Reported April 30, 2002, by
Internet Security Systems.
VERSION
AFFECTED
RealSecure
Network Sensor 6.5
RealSecure
Network Sensor 6.0, XPU 3.4 and later
RealSecure
Network Sensor 5.x, XPU 3.4 and later
DESCRIPTION
VENDOR RESPONSE
The
vendor, Internet Security Systems, has issued X-Press
Update 4.3, which contains a fix for this vulnerability.
CREDIT
A
Denial of Service (DoS) condition exists in Internet Security Systems’
RealSecure Network Sensor. Specifically, a vulnerability in the three
informational signatures associated with DHCP can result in a segmentation fault
or exception error. An attacker can exploit this vulnerability by sending
specially crafted DHCP traffic, causing the sensor to malfunction or crash.
Discovered by Internet Security Systems
Denial of Service in ISS RealSecure
0 comments
Hide comments