CVE Vulnerabilities

CVE-2013-5718

Published: Sep 16, 2013 | Modified: Nov 21, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
RedHat/V2
4.3 LOW
AV:N/AC:M/Au:N/C:N/I:N/A:P
RedHat/V3
Ubuntu
MEDIUM

The dissect_nbap_T_dCH_ID function in epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 does not restrict the dch_id value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Affected Software

Name Vendor Start Version End Version
Wireshark Wireshark 1.8.0 (including) 1.8.0 (including)
Wireshark Wireshark 1.8.1 (including) 1.8.1 (including)
Wireshark Wireshark 1.8.2 (including) 1.8.2 (including)
Wireshark Wireshark 1.8.3 (including) 1.8.3 (including)
Wireshark Wireshark 1.8.4 (including) 1.8.4 (including)
Wireshark Wireshark 1.8.5 (including) 1.8.5 (including)
Wireshark Wireshark 1.8.6 (including) 1.8.6 (including)
Wireshark Wireshark 1.8.7 (including) 1.8.7 (including)
Wireshark Wireshark 1.8.8 (including) 1.8.8 (including)
Wireshark Wireshark 1.8.9 (including) 1.8.9 (including)
Wireshark Wireshark 1.10.0 (including) 1.10.0 (including)
Wireshark Wireshark 1.10.1 (including) 1.10.1 (including)
Wireshark Ubuntu lucid *
Wireshark Ubuntu precise *
Wireshark Ubuntu quantal *
Wireshark Ubuntu raring *
Wireshark Ubuntu upstream *

References