Integer signedness error in the dissectmountdirpathcall function in epan/dissectors/packet-mount.c in the Mount dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6, when nfsfilenamesnooping is enabled, allows remote attackers to cause a denial of service (application crash) via a negative length value.
{ "availability": "No subscription required", "binaries": [ { "binary_name": "libwireshark-data", "binary_version": "1.10.6-1" }, { "binary_name": "libwireshark-dev", "binary_version": "1.10.6-1" }, { "binary_name": "libwireshark3", "binary_version": "1.10.6-1" }, { "binary_name": "libwiretap-dev", "binary_version": "1.10.6-1" }, { "binary_name": "libwiretap3", "binary_version": "1.10.6-1" }, { "binary_name": "libwsutil-dev", "binary_version": "1.10.6-1" }, { "binary_name": "libwsutil3", "binary_version": "1.10.6-1" }, { "binary_name": "tshark", "binary_version": "1.10.6-1" }, { "binary_name": "wireshark", "binary_version": "1.10.6-1" }, { "binary_name": "wireshark-common", "binary_version": "1.10.6-1" }, { "binary_name": "wireshark-dbg", "binary_version": "1.10.6-1" }, { "binary_name": "wireshark-dev", "binary_version": "1.10.6-1" }, { "binary_name": "wireshark-doc", "binary_version": "1.10.6-1" } ], "ubuntu_priority": "medium" }