CVE-2015-8731

MEDIUM

Wireshark 1.12.x < 1.12.9 and 2.0.x < 2.0.1 - Denial of Service via RSL Dissector TLV Type Handling

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-8731. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit demonstrates a global-buffer-overflow vulnerability in Wireshark's RSL dissector, leading to a crash via a malformed packet capture file. The PoC includes a crash log and a link to files that trigger the issue.

Description

The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not reject unknown TLV types, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · textdosmultiple

https://www.exploit-db.com/exploits/38996

View Code ZIP pw:eip

This exploit demonstrates a global-buffer-overflow vulnerability in Wireshark's RSL dissector, leading to a crash via a malformed packet capture file. The PoC includes a crash log and a link to files that trigger the issue.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Wireshark (git master at time of disclosure)

No auth needed

Prerequisites: A malformed packet capture file · Wireshark or tshark with ASAN build

MITRE ATT&CK