1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
|
Candidate: CVE-2014-6426
PublicDate: 2014-09-20
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6426
https://www.wireshark.org/security/wnpa-sec-2014-16.html
Description:
The dissect_hip_tlv function in epan/dissectors/packet-hip.c in the HIP
dissector in Wireshark 1.12.x before 1.12.1 does not properly handle a NULL
tree, which allows remote attackers to cause a denial of service (infinite
loop) via a crafted packet.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
Patches_wireshark:
upstream_wireshark: released (1.12.1)
lucid_wireshark: ignored (reached end-of-life)
precise_wireshark: not-affected
trusty_wireshark: not-affected
utopic_wireshark: released (1.12.1+g01b65bf-2~ubuntu14.10.1)
devel_wireshark: not-affected (1.12.1+g01b65bf-2)
|