A security flaw was found in the way DCP-ETSI dissector of Wireshark, a network traffic analyzer, performed dissection of certain DCP-ETSI packet capture files. A remote attacker could provide a specially-crafted DCP-ETSI packet / packet capture that, when processed, would lead to tshark executable crash or, potentially, arbitrary code execution with the privileges of the user running the executable, when trying to process the crafted packet / packet capture file.
Upstream bug report:
Sample packet capture:
Relevant upstream patch:
Created wireshark tracking bugs for this issue
Affects: fedora-all [bug 906387]
Not Vulnerable. This issue does not affect the version of wireshark as shipped with Red Hat Enterprise Linux 5 and 6.