[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247768

 
 

909

 
 

194555

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2010-0751Date: (C)2010-04-06   (M)2023-12-22


The ip_evictor function in ip_fragment.c in libnids before 1.24, as used in dsniff and possibly other products, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via crafted fragmented packets.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.0
Exploit Score: 10.0
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL
  
Reference:
BID-39142
SECUNIA-39225
SECUNIA-39249
ADV-2010-0777
ADV-2010-0791
FEDORA-2010-5535
FEDORA-2010-5545
FEDORA-2010-5562
http://freefr.dl.sourceforge.net/project/libnids/libnids/1.24/libnids-1.24.releasenotes.txt
http://xorl.wordpress.com/2010/04/04/libnids-ip-fragmentation-remote-null-pointer-dereference/
libnids-ipfragment-dos(57428)

CPE    3
cpe:/o:fedoraproject:fedora:11
cpe:/o:fedoraproject:fedora:12
cpe:/o:fedoraproject:fedora:13
CWE    1
CWE-476

© SecPod Technologies