Red Hat Bugzilla – Bug 1007182
CVE-2013-5718 wireshark: NBAP dissector crash (wnpa-sec-2013-55, upstream bug 9005)
Last modified: 2015-10-15 14:00:13 EDT
Laurent Butti discovered a flaw in the Wireshark NBAP dissector. Wireshark could crash if it read a malformed packet off a network, or opened a malicious dump file. This issue affects Wireshark versions 1.10.0 to 1.10.1 and 1.8.0 to 1.8.9. It is fixed in versions 1.10.2 and 1.8.10.
1.10 fix: http://anonsvn.wireshark.org/viewvc?view=revision&revision=51228
1.8 fix: http://anonsvn.wireshark.org/viewvc?view=revision&revision=51230
Created wireshark tracking bugs for this issue:
Affects: fedora-all [bug 1007256]
Not Vulnerable. This issue does not affect the version of wireshark as shipped with Red Hat Enterprise Linux 5 and 6.
This issue affects the version of wireshark as shipped with Fedora 18 and 19.