CVE-2010-4300

Wireshark 1.2.0-1.2.12 and 1.4.0-1.4.1 - Heap-Based Buffer Overflow in LDSS Dissector

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-4300. PoCs published by Nephi Johnson.

AI-analyzed exploit summary The provided text describes a buffer-overflow vulnerability in Wireshark versions 1.2.0 through 1.2.12 and 1.4.0 through 1.4.1. It references a PoC available as a PCAP file but does not contain executable exploit code.

Description

Heap-based buffer overflow in the dissect_ldss_transfer function (epan/dissectors/packet-ldss.c) in the LDSS dissector in Wireshark 1.2.0 through 1.2.12 and 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an LDSS packet with a long digest line that triggers memory corruption.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Nephi Johnson · textdosmultiple
https://www.exploit-db.com/exploits/15676

The provided text describes a buffer-overflow vulnerability in Wireshark versions 1.2.0 through 1.2.12 and 1.4.0 through 1.4.1. It references a PoC available as a PCAP file but does not contain executable exploit code.

Classification
Writeup 90%
Attack Type
Dos
Complexity
Moderate
Reliability
Theoretical
Target: Wireshark 1.2.0-1.2.12, 1.4.0-1.4.1
No auth needed
Prerequisites: Victim must open a maliciously crafted PCAP file in Wireshark
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (23)

Core 23
Core References
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/3093
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/43068
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/42290
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1024762
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0212
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/3068
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/69354
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/42877
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2010-0924.html
Exploit, Third Party Advisory exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/15676
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0404
Vendor Advisory x_refsource_confirm
http://www.wireshark.org/security/wnpa-sec-2010-14.html
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0076
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14287
Vendor Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2010:242
Various Sources x_refsource_confirm
http://www.wireshark.org/security/wnpa-sec-2010-13.html
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/3038
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/42411
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/44987

Scores

EPSS 0.1378
EPSS Percentile 96.0%

Details

CWE
CWE-119
Status published
Products (15)
wireshark/wireshark 1.2.0
wireshark/wireshark 1.2.1
wireshark/wireshark 1.2.2
wireshark/wireshark 1.2.3
wireshark/wireshark 1.2.4
wireshark/wireshark 1.2.5
wireshark/wireshark 1.2.6
wireshark/wireshark 1.2.7
wireshark/wireshark 1.2.8
wireshark/wireshark 1.2.9
... and 5 more
Published Nov 26, 2010
Tracked Since Feb 18, 2026