Bugtraq mailing list archives
RFP2K05 - NetProwler "Fragmentation" Issue
From: securityteam () AXENT COM (AXENT Security Team)
Date: Tue, 23 May 2000 12:53:39 -0600
NetProwler 3.0 will crash if the Man-in-the-Middle signature encounters a packet for which the following expression evaluates to true: (IP_HEADER_LENGTH + TCP_HEADER_LENGTH) > IP_TOTAL_LENGTH This is not a packet fragmentation problem. It is an issue with specific malformed packets. This problem has been fixed in NetProwler 3.5, and the code has been reviewed for other similar issues. Solutions: 1. In NetProwler 3.0, disable the Man-in-the-Middle signature for all monitored hosts. 2. Upgrade to NetProwler 3.5 (to be released in June 2000). References: Advisory RF2K05 by rain forest puppy.
Current thread:
- Re: Another hole in Cart32 sert sert (May 22)
- Qpopper 2.53 remote problem, user can gain gid=mail Prizm (May 23)
- Re: Qpopper 2.53 remote problem, user can gain gid=mail Jose Nazario (May 24)
- Re: Qpopper 2.53 remote problem, user can gain gid=mail Qpopper Support (May 24)
- Re: Qpopper 2.53 remote problem, user can gain gid=mail Sebastian (May 25)
- RFP2K05 - NetProwler "Fragmentation" Issue AXENT Security Team (May 23)
- Re: Another hole in Cart32 CDI (May 23)
- <Possible follow-ups>
- Re: Another hole in Cart32 Clover Andrew (May 23)
- Re: Another hole in Cart32 Justin King (May 24)
- Qpopper 2.53 remote problem, user can gain gid=mail Prizm (May 23)