An array index error, leading to a stack-based buffer overflow, was found in the way the ENTTEC dissector of Wireshark network traffic analyzer processed certain captures. A remote attacker could use this flaw to cause wireshark executable to crash or, potentially, execute arbitrary code with the privileges of the user running wireshark, if the local user opened a specially-crafted DMX data capture file, with Run Length Encoding (RLE) used for compression of the DMX signal. Upstream bug report: [1] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5539 Upstream changeset: [2] http://anonsvn.wireshark.org/viewvc?view=rev&revision=35318 Sample public PoC capture file: [3] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5539#c4 CVE Request: [4] http://www.openwall.com/lists/oss-security/2010/12/31/7
This issue affects the version of the wireshark package, as shipped with Red Hat Enterprise Linux 4, 5, and 6. -- This issue affects the version of the wireshark package, as shipped with Fedora release of 13 and 14. Please schedule an update.
Created wireshark tracking bugs for this issue Affects: fedora-all [bug 666897]
*** Bug 666561 has been marked as a duplicate of this bug. ***
*** Bug 666839 has been marked as a duplicate of this bug. ***
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 Via RHSA-2011:0013 https://rhn.redhat.com/errata/RHSA-2011-0013.html