epan/crypt/airpdcap.c in the IEEE 802.11 dissector in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles the lack of an EAPOLRSNKEY, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
[ { "source": "https://github.com/wireshark/wireshark/commit/9b0b20b8d5f8c9f7839d58ff6c5900f7e19283b4", "target": { "function": "AirPDcapScanForKeys", "file": "epan/crypt/airpdcap.c" }, "digest": { "function_hash": "296458949931481913643121311399429596712", "length": 5456.0 }, "deprecated": false, "signature_type": "Function", "id": "CVE-2016-5351-68d79495", "signature_version": "v1" }, { "source": "https://github.com/wireshark/wireshark/commit/9b0b20b8d5f8c9f7839d58ff6c5900f7e19283b4", "target": { "file": "epan/crypt/airpdcap.c" }, "digest": { "line_hashes": [ "37652374563865177743326216940319484184", "222147689584816300059826757404927774604", "110738509525779230859447090536084539198", "63065127473966425569594560141077604875" ], "threshold": 0.9 }, "deprecated": false, "signature_type": "Line", "id": "CVE-2016-5351-a69fb01c", "signature_version": "v1" } ]