A security flaw was found in the way DCP-ETSI dissector of Wireshark, a network traffic analyzer, performed dissection of certain DCP-ETSI packet capture files. A remote attacker could provide a specially-crafted DCP-ETSI packet / packet capture that, when processed, would lead to tshark executable crash or, potentially, arbitrary code execution with the privileges of the user running the executable, when trying to process the crafted packet / packet capture file. Upstream bug report: [1] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8213 Sample packet capture: [2] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8213#c0 Relevant upstream patch: [3] http://anonsvn.wireshark.org/viewvc?view=revision&revision=47098 References: [4] http://www.wireshark.org/security/wnpa-sec-2013-07.html [5] http://www.openwall.com/lists/oss-security/2013/01/31/2
Created wireshark tracking bugs for this issue Affects: fedora-all [bug 906387]
Statement: Not Vulnerable. This issue does not affect the version of wireshark as shipped with Red Hat Enterprise Linux 5 and 6.