| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <201109140202.p8E22CEs023416@sf01web2.securityfocus.com> Date: Wed, 14 Sep 2011 02:02:12 GMT From: vuln@...c.org.cn To: bugtraq@...urityfocus.com Subject: Colasoft Capsa7.2.1 Malformed SNMP Packet Denial of Service Colasoft Capsa ,a commercial software,is a powerful network packet analyzer,and you can get it from http://www.colasoft.com.cn (China)and http://www.javvin.com(USA). -------------------------------------------------- I. Summary A flaw has been identified in Colasoft Capsa 7.2.1 concerning SNMPv1 protocol dissector.When dissect a malformed snmpv1 packet,it will crash. -------------------------------------------------- II. Description When you send a malformed snmpv1 packet to any ip address,Colasoft Capsa7.2.1 will capture the snmpv1 packet and will crash as soon as you check the snmpv1 packet.It is a denial of service ------------------------------------------------- III. Impact Denial of service ------------------------------------------------ IV. Affected Colasoft Capsa 7.2.1 and before 7.2.1 ------------------------------------------------ V.Solution There is no known workaround at this time. ---------------------------------------------- VI.Credit The penetration test team Of NCNIPC (China) is credited for this vulnerability.
Powered by blists - more mailing lists