CVE-2015-8733

MEDIUM

Wireshark 1.12.x < 1.12.9 and 2.0.x < 2.0.1 - Denial of Service in Sniffer File Parser

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-8733. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit demonstrates a heap-based out-of-bounds read vulnerability in Wireshark's ngsniffer.c, leading to a crash via a malformed file processed by tshark. The PoC includes a crash log and a link to the triggering files.

Description

The ngsniffer_process_record function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · textdosmultiple

https://www.exploit-db.com/exploits/39076

View Code ZIP pw:eip

This exploit demonstrates a heap-based out-of-bounds read vulnerability in Wireshark's ngsniffer.c, leading to a crash via a malformed file processed by tshark. The PoC includes a crash log and a link to the triggering files.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Wireshark (git master at time of disclosure)

No auth needed

Prerequisites: Access to feed a malformed file to tshark

MITRE ATT&CK