CVE-2013-2486

Published: 07 March 2013

The dissect_diagnosticrequest function in epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (infinite loop) via crafted integer values in a packet.

Priority

Medium

Status

Package Release Status
wireshark
Launchpad, Ubuntu, Debian
Upstream
Released (1.8.6)
Ubuntu 14.04 ESM (Trusty Tahr) Not vulnerable
(1.10.6-1)
Patches:
Upstream: http://anonsvn.wireshark.org/viewvc?view=revision&revision=47805