You are here

CVE-2013-3558

Vincent (CVE) Danen's picture
The dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c in the PPP CCP dissector in Wireshark 1.8.x before 1.8.7 does not terminate a bit-field list, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.

Details Source

Mitre

Statement

Not Vulnerable. This issue does not affect the version of wireshark as shipped with Red Hat Enterprise Linux 5 and 6.

Public Date

2013-05-17 00:00:00

Impact

Low

Bugzilla

CVE-2013-3558 wireshark: DoS (crash) in the PPP CCP dissector (wnpa-sec-2013-26, upstream #8638)

Bugzilla ID

965 192

CVSS Status

draft

Base Score

4.30

Base Metrics

AV:N/AC:M/Au:N/C:N/I:N/A:P

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 6 wireshark Not affected
Red Hat Enterprise Linux 5 wireshark Not affected