Wireshark: >> Wireshark >> 0.99.4 Security Vulnerabilities
The LDAP dissector in Wireshark (formerly Ethereal) 0.99.2 through 0.99.8 allows remote attackers to cause a denial of service (application crash) via a malformed packet, a different vulnerability than CVE-2006-5740.
CVSS Score
5.0
EPSS Score
0.422
Published
2008-03-31
The "decode as" feature in packet-bssap.c in the SCCP dissector in Wireshark (formerly Ethereal) 0.99.6 through 0.99.8 allows remote attackers to cause a denial of service (application crash) via a malformed packet.
CVSS Score
4.3
EPSS Score
0.074
Published
2008-03-31
The SCTP dissector in Wireshark (formerly Ethereal) 0.99.5 through 0.99.7 allows remote attackers to cause a denial of service (crash) via a malformed packet.
CVSS Score
5.0
EPSS Score
0.01
Published
2008-02-28
The SNMP dissector in Wireshark (formerly Ethereal) 0.99.6 through 0.99.7 allows remote attackers to cause a denial of service (crash) via a malformed packet.
CVSS Score
4.3
EPSS Score
0.01
Published
2008-02-28
The TFTP dissector in Wireshark (formerly Ethereal) 0.6.0 through 0.99.7, when running on Ubuntu 7.10, allows remote attackers to cause a denial of service (crash or memory consumption) via a malformed packet, possibly related to a Cairo library bug.
CVSS Score
4.7
EPSS Score
0.001
Published
2008-02-28
The RPL dissector in Wireshark (formerly Ethereal) 0.9.8 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.
CVSS Score
5.0
EPSS Score
0.029
Published
2007-12-19
Unspecified vulnerability in the CIP dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger allocation of large amounts of memory.
CVSS Score
4.3
EPSS Score
0.023
Published
2007-12-19
Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) allow remote attackers to cause a denial of service (crash) via (1) a crafted MP3 file or (2) unspecified vectors to the NCP dissector.
CVSS Score
7.1
EPSS Score
0.035
Published
2007-11-23
Integer signedness error in the DNP3 dissector in Wireshark (formerly Ethereal) 0.10.12 to 0.99.6 allows remote attackers to cause a denial of service (long loop) via a malformed DNP3 packet.
CVSS Score
4.3
EPSS Score
0.094
Published
2007-11-23
Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0 through 0.99.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) the SSL dissector or (2) the iSeries (OS/400) Communication trace file parser.
CVSS Score
10.0
EPSS Score
0.037
Published
2007-11-23