Bug 783363 (CVE-2012-0067) - CVE-2012-0067 Wireshark: Dos due to integer overflow in IPTrace capture format parser
Summary: CVE-2012-0067 Wireshark: Dos due to integer overflow in IPTrace capture forma...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2012-0067
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard: impact=low,public=20120110,reported=2...
Depends On: 781268 809045 809046 834180
Blocks: 773730 807617 816611
TreeView+ depends on / blocked
 
Reported: 2012-01-20 06:22 UTC by Huzaifa S. Sidhpurwala
Modified: 2019-06-08 19:01 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2013-01-08 09:13:04 UTC


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2012:0509 normal SHIPPED_LIVE Moderate: wireshark security update 2012-04-23 20:47:35 UTC
Red Hat Product Errata RHSA-2013:0125 normal SHIPPED_LIVE Moderate: wireshark security, bug fix, and enhancement update 2013-01-08 09:22:17 UTC

Description Huzaifa S. Sidhpurwala 2012-01-20 06:22:01 UTC
An integer overflow flaw leading to denial of service (application crash) was found in the way wireshark parsed files in the IPTrace capture format. It may be possible to make Wireshark crash by convincing someone to read a malformed IPTrace packet capture file.  This is corrected in upstream 1.4.11 and 1.6.5.

Reference:
http://www.wireshark.org/security/wnpa-sec-2012-01.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6668

Patch:
http://anonsvn.wireshark.org/viewvc?view=revision&revision=40167

Comment 2 Huzaifa S. Sidhpurwala 2012-01-20 06:52:15 UTC
This issue affects the version of wireshark shipped with Fedora 15 and Fedora
16 and has been addressed in the following security advisories:

https://admin.fedoraproject.org/updates/wireshark-1.4.11-1.fc15
https://admin.fedoraproject.org/updates/wireshark-1.6.5-1.fc16

Comment 4 errata-xmlrpc 2012-04-23 16:52:56 UTC
This issue has been addressed in following products:

  Red Hat Enterprise Linux 6

Via RHSA-2012:0509 https://rhn.redhat.com/errata/RHSA-2012-0509.html

Comment 6 errata-xmlrpc 2013-01-08 05:00:53 UTC
This issue has been addressed in following products:

  Red Hat Enterprise Linux 5

Via RHSA-2013:0125 https://rhn.redhat.com/errata/RHSA-2013-0125.html

Comment 8 Huzaifa S. Sidhpurwala 2013-01-08 09:13:04 UTC
Statement:

(none)


Note You need to log in before you can comment on or make changes to this bug.