CVE-2010-0751 - OpenCVE

The ip_evictor function in ip_fragment.c in libnids before 1.24, as used in dsniff and possibly other products, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via crafted fragmented packets.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Libnids Project	Libnids
Fedoraproject	Fedora

Configuration 1 [-]

cpe:2.3:a:libnids_project:libnids:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:fedoraproject:fedora:11:::::::*
	cpe:2.3:o:fedoraproject:fedora:12:::::::*
	cpe:2.3:o:fedoraproject:fedora:13:::::::*

References

Link	Resource
http://freefr.dl.sourceforge.net/project/libnids/libnids/1.24/libnids-1.24.releasenotes.txt	Product Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038375.html	Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038388.html	Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038410.html	Third Party Advisory
http://secunia.com/advisories/39225	Third Party Advisory
http://secunia.com/advisories/39249	Third Party Advisory
http://www.securityfocus.com/bid/39142	Third Party Advisory VDB Entry
http://www.vupen.com/english/advisories/2010/0777	Third Party Advisory
http://www.vupen.com/english/advisories/2010/0791	Third Party Advisory
http://xorl.wordpress.com/2010/04/04/libnids-ip-fragmentation-remote-null-pointer-dereference/	Exploit Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/57428	Third Party Advisory VDB Entry

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2010-04-06T16:00:00

Updated: 2020-07-21T17:07:06

Reserved: 2010-02-26T00:00:00

Link: CVE-2010-0751

JSON object: View

NVD Information

Status : Analyzed

Published: 2010-04-06T16:30:00.407

Modified: 2020-08-05T15:04:33.803

Link: CVE-2010-0751

JSON object: View

Redhat Information

No data.

CWE

CWE-476

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-03-14T00:00:00", "descriptions": [{"lang": "en", "value": "The ip_evictor function in ip_fragment.c in libnids before 1.24, as used in dsniff and possibly other products, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via crafted fragmented packets."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-07-21T17:07:06", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "FEDORA-2010-5562", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038410.html"}, {"name": "FEDORA-2010-5535", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038375.html"}, {"name": "39225", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/39225"}, {"name": "ADV-2010-0791", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/0791"}, {"name": "FEDORA-2010-5545", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038388.html"}, {"name": "39142", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/39142"}, {"name": "ADV-2010-0777", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/0777"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://freefr.dl.sourceforge.net/project/libnids/libnids/1.24/libnids-1.24.releasenotes.txt"}, {"tags": ["x_refsource_MISC"], "url": "http://xorl.wordpress.com/2010/04/04/libnids-ip-fragmentation-remote-null-pointer-dereference/"}, {"name": "libnids-ipfragment-dos(57428)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57428"}, {"name": "39249", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/39249"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2010-0751", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The ip_evictor function in ip_fragment.c in libnids before 1.24, as used in dsniff and possibly other products, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via crafted fragmented packets."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "FEDORA-2010-5562", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038410.html"}, {"name": "FEDORA-2010-5535", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038375.html"}, {"name": "39225", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/39225"}, {"name": "ADV-2010-0791", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/0791"}, {"name": "FEDORA-2010-5545", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038388.html"}, {"name": "39142", "refsource": "BID", "url": "http://www.securityfocus.com/bid/39142"}, {"name": "ADV-2010-0777", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/0777"}, {"name": "http://freefr.dl.sourceforge.net/project/libnids/libnids/1.24/libnids-1.24.releasenotes.txt", "refsource": "CONFIRM", "url": "http://freefr.dl.sourceforge.net/project/libnids/libnids/1.24/libnids-1.24.releasenotes.txt"}, {"name": "http://xorl.wordpress.com/2010/04/04/libnids-ip-fragmentation-remote-null-pointer-dereference/", "refsource": "MISC", "url": "http://xorl.wordpress.com/2010/04/04/libnids-ip-fragmentation-remote-null-pointer-dereference/"}, {"name": "libnids-ipfragment-dos(57428)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57428"}, {"name": "39249", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/39249"}]}}}}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2010-0751", "datePublished": "2010-04-06T16:00:00", "dateReserved": "2010-02-26T00:00:00", "dateUpdated": "2020-07-21T17:07:06", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:libnids_project:libnids:*:*:*:*:*:*:*:*", "matchCriteriaId": "C29246DD-B342-45D1-BA05-572B00D64690", "versionEndExcluding": "1.24", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:11:*:*:*:*:*:*:*", "matchCriteriaId": "B3BB5EDB-520B-4DEF-B06E-65CA13152824", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:12:*:*:*:*:*:*:*", "matchCriteriaId": "E44669D7-6C1E-4844-B78A-73E253A7CC17", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*", "matchCriteriaId": "A2D59BD0-43DE-4E58-A057-640AB98359A6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The ip_evictor function in ip_fragment.c in libnids before 1.24, as used in dsniff and possibly other products, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via crafted fragmented packets."}, {"lang": "es", "value": "La funci\u00f3n ip_evictor en ip_fragment.c en libnids versiones anteriores a 1.24, tal y como se utiliza en dnsniff y posiblemente otros productos, permite a atacantes remotos producir una denegaci\u00f3n de servicio (desreferencia a puntero NULL y caida) a trav\u00e9s de paquetes fragmentados manipulados."}], "id": "CVE-2010-0751", "lastModified": "2020-08-05T15:04:33.803", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2010-04-06T16:30:00.407", "references": [{"source": "secalert@redhat.com", "tags": ["Product", "Third Party Advisory"], "url": "http://freefr.dl.sourceforge.net/project/libnids/libnids/1.24/libnids-1.24.releasenotes.txt"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038375.html"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038388.html"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038410.html"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/39225"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/39249"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/39142"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2010/0777"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2010/0791"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Third Party Advisory"], "url": "http://xorl.wordpress.com/2010/04/04/libnids-ip-fragmentation-remote-null-pointer-dereference/"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57428"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}