Bugtraq mailing list archives
Re: Remote DoS Attack in Eeye Iris 1.01 and SpyNet CaptureNet v3.12 Vulnerability
From: Elias Levy <aleph1 () SECURITYFOCUS COM>
Date: Thu, 31 Aug 2000 13:20:50 -0700
If anyone can reproduce the crash of Iris please let us know. Being able to force a sniffer application from using most of its CPU by flooding the network is an endemic problem of that type of application, although in this case the problem seems like it can easily be mitigate by configuring the app not to display packets graphically which is what is consuming most of the CPU. The real possible vulnerability is the heap overflow that may make Iris to crash. If anyone can verify this claim we'd like to hear from them. -- Elias Levy SecurityFocus.com http://www.securityfocus.com/ Si vis pacem, para bellum
Current thread:
- Remote DoS Attack in Eeye Iris 1.01 and SpyNet CaptureNet v3.12 Vulnerability Ussr Labs (Aug 31)
- Re: Remote DoS Attack in Eeye Iris 1.01 and SpyNet CaptureNet v3.12 Vulnerability Marc Maiffret (Aug 31)
- Re: Remote DoS Attack in Eeye Iris 1.01 and SpyNet CaptureNet v3.12 Vulnerability Ussr Labs (Aug 31)
- Re: Remote DoS Attack in Eeye Iris 1.01 and SpyNet CaptureNet v3.12 Vulnerability Elias Levy (Aug 31)
- Re: Remote DoS Attack in Eeye Iris 1.01 and SpyNet CaptureNet v3.12 Vulnerability Ussr Labs (Aug 31)
- Re: Remote DoS Attack in Eeye Iris 1.01 and SpyNet CaptureNet v3.12 Vulnerability Marc Maiffret (Aug 31)