[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE Request -- wireshark (X >= 1.6.8): DoS (excessive CPU use and infinite loop)
From:       Gerald Combs <gerald () wireshark ! org>
Date:       2012-08-31 23:39:46
Message-ID: 50414B42.2080901 () wireshark ! org
[Download RAW message or body]

On 8/31/12 3:48 AM, Eygene Ryabinkin wrote:
> Wed, Aug 29, 2012 at 11:39:11AM -0400, Jan Lieskovsky wrote:
>> a denial of service flaw was found in the way Distributed Relational
>> Database Architecture (DRDA) dissector of Wireshark, a network
>> traffic analyzer, performed processing of certain DRDA packet
>> capture files. A remote attacker could create a specially-crafted
>> capture file that, when opened could lead to wireshark executable to
>> consume excessive amount of CPU time and hang with an infinite loop.
> [...]
>> Affected versions: Seems to affect wireshark 1.6.x versions and
>>                    later (1.0.x and 1.2.x definitely aren't affected)
> 
> 1.5.x is affected too: 1.5.0 was the first release in which the
> handling for the multiple DRDA commands was added to.  1.4 has no
> such code, whereas 1.5.0 has the while loop that provokes DoS.

Note that 1.5.0 wasn't an official release. Odd-numbered minor revisions
are development releases preceding the next even-numbered (and official)
release.

[prev in list] [next in list] [prev in thread] [next in thread]