Crashing NetProwler 3.0
Reported May 18 by rain.forest.puppy
Sending two fragmented packets to machine monitored by NetProwler, the service can
be made to crash. The packets must be sent to machine being mornitored by NetProwler using
a spoofed source address of the actual NetProwler monitoring system.
In addition, the discoverer points out the NetProwler uses
the Microsoft Jet database engine, which has serious security risks in and of itself.
Axent Technologies is aware of this matter, however no
response was known at the time of this writing.
Discovered and reported by rain.forest.puppy