CVE-2017-9347

HIGH

Wireshark 2.2.0-2.2.6 - Use After Free

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-9347. PoCs published by OSS-Fuzz.

AI-analyzed exploit summary This is a bug report and analysis for CVE-2017-9347, detailing a null pointer dereference vulnerability in Wireshark 2.3.0. The issue was discovered via the OSS-Fuzz project and triggers a runtime error in the `wmem_str_hash` function.

Description

In Wireshark 2.2.0 to 2.2.6, the ROS dissector could crash with a NULL pointer dereference. This was addressed in epan/dissectors/asn1/ros/packet-ros-template.c by validating an OID.

Exploits (1)

exploitdb WRITEUP VERIFIED

by OSS-Fuzz · textdosmultiple

https://www.exploit-db.com/exploits/42124

View Code ZIP pw:eip

This is a bug report and analysis for CVE-2017-9347, detailing a null pointer dereference vulnerability in Wireshark 2.3.0. The issue was discovered via the OSS-Fuzz project and triggers a runtime error in the `wmem_str_hash` function.

Classification

Writeup 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Wireshark 2.3.0 (TShark)

No auth needed

Prerequisites: A malformed PCAP file processed by Wireshark/TShark

MITRE ATT&CK