CVE-2013-1580 (retired)

Priority
Description
The dissect_cmstatus_tlv function in plugins/docsis/packet-cmstatus.c in
the DOCSIS CM-STATUS dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x
before 1.8.5 uses an incorrect data type for a position variable, which
allows remote attackers to cause a denial of service (infinite loop) via a
malformed packet.
Notes
Package
Upstream:released (1.6.13,1.8.5)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needed)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (1.12.1+g01b65bf-2)
More Information

Updated: 2019-10-09 07:44:59 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)