Candidate: CVE-2010-4300
PublicDate: 2010-11-26 19:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4300
 http://www.wireshark.org/security/wnpa-sec-2010-14.html
Description:
 Heap-based buffer overflow in the dissect_ldss_transfer function
 (epan/dissectors/packet-ldss.c) in the LDSS dissector in Wireshark 1.2.0
 through 1.2.12 and 1.4.0 through 1.4.1 allows remote attackers to cause a
 denial of service (crash) and possibly execute arbitrary code via an LDSS
 packet with a long digest line that triggers memory corruption.
Ubuntu-Description:
Notes:
Bugs:
 https://bugs.launchpad.net/ubuntu/+source/wireshark/+bug/682549
 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5318
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_wireshark:
 upstream: http://anonsvn.wireshark.org/viewvc?view=revision&revision=34581
upstream_wireshark: released (1.2.11-6, 1.4.2)
dapper_wireshark: DNE
hardy_wireshark: ignored (reached end-of-life)
karmic_wireshark: ignored (reached end-of-life)
lucid_wireshark: ignored (reached end-of-life)
maverick_wireshark: released (1.2.11-6build0.10.10.1)
natty_wireshark: not-affected (1.4.2-1)
oneiric_wireshark: not-affected (1.4.2-1)
precise_wireshark: not-affected (1.4.2-1)
quantal_wireshark: not-affected (1.4.2-1)
raring_wireshark: not-affected (1.4.2-1)
saucy_wireshark: not-affected (1.4.2-1)
devel_wireshark: not-affected (1.4.2-1)