Exploit Wireshark 2.4.0 < 2.4.2 / 2.2.0 < 2.2.10 - CIP Safety Dissector Crash

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
43233
Проверка EDB
  1. Пройдено
Автор
WIRESHARK
Тип уязвимости
DOS
Платформа
MULTIPLE
CVE
cve-2017-17085
Дата публикации
2017-12-07
Wireshark 2.4.0 < 2.4.2 / 2.2.0 < 2.2.10 - CIP Safety Dissector Crash
Код:
Summary

Name: CIP Safety dissector crash

Docid: wnpa-sec-2017-49

Date: November 30, 2017

Affected versions: 2.4.0 to 2.4.2, 2.2.0 to 2.2.10

Fixed versions: 2.4.3, 2.2.11

References: 
Wireshark bug 14250

Details

Description
The CIP Safety dissector could crash.
Impact
It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.

Resolution
Upgrade to Wireshark 2.4.3, 2.2.11 or later.


Proof of Concept:
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/43233.zip
 
Источник
www.exploit-db.com

Похожие темы