Wireshark-bugs: [Wireshark-bugs] [Bug 8335] New: crash in mount dissector with malicious packet
Date: Fri, 15 Feb 2013 12:11:59 +0000
Bug ID 8335
Summary crash in mount dissector with malicious packet
Classification Unclassified
Product Wireshark
Version SVN
Hardware x86
OS All
Status UNCONFIRMED
Severity Normal
Priority Low
Component Dissection engine (libwireshark)
Assignee bugzilla-admin@wireshark.org
Reporter fuzzie@gmail.com

Created attachment 10014 [details]
pcap of malicious mount packet

Build Information:

--
If the nfs_file_name_snooping option is enabled (it is disabled by default),
then a malicious packet can cause g_malloc to fail in
dissect_mount_dirpath_call by passing a negative length value. The sanity check
there fails because len is declared as a signed int.


You are receiving this mail because:
  • You are watching all bug changes.