Vulnerability CVE-2013-7112: Information
Description
The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 does not check for empty lines, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
Severity: MEDIUM (5.0)
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
wireshark | sisyphus | 1.10.5-alt1 | 4.2.5-alt2 | ALT-PU-2014-1220-1 | 114785 | Fixed |
wireshark | p10 | 1.10.5-alt1 | 4.0.11-alt1 | ALT-PU-2014-1220-1 | 114785 | Fixed |
wireshark | p9 | 1.10.5-alt1 | 4.0.8-alt1 | ALT-PU-2014-1220-1 | 114785 | Fixed |
wireshark | c10f1 | 1.10.5-alt1 | 4.0.11-alt1 | ALT-PU-2014-1220-1 | 114785 | Fixed |
wireshark | c9f2 | 1.10.5-alt1 | 4.0.11-alt1 | ALT-PU-2014-1220-1 | 114785 | Fixed |
wireshark | c7 | 2.2.7-alt1.M70C.1 | 2.2.7-alt1.M70C.1 | ALT-PU-2017-1698-1 | 183820 | Fixed |
wireshark | p11 | 1.10.5-alt1 | 4.2.5-alt2 | ALT-PU-2014-1220-1 | 114785 | Fixed |