312637 – (CVE-2010-0751) <net-libs/libnids-1.24: DoS (CVE-2010-0751)

Bug 312637 (CVE-2010-0751) - <net-libs/libnids-1.24: DoS (CVE-2010-0751)

Summary: <net-libs/libnids-1.24: DoS (CVE-2010-0751)

Status:	RESOLVED FIXED

Alias:	CVE-2010-0751

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	High minor (vote)
Assignee:	Gentoo Security

URL:	http://secunia.com/advisories/39225/
Whiteboard:	B3 [noglsa]
Keywords:

Depends on:
Blocks:	312835
	Show dependency tree

Reported:	2010-04-01 15:38 UTC by Alex Legler (RETIRED)
Modified:	2011-01-03 20:43 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Alex Legler (RETIRED) archtester

2010-04-01 15:38:06 UTC

From Secunia ($URL):

Description
A vulnerability has been reported in Libnids, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to a NULL pointer dereference error in src/ip_fragment.c, which can be exploited to crash an application using the library by sending specially crafted network traffic.

The vulnerability is reported in versions prior to 1.24.

Comment 1 Alex Legler (RETIRED) archtester

2010-04-01 15:38:24 UTC

netmon: Please bump

Comment 2 Jeroen Roovers (RETIRED) gentoo-dev

2010-04-01 21:17:23 UTC

That's in the tree.

Arch teams, please test (maybe with net-analyzer/dsniff) and mark stable:
=net-libs/libnids-1.24
Target KEYWORDS="alpha amd64 ppc sparc x86"

Comment 3 Andreas Schürch gentoo-dev

2010-04-02 15:58:52 UTC

I tested net-libs/libnids-1.24 and net-analyzer/dsniff-2.4_beta1-r4 (current stable depends on an older libnids...) on x86. They both seem to be ok.

Comment 4 Paweł Hajdan, Jr. (RETIRED) gentoo-dev

2010-04-05 14:48:35 UTC

x86 stable, thanks Andreas

Comment 5 Markos Chandras (RETIRED) gentoo-dev

2010-04-05 20:11:21 UTC

Stable on amd64

Comment 6 Stefan Behte (RETIRED) gentoo-dev

2010-04-11 14:02:20 UTC

CVE-2010-0751 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0751):
  The ip_evictor function in ip_fragment.c in libnids 1.24, as used in
  dsniff and possibly other products, allows remote attackers to cause
  a denial of service (NULL pointer dereference and crash) via crafted
  fragmented packets.

Comment 7 Brent Baude (RETIRED) gentoo-dev

2010-04-15 15:41:53 UTC

ppc done

Comment 8 Raúl Porcel (RETIRED) gentoo-dev

2010-05-04 18:55:29 UTC

alpha/sparc stable

Comment 9 Tim Sammut (RETIRED) gentoo-dev

2011-01-02 04:03:51 UTC

GLSA Vote: no.

Comment 10 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2011-01-03 20:43:32 UTC

Old and DoS only so GLSA Vote: no -> Closing. Feel free to reopen if you disagree.