Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Wireshark 2.4.0 < 2.4.2 / 2.2.0 < 2.2.10 - CIP Safety Dissector Crash

Related Vulnerabilities: CVE-2017-17085  
Publish Date: 07 Dec 2017
Author: Wireshark
Source / Download Exploit 
                							

                Summary

Name: CIP Safety dissector crash

Docid: wnpa-sec-2017-49

Date: November 30, 2017

Affected versions: 2.4.0 to 2.4.2, 2.2.0 to 2.2.10

Fixed versions: 2.4.3, 2.2.11

References: 
Wireshark bug 14250

Details

Description
The CIP Safety dissector could crash.
Impact
It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.

Resolution
Upgrade to Wireshark 2.4.3, 2.2.11 or later.


Proof of Concept:
https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/43233.zip

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started