Integer overflow in the dissect_xtp_ecntl function in epan/dissectors/packet-xtp.c in the XTP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop or application crash) via a large value for a span length.
Vector
ADJACENT_NETWORK
Complexity
LOW
Authentication
NONE
Confidentiality
NONE
Integrity
NONE
Availability
PARTIAL
Wireshark 1.8.1
Wireshark 1.8.0
Wireshark 1.6.9
Wireshark 1.6.8
Wireshark 1.6.7
Wireshark 1.6.6
Wireshark 1.6.5
Wireshark 1.6.4
Wireshark 1.6.3
Wireshark 1.6.2
Wireshark 1.6.1
Wireshark 1.6.0
Wireshark 1.4.14
Wireshark 1.4.13
Wireshark 1.4.12
Wireshark 1.4.11
Wireshark 1.4.10
Wireshark 1.4.9
Wireshark 1.4.8
Wireshark 1.4.7
Wireshark 1.4.6
Wireshark 1.4.5
Wireshark 1.4.4
Wireshark 1.4.3
Wireshark 1.4.2
Wireshark 1.4.1
Wireshark 1.4.0