CVE-2010-0751

libnids < 1.24 - Denial of Service via Crafted Fragmented Packets

Title source: llm
STIX 2.1

Description

The ip_evictor function in ip_fragment.c in libnids before 1.24, as used in dsniff and possibly other products, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via crafted fragmented packets.

References (11)

Core 11
Core References
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/39225
Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038410.html
Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038375.html
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/0791
Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038388.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/39142
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/0777
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/57428
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/39249

Scores

EPSS 0.0394
EPSS Percentile 89.1%

Details

CWE
CWE-476
Status published
Products (4)
fedoraproject/fedora 11
fedoraproject/fedora 12
fedoraproject/fedora 13
libnids_project/libnids < 1.24
Published Apr 06, 2010
Tracked Since Feb 18, 2026