[ebuild R ] net-analyzer/ntop-3.2-r1 -ipv6 -nls -snmp +ssl -tcpd +zlib 0 kB
will crash ntop. Leaving you at an error page and failure to connect.
Not sure if this is the right place for this. I found this via a nessus plugin.
taviso please advise
> Not sure if this is the right place for this. I found this via a nessus plugin.
it's the good place.
i'm running an old ntop-3.0 and i can't reproduce the crash.
> i'm running an old ntop-3.0 and i can't reproduce the crash.
same with 3.2-r1 :/
other tests ?
WFM as well, is this pre or post authentication? if it's pre-authentication, we might be interested in this as a local-DoS.
If you can still reliably reproduce this, we will need more information to track it down, we need the output of `emerge info`, a gdb backtrace and preferably valgrind memcheck output.
If you're not familiar with gdb, all you need to do is re install ntop with debugging symbols, eg FEATURES="nostrip" CFLAGS="-ggdb3 -O0" emerge ntop, then run ntop under gdb, eg:
$ gdb ntop
then make it crash, then send us the output of the following commands:
I may have jumped the gun on this one guys. I apologize for the inconvenience.
I got a little excited once nessus showed me this error. However what really happens is ntop recognizes the bad URL string and denies login for that ip address for X number of minutes or until the daemon is restarted.
Mon Jul 31 07:56:35 2006 **ERROR** URL security: '/%%%%%%%%%%%%%20' rejected (code=1)(client=192.168.1.76)
Mon Jul 31 07:56:35 2006 **ERROR** Rejected request from address 192.168.1.76 (it previously sent ntop a bad request)