A denial of service flaw was found in the Wireshark's GSM layer 3 Radio Resource Protocol (GSM A RR) dissector. Loading a specially-crafted GSM A RR PCAP capture file in Wireshark would lead to Wireshark crash. References: ----------- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3893 http://www.wireshark.org/security/wnpa-sec-2009-06.html Upstream patch: --------------- http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-gsm_a_rr.c?r1=29390&r2=29403&pathrev=29403 Reproducer: ----------- http://www.wireshark.org/download/automated/captures/fuzz-2009-08-13-21137.pcap
This issue does NOT affect the versions of the wireshark package, as shipped with Red Hat Enterprise Linux 3, 4, or 5. This issue affects the latest versions of wireshark package, as shipped with Fedora release of 10 and 11 (wireshark-1.2.1-1.fc10 and wireshark-1.2.1-1.fc11).
Common Vulnerabilities and Exposures assigned an identifier CVE-2009-3242 to the following vulnerability: Unspecified vulnerability in packet.c in the GSM A RR dissector in Wireshark 1.2.0 and 1.2.1 allows remote attackers to cause a denial of service (application crash) via unknown vectors related to "an uninitialized dissector handle," which triggers an assertion failure. References: ----------- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3242 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3893 http://www.wireshark.org/security/wnpa-sec-2009-06.html http://www.securityfocus.com/bid/36408 http://secunia.com/advisories/36754
wireshark-1.2.2-1.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.