oss-sec mailing list archives
Re: CVE Request -- wireshark (X >= 1.6.8): DoS (excessive CPU use and infinite loop) in DRDA dissector
From: Eygene Ryabinkin <rea-sec () codelabs ru>
Date: Fri, 31 Aug 2012 14:48:27 +0400
Wed, Aug 29, 2012 at 11:39:11AM -0400, Jan Lieskovsky wrote:
a denial of service flaw was found in the way Distributed Relational Database Architecture (DRDA) dissector of Wireshark, a network traffic analyzer, performed processing of certain DRDA packet capture files. A remote attacker could create a specially-crafted capture file that, when opened could lead to wireshark executable to consume excessive amount of CPU time and hang with an infinite loop.
[...]
Affected versions: Seems to affect wireshark 1.6.x versions and later (1.0.x and 1.2.x definitely aren't affected)
1.5.x is affected too: 1.5.0 was the first release in which the handling for the multiple DRDA commands was added to. 1.4 has no such code, whereas 1.5.0 has the while loop that provokes DoS. -- Eygene
Current thread:
- CVE Request -- wireshark (X >= 1.6.8): DoS (excessive CPU use and infinite loop) in DRDA dissector Jan Lieskovsky (Aug 29)
- Re: CVE Request -- wireshark (X >= 1.6.8): DoS (excessive CPU use and infinite loop) in DRDA dissector Kurt Seifried (Aug 29)
- Re: CVE Request -- wireshark (X >= 1.6.8): DoS (excessive CPU use and infinite loop) in DRDA dissector Eygene Ryabinkin (Aug 31)