Red Hat Bugzilla – Bug 1026541
CVE-2013-6340 wireshark: TCP dissector crash (wnpa-sec-2013-65)
Last modified: 2015-11-25 05:01:41 EST
Common Vulnerabilities and Exposures assigned an identifier CVE-2013-6340 to
the following vulnerability:
epan/dissectors/packet-tcp.c in the TCP dissector in Wireshark 1.8.x
before 1.8.11 and 1.10.x before 1.10.3 does not properly determine the
amount of remaining data, which allows remote attackers to cause a
denial of service (application crash) via a crafted packet.
Created wireshark tracking bugs for this issue:
Affects: fedora-all [bug 1026546]
wireshark-1.10.3-2.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
wireshark-1.10.3-3.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
wireshark-1.10.3-3.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
This issue does not affect the version of wireshark as shipped with Red Hat Enterprise Linux 5.
This issue has been addressed in following products:
Red Hat Enterprise Linux 6
Via RHSA-2014:0342 https://rhn.redhat.com/errata/RHSA-2014-0342.html