configure for Dsniff 2.3, fragroute 1.2, and fragrouter 1.6, when downloaded from monkey.org on May 17, 2002, has been modified to contain a backdoor, which allows remote attackers to access the system.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| dug_song | fragrouter | 1.6 |
| dug_song | dsniff | 2.3 |
| dug_song | fragroute | 1.2 |
The TCP reassembly functionality in libnids before 1.18 allows remote attackers to cause "memory corruption" and possibly execute arbitrary code via "overlarge TCP packets."
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| rafal_wojtczuk | libnids | 1.11 |
| rafal_wojtczuk | libnids | 1.12 |
| rafal_wojtczuk | libnids | 1.14 |
| rafal_wojtczuk | libnids | 1.16 |
| dug_song | dsniff | 2.3 |
| rafal_wojtczuk | libnids | 1.17 |
| rafal_wojtczuk | libnids | 1.13 |