oss-sec mailing list archives

CVE Request -- wireshark (X >= 1.6.8): DoS (excessive CPU use and infinite loop) in DRDA dissector

From: Jan Lieskovsky <jlieskov () redhat com>
Date: Wed, 29 Aug 2012 11:39:11 -0400 (EDT)

Hello Kurt, Steve, Gerald, vendors,

  a denial of service flaw was found in the way Distributed Relational Database Architecture (DRDA) dissector of 
Wireshark, a network traffic analyzer, performed processing of certain DRDA packet capture files. A remote attacker 
could create a specially-crafted capture file that, when opened could lead to wireshark executable to consume excessive 
amount of CPU time and hang with an infinite loop.

Issue found by: Martin Wilck

Upstream bug report:
[1] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7666

Reproducer:
[2] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7666#c0

References:
[3] https://bugzilla.redhat.com/show_bug.cgi?id=849926

Affected versions: Seems to affect wireshark 1.6.x versions and
                   later (1.0.x and 1.2.x definitely aren't affected)

Could you allocate a CVE id for this?

Thank you && Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Response Team

Current thread:

CVE Request -- wireshark (X >= 1.6.8): DoS (excessive CPU use and infinite loop) in DRDA dissector Jan Lieskovsky (Aug 29)
- Re: CVE Request -- wireshark (X >= 1.6.8): DoS (excessive CPU use and infinite loop) in DRDA dissector Kurt Seifried (Aug 29)
- Re: CVE Request -- wireshark (X >= 1.6.8): DoS (excessive CPU use and infinite loop) in DRDA dissector Eygene Ryabinkin (Aug 31)
  - Re: CVE Request -- wireshark (X >= 1.6.8): DoS (excessive CPU use and infinite loop) in DRDA dissector Gerald Combs (Aug 31)
    - Re: CVE Request -- wireshark (X >= 1.6.8): DoS (excessive CPU use and infinite loop) in DRDA dissector Kurt Seifried (Aug 31)
    - Re: CVE Request -- wireshark (X >= 1.6.8): DoS (excessive CPU use and infinite loop) in DRDA dissector Eygene Ryabinkin (Sep 01)