CVE-2015-8733

NameCVE-2015-8733
DescriptionThe ngsniffer_process_record function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-3505-1
NVD severitymedium (attack range: remote)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
wireshark (PTS)wheezy1.8.2-5wheezy18fixed
wheezy (security)1.12.1+g01b65bf-4+deb8u6~deb7u7fixed
jessie (security), jessie1.12.1+g01b65bf-4+deb8u11fixed
stretch2.2.6+g32dac6a-2fixed
buster, sid2.4.2-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
wiresharksource(unstable)2.0.1+g59ea380-1medium
wiresharksourcejessie1.12.1+g01b65bf-4+deb8u4mediumDSA-3505-1
wiresharksourcesqueeze(unfixed)end-of-life
wiresharksourcewheezy1.8.2-5wheezy17mediumDSA-3505-1

Notes

[wheezy] - wireshark <not-affected> (Vulnerable code not present)
[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=53a3e53fce30523d11ab3df319fba7b75d63076f
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11827
http://www.wireshark.org/security/wnpa-sec-2015-51.html

Search for package or bug name: Reporting problems