Red Hat Bugzilla – Bug 807624
CVE-2012-1594 wireshark: Infinite loop in the IEEE 802.11 dissector
Last modified: 2016-03-04 07:04:12 EST
A denial of service flaw was found in the way IEEE 802.11 dissector of Wireshark, a network traffic analyzer, processed certain capture files (16-bit integers were used as counters during loading of capture files for certain protocols). A remote attacker could provide a specially-crafted packet capture file, which once opened by a local unsuspecting user would lead to situation, where wireshark executable would never finish loading of such capture file (infinite loop).
Upstream bug report:
Relevant upstream patch:
This issue did NOT affect the versions of the wireshark package, as shipped with Red Hat Enterprise Linux 5 and 6.
This issue did NOT affect the version of the wireshark package, as shipped with Fedora release of 15.
This issue affects the version of the wireshark package, as shipped with Fedora release of 16.
Added CVE as per http://www.openwall.com/lists/oss-security/2012/03/28/13
Not Vulnerable. This issue does not affect the version of wireshark as shipped
with Red Hat Enterprise Linux 5 and 6.
Created wireshark tracking bugs for this issue
Affects: fedora-16 [bug 808973]
wireshark-1.6.6-1.fc16 has been pushed to the Fedora 16 stable repository. If problems still persist, please make note of it in this bug report.