affected by multiple ... File : wireshark_1_4_11.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-09-23 13:32:33 |
|
| 2014-02-17 11:37:41 |
|
| 2013-10-05 13:23:41 |
|
| 2013-08-28 17:18:50 |
|
