A denial of service flaw was found in the way MySQL dissector of Wireshark, a network traffic analyzer, processed certain MySQL packet capture files. A remote attacker could provide a specially-crafted MySQL packet capture file that, when processed, would lead to denial of service (wireshark executable to enter infinite loop while trying to dissect that file). Upstream bug report: [1] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8458 Reproducer: [2] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8458#c1 Upstream patch: [3] http://anonsvn.wireshark.org/viewvc?view=revision&revision=48894
Created wireshark tracking bugs for this issue Affects: fedora-17 [bug 881873] Affects: fedora-18 [bug 965942]
Upstream advisory: http://www.wireshark.org/security/wnpa-sec-2013-30.html
Statement: This issue does not affect the version of wireshark as shipped with Red Hat Enterprise Linux 5. This issue affects the version of wireshark as shipped with Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw.
*** This bug has been marked as a duplicate of bug 966331 ***