Bugtraq mailing list archives
Re: eEye Iris the Network traffic analyser DoS
From: Marc Maiffret <marc () eeye com>
Date: Mon, 22 Jan 2001 17:04:43 -0000
This indeed is a bug in Iris 1.01 beta and it has been fixed within Iris 2.0. Iris 2.0 should be released within the next two days. All users of Iris 1.01 are being contacted and sent a url to 2.0 once it is released. The one thing to note is that someone has to actually click and view the "evil" packet in order for Iris to crash. If you simply open iris and start sniffing and receive the "evil" packet, without clicking to view it, then Iris will not crash. Thanks much to grazer for contacting us prior to posting to Bugtraq so that we could work on a fix for this problem. Signed, Marc Maiffret Chief Hacking Officer eCompany / eEye T.949.349.9062 F.949.349.9538 http://eEye.com | -----Original Message----- | From: Bugtraq List [mailto:BUGTRAQ () SECURITYFOCUS COM]On Behalf Of grazer | Sent: Sunday, January 21, 2001 6:27 PM | To: BUGTRAQ () SECURITYFOCUS COM | Subject: eEye Iris the Network traffic analyser DoS | | | Hi there, | | There exists a vulnerability that will cause the iris network | traffic analyser to hang. | I have included an exploit, that will demonstrate the bug, the | exploit will send a packet to the remote host, | when the remote host opens the packet (to examine it) iris will | quit, leaving an error message. | | Sincerely yours, | | Wouter ter Maat aka grazer | digit-labs information security | http://www.digit-labs.org | |
Current thread:
- eEye Iris the Network traffic analyser DoS grazer (Jan 22)
- Re: eEye Iris the Network traffic analyser DoS Marc Maiffret (Jan 23)