Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 10626] New: IPv6 AUTH mobility option parses Mobility SPI and Authentication D

Wireshark-bugs: [Wireshark-bugs] [Bug 10626] New: IPv6 AUTH mobility option parses Mobility SPI

Date: Sat, 25 Oct 2014 10:51:12 +0000

Bug ID	10626
Summary	IPv6 AUTH mobility option parses Mobility SPI and Authentication Data incorrectly
Product	Wireshark
Version	1.12.1
Hardware	x86-64
OS	Windows 7
Status	UNCONFIRMED
Severity	Normal
Priority	Low
Component	Dissection engine (libwireshark)
Assignee	bugzilla-admin@wireshark.org
Reporter	boaz.brickner@gmail.com

Created attachment 13200 [details]
IPv6 AUTH Mobility Option

Build Information:
Version 1.12.1 (v1.12.1-0-g01b65bf from master-1.12)

Copyright 1998-2014 Gerald Combs <gerald@wireshark.org> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with GTK+ 2.24.23, with Cairo 1.10.2, with Pango 1.34.0, with
GLib 2.38.0, with WinPcap (4_1_3), with libz 1.2.5, with SMI 0.4.8, with c-ares
1.9.1, with Lua 5.2, without Python, with GnuTLS 3.1.22, with Gcrypt 1.6.0,
without Kerberos, with GeoIP, with PortAudio V19-devel (built Sep 16 2014),
with
AirPcap.

Running on 64-bit Windows 7 Service Pack 1, build 7601, with WinPcap version
4.1.3 (packet.dll version 4.1.0.2980), based on libpcap version 1.0 branch
1_0_rel0b (20091008), GnuTLS 3.1.22, Gcrypt 1.6.0, without AirPcap.
        Intel(R) Core(TM) i5-3550 CPU @ 3.30GHz, with 16345MB of physical
memory.


Built using Microsoft Visual C++ 10.0 build 40219

Wireshark is Open Source Software released under the GNU General Public
License.

Check the man page and http://www.wireshark.org for more information.
--
Discovered while working on Pcap.Net (http://pcapdot.net).

In the attached pcap file there's a single IPv6 packet with Mobility Options
extension header that includes an AUTH mobility option.
1. This option parses only a single byte to calculate the Mobility SPI field
even though according to RFC 4285, section 5, 4 bytes should be parsed.
2. This option parses the Authentication Data until the end of the packet
reading bytes beyond the option data. This is similar to
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10624

You are receiving this mail because:

You are watching all bug changes.

Follow-Ups:
- [Wireshark-bugs] [Bug 10626] IPv6 AUTH mobility option parses Mobility SPI and Authentication Data incorrectly
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 10626] IPv6 AUTH mobility option parses Mobility SPI and Authentication Data incorrectly
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 10625] New: IPv6 MESG-ID mobility option is parsed incorrectly
Next by Date: [Wireshark-bugs] [Bug 10043] IPv6 Mobility Option Link Layer Address parses 0 length address as if it is of length 1
Previous by thread: [Wireshark-bugs] [Bug 10625] IPv6 MESG-ID mobility option is parsed incorrectly
Next by thread: [Wireshark-bugs] [Bug 10626] IPv6 AUTH mobility option parses Mobility SPI and Authentication Data incorrectly
Index(es):
- Date
- Thread