CVE-2017-17085

HIGH

Wireshark 2.4.0-2.4.2 and 2.2.0-2.2.10 - Denial of Service in CIP Safety Dissector

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-17085. PoCs published by Wireshark.

AI-analyzed exploit summary The provided text describes a DoS vulnerability in Wireshark's CIP Safety dissector, which can be triggered by a malformed packet. The proof of concept is referenced as a separate downloadable file.

Description

In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the CIP Safety dissector could crash. This was addressed in epan/dissectors/packet-cipsafety.c by validating the packet length.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Wireshark · textdosmultiple

https://www.exploit-db.com/exploits/43233

View Code ZIP pw:eip

The provided text describes a DoS vulnerability in Wireshark's CIP Safety dissector, which can be triggered by a malformed packet. The proof of concept is referenced as a separate downloadable file.

Classification

Writeup 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Wireshark 2.4.0 to 2.4.2, 2.2.0 to 2.2.10

No auth needed

Prerequisites: Ability to inject malformed packets or convince a user to open a malformed packet trace file

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7

Core References

Third Party Advisory vendor-advisory x_refsource_debian

https://www.debian.org/security/2017/dsa-4060

Patch x_refsource_confirm

https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=f5939debe96e3c3953c6020818f1fbb80eb83ce8

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/43233/

Vendor Advisory x_refsource_confirm

https://www.wireshark.org/security/wnpa-sec-2017-49.html

Issue Tracking, Vendor Advisory x_refsource_confirm

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14250

Mailing List mailing-list x_refsource_mlist

https://lists.debian.org/debian-lts-announce/2017/12/msg00029.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/102071

Scores

CVSS v3 7.5

EPSS 0.1679

EPSS Percentile 96.6%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-754

Status published

Products (16)

debian/debian_linux 8.0

debian/debian_linux 9.0

wireshark/wireshark 2.2.0

wireshark/wireshark 2.2.1

wireshark/wireshark 2.2.2

wireshark/wireshark 2.2.3

wireshark/wireshark 2.2.4

wireshark/wireshark 2.2.5

wireshark/wireshark 2.2.6

wireshark/wireshark 2.2.7

... and 6 more

Published Dec 01, 2017

Tracked Since Feb 18, 2026