Lucene search

K
zdtWireshark1337DAY-ID-29142
HistoryDec 07, 2017 - 12:00 a.m.

Wireshark 2.4.0 - 2.4.2 / 2.2.0 - 2.2.10 - CIP Safety Dissector Crash Exploit

2017-12-0700:00:00
Wireshark
0day.today
26

0.009 Low

EPSS

Percentile

81.2%

Exploit for multiple platform in category dos / poc

Summary
 
Name: CIP Safety dissector crash
 
Docid: wnpa-sec-2017-49
 
Date: November 30, 2017
 
Affected versions: 2.4.0 to 2.4.2, 2.2.0 to 2.2.10
 
Fixed versions: 2.4.3, 2.2.11
 
References: 
Wireshark bug 14250
 
Details
 
Description
The CIP Safety dissector could crash.
Impact
It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
 
Resolution
Upgrade to Wireshark 2.4.3, 2.2.11 or later.
 
 
Proof of Concept:
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/43233.zip

#  0day.today [2018-03-13]  #

0.009 Low

EPSS

Percentile

81.2%

Related for 1337DAY-ID-29142