CVE-2013-1582

Priority
Description
The dissect_clnp function in epan/dissectors/packet-clnp.c in the CLNP
dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not
properly manage an offset variable, which allows remote attackers to cause
a denial of service (infinite loop or application crash) via a malformed
packet.
Notes
Package
Upstream:released (1.6.13,1.8.5)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needed)
Ubuntu 14.04 ESM (Trusty Tahr):not-affected ([1.10.6-1])
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (1.12.1+g01b65bf-2)
More Information

Updated: 2020-01-13 15:18:48 UTC (commit 90723a0b01ce5e298eabd267cf209f34bbcc083d)