[v2.7] wireshark: CVE-2013-7113
epan/dissectors/packet-bssgp.c in the BSSGP dissector in Wireshark 1.10.x before 1.10.4 incorrectly relies on a global variable, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
Only Alpine Linux v2.7 is vulnerable.
•CONFIRM:
http://anonsvn.wireshark.org/viewvc/trunk-1.10/epan/dissectors/packet-bssgp.c?r1=53803&r2=53802&pathrev=53803
•CONFIRM:
http://anonsvn.wireshark.org/viewvc?view=revision&revision=53803
•CONFIRM: http://www.wireshark.org/security/wnpa-sec-2013-67.html
•CONFIRM: https://bugs.wireshark.org/bugzilla/show\_bug.cgi?id=9488
•DEBIAN:DSA-2825
•URL: http://www.debian.org/security/2013/dsa-2825
•SECUNIA:56052
•URL: http://secunia.com/advisories/56052
(from redmine: issue id 2570, created on 2014-01-08, closed on 2014-02-05)