A stack-based buffer overflow was found in the wireshark processed certain Label Distribution Protocol (LDP) (RFC 3036) packets. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. References: Upstream advisory: http://www.wireshark.org/security/wnpa-sec-2012-29.html Bug report: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7567 Patch: http://anonsvn.wireshark.org/viewvc?view=revision&revision=44801
Statement: Not Vulnerable. This issue does not affect the version of wireshark as shipped with Red Hat Enterprise Linux 5 and 6.
This issue not affect the version of wireshark as shipped with Fedora 16 and 17. This issue affects the version of wireshark as shipped with Fedora 18.
Created wireshark tracking bugs for this issue Affects: fedora-18 [bug 862547]