[16472] in bugtraq
Re: Remote DoS Attack in Eeye Iris 1.01 and SpyNet CaptureNet
daemon@ATHENA.MIT.EDU (Elias Levy)
Thu Aug 31 17:49:28 2000
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-ID: <20000831132050.M19793@securityfocus.com>
Date: Thu, 31 Aug 2000 13:20:50 -0700
Reply-To: aleph1@SECURITYFOCUS.COM
From: Elias Levy <aleph1@SECURITYFOCUS.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <NCBBKFKDOLAGKIAPMILPGEODCGAA.labs@ussrback.com>
If anyone can reproduce the crash of Iris please let us know. Being able
to force a sniffer application from using most of its CPU by flooding
the network is an endemic problem of that type of application, although
in this case the problem seems like it can easily be mitigate by configuring
the app not to display packets graphically which is what is consuming most
of the CPU.
The real possible vulnerability is the heap overflow that may make Iris to
crash. If anyone can verify this claim we'd like to hear from them.
--
Elias Levy
SecurityFocus.com
http://www.securityfocus.com/
Si vis pacem, para bellum
