It was found that Wireshark's DICOM dissector did not check for invalid payload data unit length. A remote attacker could create a specially-crafted capture file, which once opened, by a local, unsuspecting user could lead to wireshark application hang / termination. References: [1] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5876 (upstream bug report) [2] http://www.wireshark.org/download/automated/captures/fuzz-2011-04-30-7272.pcap (public reproducer) [3] http://www.openwall.com/lists/oss-security/2011/05/31/20 (CVE request) [4] http://www.wireshark.org/security/wnpa-sec-2011-07.html (upstream advisory) Upstream patch: [5] http://anonsvn.wireshark.org/viewvc?view=revision&revision=36958
This issue did NOT affect the versions of the wireshark package, as shipped with Red Hat Enterprise Linux 4 and 5. This issue affects the version of the wireshark package, as shipped with Red Hat Enterprise Linux 6. -- This issue affects the versions of the wireshark package, as shipped with Fedora release of 13, 14, and 15.
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2012:0509 https://rhn.redhat.com/errata/RHSA-2012-0509.html
Statement: This issue does not affect the version of wireshark as shipped with Red Hat Enterprise Linux 4 or 5.