CVE-2015-8729

MEDIUM

Wireshark 1.12.x < 1.12.9 and 2.0.x < 2.0.1 - Denial of Service in Ascend File Parser

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-8729. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit demonstrates a global-buffer-overflow vulnerability in Wireshark's ascendtext.c file, triggered by a malformed input file. The PoC causes a crash due to an out-of-bounds read, as confirmed by AddressSanitizer (ASAN).

Description

The ascend_seek function in wiretap/ascendtext.c in the Ascend file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not ensure the presence of a '\0' character at the end of a date string, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · textdosmultiple

https://www.exploit-db.com/exploits/39001

View Code ZIP pw:eip

This exploit demonstrates a global-buffer-overflow vulnerability in Wireshark's ascendtext.c file, triggered by a malformed input file. The PoC causes a crash due to an out-of-bounds read, as confirmed by AddressSanitizer (ASAN).

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Wireshark (git master at time of disclosure)

No auth needed

Prerequisites: A malformed input file to be processed by tshark

MITRE ATT&CK