CVE-2015-8728

MEDIUM

Wireshark 1.12.x < 1.12.9 and 2.0.x < 2.0.1 - Denial of Service via Mobile Identity Parser

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-8728. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit demonstrates a global buffer overflow in Wireshark's GSM A Common dissector, leading to a crash via a malformed file. The PoC triggers an out-of-bounds write in the `my_dgt_tbcd_unpack` function, as confirmed by AddressSanitizer.

Description

The Mobile Identity parser in (1) epan/dissectors/packet-ansi_a.c in the ANSI A dissector and (2) epan/dissectors/packet-gsm_a_common.c in the GSM A dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly uses the tvb_bcd_dig_to_wmem_packet_str function, which allows remote attackers to cause a denial of service (buffer overflow and application crash) via a crafted packet.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · textdosmultiple

https://www.exploit-db.com/exploits/39000

View Code ZIP pw:eip

This exploit demonstrates a global buffer overflow in Wireshark's GSM A Common dissector, leading to a crash via a malformed file. The PoC triggers an out-of-bounds write in the `my_dgt_tbcd_unpack` function, as confirmed by AddressSanitizer.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Wireshark (git master at time of disclosure)

No auth needed

Prerequisites: A malformed file to be processed by Wireshark/tshark

MITRE ATT&CK