The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not validate bitmask data, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "binary_name": "libwireshark-data" }, { "binary_version": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "binary_name": "libwireshark-dev" }, { "binary_version": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "binary_name": "libwireshark-dev-dbgsym" }, { "binary_version": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "binary_name": "libwireshark5" }, { "binary_version": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "binary_name": "libwireshark5-dbgsym" }, { "binary_version": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "binary_name": "libwiretap-dev" }, { "binary_version": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "binary_name": "libwiretap-dev-dbgsym" }, { "binary_version": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "binary_name": "libwiretap4" }, { "binary_version": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "binary_name": "libwiretap4-dbgsym" }, { "binary_version": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "binary_name": "libwsutil-dev" }, { "binary_version": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "binary_name": "libwsutil-dev-dbgsym" }, { "binary_version": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "binary_name": "libwsutil4" }, { "binary_version": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "binary_name": "libwsutil4-dbgsym" }, { "binary_version": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "binary_name": "tshark" }, { "binary_version": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "binary_name": "tshark-dbgsym" }, { "binary_version": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "binary_name": "wireshark" }, { "binary_version": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "binary_name": "wireshark-common" }, { "binary_version": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "binary_name": "wireshark-common-dbgsym" }, { "binary_version": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "binary_name": "wireshark-dbg" }, { "binary_version": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "binary_name": "wireshark-dbgsym" }, { "binary_version": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "binary_name": "wireshark-dev" }, { "binary_version": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "binary_name": "wireshark-dev-dbgsym" }, { "binary_version": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "binary_name": "wireshark-doc" }, { "binary_version": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "binary_name": "wireshark-qt" }, { "binary_version": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "binary_name": "wireshark-qt-dbgsym" } ] }