Denial of Service flaws were found in the way MySQL dissector, ETCH dissector and Websocket dissector of Wireshark. a network traffic analyzer, processed certain packet capture files. A remote attacker could provide a specially-crafted packet capture file that, when processed, would lead to tshark executable crash. Reference: http://seclists.org/oss-sec/2013/q2/378 Upstream advisory: http://www.wireshark.org/security/wnpa-sec-2013-29.html - bug 8448 http://www.wireshark.org/security/wnpa-sec-2013-30.html http://www.wireshark.org/security/wnpa-sec-2013-31.html Uptream patches: Websocket dissector: http://anonsvn.wireshark.org/viewvc?view=revision&revision=48336 ETCH dissector: http://anonsvn.wireshark.org/viewvc?view=revision&revision=48919 MySQL dissector: http://anonsvn.wireshark.org/viewvc?view=revision&revision=48894
*** Bug 965110 has been marked as a duplicate of this bug. ***
*** Bug 965111 has been marked as a duplicate of this bug. ***
From all of the issues listed in comment #0, Red Hat Enterprise Linux 6 is affected by the MySQL dissector flaw.
Created wireshark tracking bugs for this issue Affects: fedora-17 [bug 881873] Affects: fedora-18 [bug 965942]
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2013:1569 https://rhn.redhat.com/errata/RHSA-2013-1569.html
Statement: (none)