Bug 906351 (CVE-2013-1588) - CVE-2013-1588 wireshark: DCP-ETSI dissector crash (wnpa-sec-2013-07, bug 8213)
Summary: CVE-2013-1588 wireshark: DCP-ETSI dissector crash (wnpa-sec-2013-07, bug 8213)
Alias: CVE-2013-1588
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
Depends On: 906387
Blocks: 906403
TreeView+ depends on / blocked
Reported: 2013-01-31 13:43 UTC by Jan Lieskovsky
Modified: 2021-02-17 08:07 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2013-02-04 05:46:34 UTC

Attachments (Terms of Use)

Description Jan Lieskovsky 2013-01-31 13:43:51 UTC
A security flaw was found in the way DCP-ETSI dissector of Wireshark, a network traffic analyzer, performed dissection of certain DCP-ETSI packet capture files. A remote attacker could provide a specially-crafted DCP-ETSI packet / packet capture that, when processed, would lead to tshark executable crash or, potentially, arbitrary code execution with the privileges of the user running the executable, when trying to process the crafted packet / packet capture file.

Upstream bug report:
[1] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8213

Sample packet capture:
[2] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8213#c0

Relevant upstream patch:
[3] http://anonsvn.wireshark.org/viewvc?view=revision&revision=47098

[4] http://www.wireshark.org/security/wnpa-sec-2013-07.html
[5] http://www.openwall.com/lists/oss-security/2013/01/31/2

Comment 1 Jan Lieskovsky 2013-01-31 15:20:30 UTC
Created wireshark tracking bugs for this issue

Affects: fedora-all [bug 906387]

Comment 2 Huzaifa S. Sidhpurwala 2013-02-04 05:46:34 UTC

Not Vulnerable. This issue does not affect the version of wireshark as shipped with Red Hat Enterprise Linux 5 and 6.

Note You need to log in before you can comment on or make changes to this bug.