- 34,599
- 0
- 18 Дек 2022
- EDB-ID
- 43233
- Проверка EDB
-
- Пройдено
- Автор
- WIRESHARK
- Тип уязвимости
- DOS
- Платформа
- MULTIPLE
- CVE
- cve-2017-17085
- Дата публикации
- 2017-12-07
Wireshark 2.4.0 < 2.4.2 / 2.2.0 < 2.2.10 - CIP Safety Dissector Crash
Код:
Summary
Name: CIP Safety dissector crash
Docid: wnpa-sec-2017-49
Date: November 30, 2017
Affected versions: 2.4.0 to 2.4.2, 2.2.0 to 2.2.10
Fixed versions: 2.4.3, 2.2.11
References:
Wireshark bug 14250
Details
Description
The CIP Safety dissector could crash.
Impact
It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
Resolution
Upgrade to Wireshark 2.4.3, 2.2.11 or later.
Proof of Concept:
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/43233.zip- Источник
- www.exploit-db.com
