CVE-2015-8723

MEDIUM

Wireshark 1.12.x < 1.12.9 and 2.0.x < 2.0.1 - Denial of Service via AirPDcapPacketProcess Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-8723. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit demonstrates a stack-based buffer overflow in Wireshark's AirPDcap packet processing, leading to a crash via a malformed file. The PoC includes crash logs and sample files to trigger the vulnerability.

Description

The AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationship between the total length and the capture length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · textdosmultiple

https://www.exploit-db.com/exploits/39005

View Code ZIP pw:eip

This exploit demonstrates a stack-based buffer overflow in Wireshark's AirPDcap packet processing, leading to a crash via a malformed file. The PoC includes crash logs and sample files to trigger the vulnerability.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Wireshark (git master at time of disclosure)

No auth needed

Prerequisites: A malformed packet capture file

MITRE ATT&CK