| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2013-4083 |
20 |
|
DoS |
2013-06-09 |
2013-06-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.6.x before 1.6.16, 1.8.x before 1.8.8, and 1.10.0 does not validate a certain fragment length value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. |
|
2 |
CVE-2013-4082 |
119 |
|
DoS Overflow |
2013-06-09 |
2013-06-11 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The vwr_read function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.8 does not validate the relationship between a record length and a trailer length, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) via a crafted packet. |
|
3 |
CVE-2013-4081 |
119 |
|
DoS Overflow |
2013-06-09 |
2013-06-10 |
0.0 |
None |
Remote |
Low |
Not required |
None |
None |
None |
|
The http_payload_subdissector function in epan/dissectors/packet-http.c in the HTTP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 does not properly determine when to use a recursive approach, which allows remote attackers to cause a denial of service (stack consumption) via a crafted packet. |
|
4 |
CVE-2013-4080 |
119 |
|
DoS Overflow |
2013-06-09 |
2013-06-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The dissect_r3_upstreamcommand_queryconfig function in epan/dissectors/packet-assa_r3.c in the Assa Abloy R3 dissector in Wireshark 1.8.x before 1.8.8 does not properly handle a zero-length item, which allows remote attackers to cause a denial of service (infinite loop, and CPU and memory consumption) via a crafted packet. |
|
5 |
CVE-2013-4079 |
119 |
|
DoS Overflow |
2013-06-09 |
2013-06-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The dissect_schedule_message function in epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (infinite loop and application hang) via a crafted packet. |
|
6 |
CVE-2013-4078 |
20 |
|
DoS |
2013-06-09 |
2013-06-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-rdp.c in the RDP dissector in Wireshark 1.8.x before 1.8.8 does not validate return values during checks for data availability, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. |
|
7 |
CVE-2013-4077 |
119 |
|
DoS Overflow |
2013-06-09 |
2013-06-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Array index error in the NBAP dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to nbap.cnf and packet-nbap.c. |
|
8 |
CVE-2013-4076 |
119 |
|
DoS Overflow |
2013-06-09 |
2013-06-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Buffer overflow in the dissect_iphc_crtp_fh function in epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (application crash) via a crafted packet. |
|
9 |
CVE-2013-4075 |
399 |
|
DoS |
2013-06-09 |
2013-06-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-gmr1_bcch.c in the GMR-1 BCCH dissector in Wireshark 1.8.x before 1.8.8 does not properly initialize memory, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. |
|
10 |
CVE-2013-4074 |
189 |
|
DoS |
2013-06-09 |
2013-06-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The dissect_capwap_data function in epan/dissectors/packet-capwap.c in the CAPWAP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 incorrectly uses a -1 data value to represent an error condition, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. |
|
11 |
CVE-2013-3562 |
189 |
|
DoS |
2013-05-24 |
2013-06-14 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Multiple integer signedness errors in the tvb_unmasked function in epan/dissectors/packet-websocket.c in the Websocket dissector in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
12 |
CVE-2013-3561 |
189 |
|
DoS Overflow |
2013-05-24 |
2013-05-28 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (loop or application crash) via a malformed packet, related to a crash of the Websocket dissector, an infinite loop in the MySQL dissector, and a large loop in the ETCH dissector. |
|
13 |
CVE-2013-3560 |
134 |
|
DoS |
2013-05-24 |
2013-06-14 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The dissect_dsmcc_un_download function in epan/dissectors/packet-mpeg-dsmcc.c in the MPEG DSM-CC dissector in Wireshark 1.8.x before 1.8.7 uses an incorrect format string, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
14 |
CVE-2013-3559 |
189 |
|
DoS Overflow Mem. Corr. |
2013-05-24 |
2013-06-14 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.8.x before 1.8.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (integer overflow, and heap memory corruption or NULL pointer dereference, and application crash) via a malformed packet. |
|
15 |
CVE-2013-3558 |
189 |
|
DoS |
2013-05-24 |
2013-06-14 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c in the PPP CCP dissector in Wireshark 1.8.x before 1.8.7 does not terminate a bit-field list, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
16 |
CVE-2013-3557 |
119 |
|
DoS Overflow |
2013-05-24 |
2013-06-14 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The dissect_ber_choice function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.6.x before 1.6.15 and 1.8.x before 1.8.7 does not properly initialize a certain variable, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
17 |
CVE-2013-3556 |
|
|
DoS |
2013-05-24 |
2013-05-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The fragment_add_seq_common function in epan/reassemble.c in the ASN.1 BER dissector in Wireshark before r48943 has an incorrect pointer dereference during a comparison, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
18 |
CVE-2013-3555 |
20 |
|
DoS |
2013-05-24 |
2013-06-14 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshark 1.8.x before 1.8.7 calls incorrect functions in certain contexts related to ciphers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
19 |
CVE-2013-2488 |
20 |
|
DoS |
2013-03-07 |
2013-04-10 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
The DTLS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not validate the fragment offset before invoking the reassembly state machine, which allows remote attackers to cause a denial of service (application crash) via a large offset value that triggers write access to an invalid memory location. |
|
20 |
CVE-2013-2487 |
189 |
|
DoS |
2013-03-07 |
2013-04-10 |
6.1 |
None |
Local Network |
Low |
Not required |
None |
None |
Complete |
|
epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses incorrect integer data types, which allows remote attackers to cause a denial of service (infinite loop) via crafted integer values in a packet, related to the (1) dissect_icecandidates, (2) dissect_kinddata, (3) dissect_nodeid_list, (4) dissect_storeans, (5) dissect_storereq, (6) dissect_storeddataspecifier, (7) dissect_fetchreq, (8) dissect_findans, (9) dissect_diagnosticinfo, (10) dissect_diagnosticresponse, (11) dissect_reload_messagecontents, and (12) dissect_reload_message functions, a different vulnerability than CVE-2013-2486. |
|
21 |
CVE-2013-2486 |
189 |
|
DoS |
2013-03-07 |
2013-04-10 |
6.1 |
None |
Local Network |
Low |
Not required |
None |
None |
Complete |
|
The dissect_diagnosticrequest function in epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (infinite loop) via crafted integer values in a packet. |
|
22 |
CVE-2013-2485 |
|
|
DoS |
2013-03-07 |
2013-04-10 |
6.1 |
None |
Local Network |
Low |
Not required |
None |
None |
Complete |
|
The FCSP dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. |
|
23 |
CVE-2013-2484 |
|
|
DoS |
2013-03-07 |
2013-04-10 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
|
The CIMD dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
24 |
CVE-2013-2483 |
189 |
|
DoS |
2013-03-07 |
2013-04-10 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
|
The acn_add_dmp_data function in epan/dissectors/packet-acn.c in the ACN dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via an invalid count value in ACN_DMP_ADT_D_RE DMP data. |
|
25 |
CVE-2013-2482 |
|
|
DoS |
2013-03-07 |
2013-04-10 |
6.1 |
None |
Local Network |
Low |
Not required |
None |
None |
Complete |
|
The AMPQ dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. |
|
26 |
CVE-2013-2481 |
189 |
|
DoS |
2013-03-07 |
2013-04-10 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
Integer signedness error in the dissect_mount_dirpath_call function in epan/dissectors/packet-mount.c in the Mount dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6, when nfs_file_name_snooping is enabled, allows remote attackers to cause a denial of service (application crash) via a negative length value. |
|
27 |
CVE-2013-2480 |
|
|
DoS |
2013-03-07 |
2013-04-10 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
|
The RTPS and RTPS2 dissectors in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allow remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
28 |
CVE-2013-2479 |
|
|
DoS |
2013-03-07 |
2013-04-10 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
|
The dissect_mpls_echo_tlv_dd_map function in epan/dissectors/packet-mpls-echo.c in the MPLS Echo dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via invalid Sub-tlv data. |
|
29 |
CVE-2013-2478 |
189 |
|
DoS Overflow |
2013-03-07 |
2013-04-10 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
|
The dissect_server_info function in epan/dissectors/packet-ms-mms.c in the MS-MMS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not properly manage string lengths, which allows remote attackers to cause a denial of service (application crash) via a malformed packet that (1) triggers an integer overflow or (2) has embedded '\0' characters in a string. |
|
30 |
CVE-2013-2477 |
119 |
|
DoS Overflow |
2013-03-07 |
2013-04-10 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
|
The CSN.1 dissector in Wireshark 1.8.x before 1.8.6 does not properly manage function pointers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
31 |
CVE-2013-2476 |
399 |
|
DoS |
2013-03-07 |
2013-04-10 |
6.1 |
None |
Local Network |
Low |
Not required |
None |
None |
Complete |
|
The dissect_hartip function in epan/dissectors/packet-hartip.c in the HART/IP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a packet with a header that is too short. |
|
32 |
CVE-2013-2475 |
|
|
DoS |
2013-03-07 |
2013-04-10 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
|
The TCP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
33 |
CVE-2013-1590 |
119 |
|
DoS Overflow |
2013-02-02 |
2013-03-06 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
Buffer overflow in the NTLMSSP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
34 |
CVE-2013-1589 |
399 |
|
DoS |
2013-02-02 |
2013-02-11 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
Double free vulnerability in epan/proto.c in the dissection engine in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
35 |
CVE-2013-1588 |
119 |
|
DoS Overflow |
2013-02-02 |
2013-03-06 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
Multiple buffer overflows in the dissect_pft_fec_detailed function in the DCP-ETSI dissector in epan/dissectors/packet-dcp-etsi.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allow remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
36 |
CVE-2013-1587 |
|
|
DoS |
2013-02-02 |
2013-02-04 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
The dissect_rohc_ir_packet function in epan/dissectors/packet-rohc.c in the ROHC dissector in Wireshark 1.8.x before 1.8.5 does not properly handle unknown profiles, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
37 |
CVE-2013-1586 |
|
|
DoS |
2013-02-02 |
2013-03-06 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
The fragment_set_tot_len function in epan/reassemble.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly determine the length of a reassembled packet for the DTLS dissector, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
38 |
CVE-2013-1585 |
20 |
|
DoS |
2013-02-02 |
2013-02-06 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
epan/tvbuff.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly validate certain length values for the MS-MMC dissector, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
39 |
CVE-2013-1584 |
20 |
|
DoS |
2013-02-02 |
2013-02-06 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
The dissect_version_5_and_6_primary_header function in epan/dissectors/packet-dtn.c in the DTN dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 accesses an inappropriate pointer, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
40 |
CVE-2013-1583 |
20 |
|
DoS |
2013-02-02 |
2013-02-06 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
The dissect_version_4_primary_header function in epan/dissectors/packet-dtn.c in the DTN dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 accesses an inappropriate pointer, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
41 |
CVE-2013-1582 |
189 |
|
DoS |
2013-02-02 |
2013-03-06 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
The dissect_clnp function in epan/dissectors/packet-clnp.c in the CLNP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly manage an offset variable, which allows remote attackers to cause a denial of service (infinite loop or application crash) via a malformed packet. |
|
42 |
CVE-2013-1581 |
20 |
|
DoS |
2013-02-02 |
2013-02-11 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
The dissect_pft_fec_detailed function in epan/dissectors/packet-dcp-etsi.c in the DCP-ETSI dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle fragment gaps, which allows remote attackers to cause a denial of service (loop) via a malformed packet. |
|
43 |
CVE-2013-1580 |
20 |
|
DoS |
2013-02-02 |
2013-02-11 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
The dissect_cmstatus_tlv function in plugins/docsis/packet-cmstatus.c in the DOCSIS CM-STATUS dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 uses an incorrect data type for a position variable, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. |
|
44 |
CVE-2013-1579 |
399 |
|
DoS |
2013-02-02 |
2013-02-04 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
The rtps_util_add_bitmap function in epan/dissectors/packet-rtps.c in the RTPS dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly implement certain nested loops for processing bitmap data, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. |
|
45 |
CVE-2013-1578 |
20 |
|
DoS |
2013-02-02 |
2013-02-11 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
The dissect_pw_eth_heuristic function in epan/dissectors/packet-pw-eth.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle apparent Ethernet address values at the beginning of MPLS data, which allows remote attackers to cause a denial of service (loop) via a malformed packet. |
|
46 |
CVE-2013-1577 |
20 |
|
DoS |
2013-02-02 |
2013-02-11 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
The dissect_sip_p_charging_func_addresses function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle offset data associated with a quoted string, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. |
|
47 |
CVE-2013-1576 |
310 |
|
DoS |
2013-02-02 |
2013-02-11 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
The dissect_sdp_media_attribute function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly process crypto-suite parameters, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. |
|
48 |
CVE-2013-1575 |
20 |
|
DoS |
2013-02-02 |
2013-02-11 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
The dissect_r3_cmd_alarmconfigure function in epan/dissectors/packet-assa_r3.c in the R3 dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle a certain alarm length, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. |
|
49 |
CVE-2013-1574 |
|
|
DoS |
2013-02-02 |
2013-02-04 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The dissect_bthci_eir_ad_data function in epan/dissectors/packet-bthci_cmd.c in the Bluetooth HCI dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 uses an incorrect data type for a counter variable, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. |
|
50 |
CVE-2013-1573 |
|
|
DoS |
2013-02-02 |
2013-02-04 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle a large number of padding bits, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. |
