Candidate: CVE-2014-2282
PublicDate: 2014-03-11 13:01:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2282
 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9699
 http://www.wireshark.org/security/wnpa-sec-2014-02.html
 http://anonsvn.wireshark.org/viewvc?view=revision&revision=51608
 http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-m3ua.c?r1=51608&r2=51607&pathrev=51608
Description:
 The dissect_protocol_data_parameter function in
 epan/dissectors/packet-m3ua.c in the M3UA dissector in Wireshark 1.10.x
 before 1.10.6 does not properly allocate memory, which allows remote
 attackers to cause a denial of service (application crash) via a crafted
 SS7 MTP3 packet.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by: Laurent Butti
Assigned-to:
CVSS: 

Patches_wireshark:
 upstream: http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-m3ua.c?r1=51608&r2=51607&pathrev=51608
upstream_wireshark: released (1.10.6-1)
lucid_wireshark: ignored (reached end-of-life)
precise_wireshark: not-affected
quantal_wireshark: not-affected
saucy_wireshark: ignored (reached end-of-life)
trusty_wireshark: released (1.10.6-1)
trusty/esm_wireshark: released (1.10.6-1)
devel_wireshark: released (1.10.6-1)