CVE-2010-0751
UnknownEPSS 3.94%
Last modified
CVE-2010-0751 is a vulnerability of currently unknown severity. The ip_evictor function in ip_fragment.c in libnids before 1.24, as used in dsniff and possibly other products, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via crafted fragmented packets.. EPSS estimates a 3.94% chance of exploitation in the next 30 days.
Description
The ip_evictor function in ip_fragment.c in libnids before 1.24, as used in dsniff and possibly other products, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via crafted fragmented packets.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Libnids Project | Libnids | < 1.24 |
| Fedoraproject | Fedora | 11 |
| Fedoraproject | Fedora | 12 |
| Fedoraproject | Fedora | 13 |
References
- http://freefr.dl.sourceforge.net/project/libnids/libnids/1.24/libnids-1.24.releasenotes.txtProduct, Third Party Advisory
- http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038375.htmlThird Party Advisory
- http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038388.htmlThird Party Advisory
- http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038410.htmlThird Party Advisory
- http://secunia.com/advisories/39225Third Party Advisory
- http://secunia.com/advisories/39249Third Party Advisory
- http://www.securityfocus.com/bid/39142Third Party Advisory, VDB Entry
- http://www.vupen.com/english/advisories/2010/0777Third Party Advisory
- http://www.vupen.com/english/advisories/2010/0791Third Party Advisory
- http://xorl.wordpress.com/2010/04/04/libnids-ip-fragmentation-remote-null-pointer-dereference/Exploit, Third Party Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/57428Third Party Advisory, VDB Entry
- http://freefr.dl.sourceforge.net/project/libnids/libnids/1.24/libnids-1.24.releasenotes.txtProduct, Third Party Advisory
- http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038375.htmlThird Party Advisory
- http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038388.htmlThird Party Advisory
- http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038410.htmlThird Party Advisory
- http://secunia.com/advisories/39225Third Party Advisory
- http://secunia.com/advisories/39249Third Party Advisory
- http://www.securityfocus.com/bid/39142Third Party Advisory, VDB Entry
- http://www.vupen.com/english/advisories/2010/0777Third Party Advisory
- http://www.vupen.com/english/advisories/2010/0791Third Party Advisory
- http://xorl.wordpress.com/2010/04/04/libnids-ip-fragmentation-remote-null-pointer-dereference/Exploit, Third Party Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/57428Third Party Advisory, VDB Entry
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2010-0751?
The ip_evictor function in ip_fragment.c in libnids before 1.24, as used in dsniff and possibly other products, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via crafted fragmented packets.
How severe is CVE-2010-0751?
Severity scoring for CVE-2010-0751 is pending analysis. The EPSS model estimates a 3.94% probability of exploitation in the next 30 days.
How do I fix CVE-2010-0751?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2010-0751?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST