Candidate: CVE-2013-2481
PublicDate: 2013-03-07 15:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2481
 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8335
 http://www.wireshark.org/security/wnpa-sec-2013-16.html
 http://www.wireshark.org/docs/relnotes/wireshark-1.8.6.html
 http://www.wireshark.org/docs/relnotes/wireshark-1.6.14.html
 http://anonsvn.wireshark.org/viewvc?view=revision&revision=47672
 http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-mount.c?r1=47672&r2=47671&pathrev=47672
Description:
 Integer signedness error in the dissect_mount_dirpath_call function in
 epan/dissectors/packet-mount.c in the Mount dissector in Wireshark 1.6.x
 before 1.6.14 and 1.8.x before 1.8.6, when nfs_file_name_snooping is
 enabled, allows remote attackers to cause a denial of service (application
 crash) via a negative length value.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_wireshark:
 upstream: http://anonsvn.wireshark.org/viewvc?view=revision&revision=47672
upstream_wireshark: released (1.6.14, 1.8.6)
hardy_wireshark: ignored (reached end-of-life)
lucid_wireshark: ignored (reached end-of-life)
oneiric_wireshark: ignored (reached end-of-life)
precise_wireshark: ignored (reached end-of-life)
precise/esm_wireshark: DNE (precise was needed)
quantal_wireshark: ignored (reached end-of-life)
raring_wireshark: ignored (reached end-of-life)
saucy_wireshark: ignored (reached end-of-life)
trusty_wireshark: not-affected (1.10.6-1)
trusty/esm_wireshark: not-affected (1.10.6-1)
utopic_wireshark: not-affected (1.12.0+git+4fab41a1-1)
vivid_wireshark: not-affected (1.12.1+g01b65bf-2)
vivid/stable-phone-overlay_wireshark: DNE
vivid/ubuntu-core_wireshark: DNE
wily_wireshark: not-affected (1.12.1+g01b65bf-2)
xenial_wireshark: not-affected (1.12.1+g01b65bf-2)
yakkety_wireshark: not-affected (1.12.1+g01b65bf-2)
zesty_wireshark: not-affected (1.12.1+g01b65bf-2)
devel_wireshark: not-affected (1.12.1+g01b65bf-2)