A flaw was found in the Wireshark LDAP dissector. Wireshark could crash if it read a malformed packet off a network, or opened a malicious dump file. This issue affects Wireshark versions 1.10.0 to 1.10.1 and 1.8.0 to 1.8.9. It is fixed in versions 1.10.2 1.8.10. References: https://www.wireshark.org/security/wnpa-sec-2013-59.html
(In reply to Murray McAllister from comment #0) > A flaw was found in the Wireshark LDAP dissector. Wireshark could crash if > it read a malformed packet off a network, or opened a malicious dump file. > This issue affects Wireshark versions 1.10.0 to 1.10.1 and 1.8.0 to 1.8.9. > It is fixed in versions 1.10.2 1.8.10. That's hard to fix this (and related) issue due to scary message: "You are not authorized to access bug #1007214." Murray, are these bugs RHEL-related or something?
Created wireshark tracking bugs for this issue: Affects: fedora-all [bug 1007264]
(In reply to Peter Lemenkov from comment #1) > (In reply to Murray McAllister from comment #0) > > A flaw was found in the Wireshark LDAP dissector. Wireshark could crash if > > it read a malformed packet off a network, or opened a malicious dump file. > > This issue affects Wireshark versions 1.10.0 to 1.10.1 and 1.8.0 to 1.8.9. > > It is fixed in versions 1.10.2 1.8.10. > > That's hard to fix this (and related) issue due to scary message: > > "You are not authorized to access bug #1007214." > > Murray, are these bugs RHEL-related or something? Hello Peter, Very sorry for the confusion. I mistakenly did not file the Fedora bugs right away. I have done that now. Yes, #1007214 is RHEL related with some questions I had about older RHEL releases. Please ignore it (although hard not to, when I didn't file the right bugs first...) Cheers
This one looks like: http://anonsvn.wireshark.org/viewvc?view=revision&revision=51516
Statement: Not Vulnerable. This issue does not affect the version of wireshark as shipped with Red Hat Enterprise Linux 5 and 6.
This issue affects the version of wireshark as shipped with Fedora 18 and 19.
I dont have access to the closed bug or the cap file, so this one will need to be SanityOnly