Input validation error in SUSE products - CVE-2013-3556
Published: May 25, 2013 / Updated: August 4, 2020
Vulnerability identifier: #VU33686
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2013-3556
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Wireshark.org
Debian
SUSE
Debian
SUSE
Affected software:
Wireshark
Debian Linux
Opensuse
Wireshark
Debian Linux
Opensuse
Detailed vulnerability description
The vulnerability allows a remote non-authenticated attacker to perform service disruption.
The fragment_add_seq_common function in epan/reassemble.c in the ASN.1 BER dissector in Wireshark before r48943 has an incorrect pointer dereference during a comparison, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
How to mitigate CVE-2013-3556
Install update from vendor's website.
Sources
- http://anonsvn.wireshark.org/viewvc/trunk/epan/reassemble.c?r1=48943&r2=48942&pathrev=48943
- http://anonsvn.wireshark.org/viewvc?view=revision&revision=48943
- http://lists.opensuse.org/opensuse-updates/2013-06/msg00048.html
- http://lists.opensuse.org/opensuse-updates/2013-06/msg00083.html
- http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html
- http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html
- http://secunia.com/advisories/53425
- http://secunia.com/advisories/54425
- http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml
- http://www.wireshark.org/security/wnpa-sec-2013-25.html
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8599
- https://www.wireshark.org/docs/relnotes/wireshark-1.6.15.html