| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2013-2488 |
20 |
|
DoS |
2013-03-07 |
2013-04-10 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
The DTLS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not validate the fragment offset before invoking the reassembly state machine, which allows remote attackers to cause a denial of service (application crash) via a large offset value that triggers write access to an invalid memory location. |
|
2 |
CVE-2013-2487 |
189 |
|
DoS |
2013-03-07 |
2013-04-10 |
6.1 |
None |
Local Network |
Low |
Not required |
None |
None |
Complete |
|
epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses incorrect integer data types, which allows remote attackers to cause a denial of service (infinite loop) via crafted integer values in a packet, related to the (1) dissect_icecandidates, (2) dissect_kinddata, (3) dissect_nodeid_list, (4) dissect_storeans, (5) dissect_storereq, (6) dissect_storeddataspecifier, (7) dissect_fetchreq, (8) dissect_findans, (9) dissect_diagnosticinfo, (10) dissect_diagnosticresponse, (11) dissect_reload_messagecontents, and (12) dissect_reload_message functions, a different vulnerability than CVE-2013-2486. |
|
3 |
CVE-2013-2486 |
189 |
|
DoS |
2013-03-07 |
2013-04-10 |
6.1 |
None |
Local Network |
Low |
Not required |
None |
None |
Complete |
|
The dissect_diagnosticrequest function in epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (infinite loop) via crafted integer values in a packet. |
|
4 |
CVE-2013-2485 |
|
|
DoS |
2013-03-07 |
2013-04-10 |
6.1 |
None |
Local Network |
Low |
Not required |
None |
None |
Complete |
|
The FCSP dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. |
|
5 |
CVE-2013-2484 |
|
|
DoS |
2013-03-07 |
2013-04-10 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
|
The CIMD dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
6 |
CVE-2013-2483 |
189 |
|
DoS |
2013-03-07 |
2013-04-10 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
|
The acn_add_dmp_data function in epan/dissectors/packet-acn.c in the ACN dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via an invalid count value in ACN_DMP_ADT_D_RE DMP data. |
|
7 |
CVE-2013-2482 |
|
|
DoS |
2013-03-07 |
2013-04-10 |
6.1 |
None |
Local Network |
Low |
Not required |
None |
None |
Complete |
|
The AMPQ dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. |
|
8 |
CVE-2013-2481 |
189 |
|
DoS |
2013-03-07 |
2013-04-10 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
Integer signedness error in the dissect_mount_dirpath_call function in epan/dissectors/packet-mount.c in the Mount dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6, when nfs_file_name_snooping is enabled, allows remote attackers to cause a denial of service (application crash) via a negative length value. |
|
9 |
CVE-2013-2480 |
|
|
DoS |
2013-03-07 |
2013-04-10 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
|
The RTPS and RTPS2 dissectors in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allow remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
10 |
CVE-2013-2479 |
|
|
DoS |
2013-03-07 |
2013-04-10 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
|
The dissect_mpls_echo_tlv_dd_map function in epan/dissectors/packet-mpls-echo.c in the MPLS Echo dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via invalid Sub-tlv data. |
|
11 |
CVE-2013-2478 |
189 |
|
DoS Overflow |
2013-03-07 |
2013-04-10 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
|
The dissect_server_info function in epan/dissectors/packet-ms-mms.c in the MS-MMS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not properly manage string lengths, which allows remote attackers to cause a denial of service (application crash) via a malformed packet that (1) triggers an integer overflow or (2) has embedded '\0' characters in a string. |
|
12 |
CVE-2013-2477 |
119 |
|
DoS Overflow |
2013-03-07 |
2013-04-10 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
|
The CSN.1 dissector in Wireshark 1.8.x before 1.8.6 does not properly manage function pointers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
13 |
CVE-2013-2476 |
399 |
|
DoS |
2013-03-07 |
2013-04-10 |
6.1 |
None |
Local Network |
Low |
Not required |
None |
None |
Complete |
|
The dissect_hartip function in epan/dissectors/packet-hartip.c in the HART/IP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a packet with a header that is too short. |
|
14 |
CVE-2013-2475 |
|
|
DoS |
2013-03-07 |
2013-04-10 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
|
The TCP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
15 |
CVE-2013-1590 |
119 |
|
DoS Overflow |
2013-02-02 |
2013-03-06 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
Buffer overflow in the NTLMSSP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
16 |
CVE-2013-1589 |
399 |
|
DoS |
2013-02-02 |
2013-02-11 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
Double free vulnerability in epan/proto.c in the dissection engine in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
17 |
CVE-2013-1588 |
119 |
|
DoS Overflow |
2013-02-02 |
2013-03-06 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
Multiple buffer overflows in the dissect_pft_fec_detailed function in the DCP-ETSI dissector in epan/dissectors/packet-dcp-etsi.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allow remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
18 |
CVE-2013-1587 |
|
|
DoS |
2013-02-02 |
2013-02-04 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
The dissect_rohc_ir_packet function in epan/dissectors/packet-rohc.c in the ROHC dissector in Wireshark 1.8.x before 1.8.5 does not properly handle unknown profiles, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
19 |
CVE-2013-1586 |
|
|
DoS |
2013-02-02 |
2013-03-06 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
The fragment_set_tot_len function in epan/reassemble.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly determine the length of a reassembled packet for the DTLS dissector, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
20 |
CVE-2013-1585 |
20 |
|
DoS |
2013-02-02 |
2013-02-06 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
epan/tvbuff.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly validate certain length values for the MS-MMC dissector, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
21 |
CVE-2013-1584 |
20 |
|
DoS |
2013-02-02 |
2013-02-06 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
The dissect_version_5_and_6_primary_header function in epan/dissectors/packet-dtn.c in the DTN dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 accesses an inappropriate pointer, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
22 |
CVE-2013-1583 |
20 |
|
DoS |
2013-02-02 |
2013-02-06 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
The dissect_version_4_primary_header function in epan/dissectors/packet-dtn.c in the DTN dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 accesses an inappropriate pointer, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
23 |
CVE-2013-1582 |
189 |
|
DoS |
2013-02-02 |
2013-03-06 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
The dissect_clnp function in epan/dissectors/packet-clnp.c in the CLNP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly manage an offset variable, which allows remote attackers to cause a denial of service (infinite loop or application crash) via a malformed packet. |
|
24 |
CVE-2013-1581 |
20 |
|
DoS |
2013-02-02 |
2013-02-11 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
The dissect_pft_fec_detailed function in epan/dissectors/packet-dcp-etsi.c in the DCP-ETSI dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle fragment gaps, which allows remote attackers to cause a denial of service (loop) via a malformed packet. |
|
25 |
CVE-2013-1580 |
20 |
|
DoS |
2013-02-02 |
2013-02-11 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
The dissect_cmstatus_tlv function in plugins/docsis/packet-cmstatus.c in the DOCSIS CM-STATUS dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 uses an incorrect data type for a position variable, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. |
|
26 |
CVE-2013-1579 |
399 |
|
DoS |
2013-02-02 |
2013-02-04 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
The rtps_util_add_bitmap function in epan/dissectors/packet-rtps.c in the RTPS dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly implement certain nested loops for processing bitmap data, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. |
|
27 |
CVE-2013-1578 |
20 |
|
DoS |
2013-02-02 |
2013-02-11 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
The dissect_pw_eth_heuristic function in epan/dissectors/packet-pw-eth.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle apparent Ethernet address values at the beginning of MPLS data, which allows remote attackers to cause a denial of service (loop) via a malformed packet. |
|
28 |
CVE-2013-1577 |
20 |
|
DoS |
2013-02-02 |
2013-02-11 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
The dissect_sip_p_charging_func_addresses function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle offset data associated with a quoted string, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. |
|
29 |
CVE-2013-1576 |
310 |
|
DoS |
2013-02-02 |
2013-02-11 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
The dissect_sdp_media_attribute function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly process crypto-suite parameters, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. |
|
30 |
CVE-2013-1575 |
20 |
|
DoS |
2013-02-02 |
2013-02-11 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
The dissect_r3_cmd_alarmconfigure function in epan/dissectors/packet-assa_r3.c in the R3 dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle a certain alarm length, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. |
|
31 |
CVE-2013-1574 |
|
|
DoS |
2013-02-02 |
2013-02-04 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The dissect_bthci_eir_ad_data function in epan/dissectors/packet-bthci_cmd.c in the Bluetooth HCI dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 uses an incorrect data type for a counter variable, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. |
|
32 |
CVE-2013-1573 |
|
|
DoS |
2013-02-02 |
2013-02-04 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle a large number of padding bits, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. |
|
33 |
CVE-2013-1572 |
20 |
|
DoS |
2013-02-02 |
2013-02-11 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
The dissect_oampdu_event_notification function in epan/dissectors/packet-slowprotocols.c in the IEEE 802.3 Slow Protocols dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle certain short lengths, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. |
|
34 |
CVE-2012-6062 |
20 |
|
DoS |
2012-12-05 |
2013-02-07 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The dissect_rtcp_app function in epan/dissectors/packet-rtcp.c in the RTCP dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. |
|
35 |
CVE-2012-6061 |
189 |
|
DoS Overflow |
2012-12-05 |
2013-02-07 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The dissect_wtp_common function in epan/dissectors/packet-wtp.c in the WTP dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 uses an incorrect data type for a certain length field, which allows remote attackers to cause a denial of service (integer overflow and infinite loop) via a crafted value in a packet. |
|
36 |
CVE-2012-6060 |
189 |
|
DoS Overflow |
2012-12-05 |
2013-02-07 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Integer overflow in the dissect_iscsi_pdu function in epan/dissectors/packet-iscsi.c in the iSCSI dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. |
|
37 |
CVE-2012-6059 |
20 |
|
DoS |
2012-12-05 |
2013-02-07 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The dissect_isakmp function in epan/dissectors/packet-isakmp.c in the ISAKMP dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 uses an incorrect data structure to determine IKEv2 decryption parameters, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
38 |
CVE-2012-6058 |
189 |
|
DoS Overflow |
2012-12-05 |
2013-02-07 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Integer overflow in the dissect_icmpv6 function in epan/dissectors/packet-icmpv6.c in the ICMPv6 dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted Number of Sources value. |
|
39 |
CVE-2012-6057 |
189 |
|
DoS Overflow |
2012-12-05 |
2013-02-07 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The dissect_eigrp_metric_comm function in epan/dissectors/packet-eigrp.c in the EIGRP dissector in Wireshark 1.8.x before 1.8.4 uses the wrong data type for a certain offset value, which allows remote attackers to cause a denial of service (integer overflow and infinite loop) via a malformed packet. |
|
40 |
CVE-2012-6056 |
189 |
|
DoS Overflow |
2012-12-05 |
2013-02-07 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Integer overflow in the dissect_sack_chunk function in epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted Duplicate TSN count. |
|
41 |
CVE-2012-6055 |
189 |
|
DoS |
2012-12-05 |
2013-02-07 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-3g-a11.c in the 3GPP2 A11 dissector in Wireshark 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a zero value in a sub-type length field. |
|
42 |
CVE-2012-6054 |
189 |
|
DoS |
2012-12-05 |
2013-02-07 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The dissect_sflow_245_address_type function in epan/dissectors/packet-sflow.c in the sFlow dissector in Wireshark 1.8.x before 1.8.4 does not properly handle length calculations for an invalid IP address type, which allows remote attackers to cause a denial of service (infinite loop) via a packet that is neither IPv4 nor IPv6. |
|
43 |
CVE-2012-6053 |
189 |
|
DoS |
2012-12-05 |
2013-02-07 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-usb.c in the USB dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 relies on a length field to calculate an offset value, which allows remote attackers to cause a denial of service (infinite loop) via a zero value for this field. |
|
44 |
CVE-2012-6052 |
200 |
|
+Info |
2012-12-05 |
2013-02-07 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Wireshark 1.8.x before 1.8.4 allows remote attackers to obtain sensitive hostname information by reading pcap-ng files. |
|
45 |
CVE-2012-5240 |
119 |
|
DoS Overflow |
2012-10-04 |
2013-02-13 |
5.8 |
None |
Local Network |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in the dissect_tlv function in epan/dissectors/packet-ldp.c in the LDP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malformed packet. |
|
46 |
CVE-2012-5238 |
|
|
DoS |
2012-10-04 |
2013-02-13 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.3 uses incorrect OUI data structures during the decoding of (1) PPP and (2) LCP data, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a malformed packet. |
|
47 |
CVE-2012-5237 |
399 |
|
DoS |
2012-10-04 |
2013-02-13 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
|
The dissect_hsrp function in epan/dissectors/packet-hsrp.c in the HSRP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. |
|
48 |
CVE-2012-4298 |
189 |
|
Exec Code Overflow |
2012-08-16 |
2012-09-07 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Integer signedness error in the vwr_read_rec_data_ethernet function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.2 allows user-assisted remote attackers to execute arbitrary code via a crafted packet-trace file that triggers a buffer overflow. |
|
49 |
CVE-2012-4297 |
119 |
|
Exec Code Overflow |
2012-08-16 |
2012-09-07 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the dissect_gsm_rlcmac_downlink function in epan/dissectors/packet-gsm_rlcmac.c in the GSM RLC MAC dissector in Wireshark 1.6.x before 1.6.10 and 1.8.x before 1.8.2 allows remote attackers to execute arbitrary code via a malformed packet. |
|
50 |
CVE-2012-4296 |
399 |
|
DoS Overflow |
2012-08-16 |
2013-01-03 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
|
Buffer overflow in epan/dissectors/packet-rtps2.c in the RTPS2 dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (CPU consumption) via a malformed packet. |
