CVE-2013-2481

Published: Mar 7, 2013Modified: Apr 29, 2026

2.9

Vector

AV:A/AC:M/Au:N/C:N/I:N/A:P

Exploitability: 5.5 / Impact: 2.9

Source: NVD

Description

Integer signedness error in the dissect_mount_dirpath_call function in epan/dissectors/packet-mount.c in the Mount dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6, when nfs_file_name_snooping is enabled, allows remote attackers to cause a denial of service (application crash) via a negative length value.

Affected (25)

Products: Wireshark: Wireshark · Debian: Debian Linux · Opensuse: Opensuse

1 product

1 product

1 product

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Wireshark Wireshark	Version 1.8.0
Wireshark Wireshark	Version 1.8.1
Wireshark Wireshark	Version 1.8.2
Wireshark Wireshark	Version 1.8.3
Wireshark Wireshark	Version 1.8.4
Wireshark Wireshark	Version 1.8.5

Configuration B

5 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 6.0
Opensuse Opensuse	Version 11.4
Opensuse Opensuse	Version 12.1
Opensuse Opensuse	Version 12.2
Opensuse Opensuse	Version 12.3

Configuration C

14 vulnerable

Vulnerable Software	Affected Versions
Wireshark Wireshark	Version 1.6.0
Wireshark Wireshark	Version 1.6.10
Wireshark Wireshark	Version 1.6.11
Wireshark Wireshark	Version 1.6.12
Wireshark Wireshark	Version 1.6.13
Wireshark Wireshark	Version 1.6.1
Wireshark Wireshark	Version 1.6.2
Wireshark Wireshark	Version 1.6.3
Wireshark Wireshark	Version 1.6.4
Wireshark Wireshark	Version 1.6.5
Wireshark Wireshark	Version 1.6.6
Wireshark Wireshark	Version 1.6.7
Wireshark Wireshark	Version 1.6.8
Wireshark Wireshark	Version 1.6.9

Related CWEs

References (22)

http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-mount.c?r1=47672&r2=47671&pathrev=47672

Source: cve@mitre.org

http://anonsvn.wireshark.org/viewvc?view=revision&revision=47672

Source: cve@mitre.org

http://lists.opensuse.org/opensuse-updates/2013-03/msg00065.html

Source: cve@mitre.org

http://lists.opensuse.org/opensuse-updates/2013-03/msg00077.html

Source: cve@mitre.org

http://secunia.com/advisories/52471

Source: cve@mitre.org

http://www.debian.org/security/2013/dsa-2644

Source: cve@mitre.org

http://www.wireshark.org/docs/relnotes/wireshark-1.6.14.html

Source: cve@mitre.org

http://www.wireshark.org/docs/relnotes/wireshark-1.8.6.html

Source: cve@mitre.org

http://www.wireshark.org/security/wnpa-sec-2013-16.html

Source: cve@mitre.org

Vendor Advisory

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8335

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16420

Source: cve@mitre.org

http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-mount.c?r1=47672&r2=47671&pathrev=47672

Source: af854a3a-2127-422b-91ae-364da2661108

http://anonsvn.wireshark.org/viewvc?view=revision&revision=47672

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-updates/2013-03/msg00065.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-updates/2013-03/msg00077.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/52471

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2013/dsa-2644

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.wireshark.org/docs/relnotes/wireshark-1.6.14.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.wireshark.org/docs/relnotes/wireshark-1.8.6.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.wireshark.org/security/wnpa-sec-2013-16.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8335

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16420

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.