CVE-2014-2281

EPSS 3.1%

wireshark - several

Published: 3/11/2014Modified: 4/28/2026

Description

The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted NFS packet.

Affected packages (2)

Debian/wiresharkfrom 0, < 1.10.6-1
Debian/wiresharkfrom 0, < 1.2.11-6+squeeze14

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2014-2281