Main Vulnerability Database Exploits ID:3897 - Exploit for Input validation error in Wireshark - CVE-2015-8739

ID:3897 - Exploit for Input validation error in Wireshark - CVE-2015-8739

Published: August 9, 2020

Vulnerability identifier: #VU40557

Vulnerability risk: Medium

CVE-ID: CVE-2015-8739

CWE-ID: CWE-20

Exploitation vector: Remote access

Vulnerable software:
Wireshark

Link to public exploit:

https://www.exploit-db.com/exploits/38994/

Vulnerability description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The ipmi_fmt_udpport function in epan/dissectors/packet-ipmi.c in the IPMI dissector in Wireshark 2.0.x before 2.0.1 improperly attempts to access a packet scope, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted packet.

Remediation

Install update from vendor's website.

ID:3897 - Exploit for Input validation error in Wireshark - CVE-2015-8739

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human