Integer signedness error in the dissect_mount_dirpath_call function in epan/dissectors/packet-mount.c in the Mount dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6, when nfs_file_name_snooping is enabled, allows remote attackers to cause a denial of service (application crash) via a negative length value.
Vector
ADJACENT_NETWORK
Complexity
MEDIUM
Authentication
NONE
Confidentiality
NONE
Integrity
NONE
Availability
PARTIAL
Wireshark 1.8.5
Wireshark 1.8.4
Wireshark 1.8.3
Wireshark 1.8.2
Wireshark 1.8.1
Wireshark 1.8.0
Wireshark 1.6.13
Wireshark 1.6.12
Wireshark 1.6.11
Wireshark 1.6.10
Wireshark 1.6.9
Wireshark 1.6.8
Wireshark 1.6.7
Wireshark 1.6.6
Wireshark 1.6.5
Wireshark 1.6.4
Wireshark 1.6.3
Wireshark 1.6.2
Wireshark 1.6.1
Wireshark 1.6.0