[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Colasoft Capsa7.2.1 Malformed SNMP Packet Denial of Service



Colasoft Capsa ,a commercial software,is a powerful network packet analyzer,and you can get it from http://www.colasoft.com.cn (China)and http://www.javvin.com(USA).
--------------------------------------------------
I. Summary

A flaw has been identified in Colasoft Capsa 7.2.1 concerning SNMPv1 protocol dissector.When dissect a malformed snmpv1 packet,it will crash.
--------------------------------------------------
II. Description
When you send a malformed snmpv1 packet to any ip address,Colasoft Capsa7.2.1 will capture the snmpv1 packet and will crash as soon as you check the snmpv1 packet.It is a denial of service
-------------------------------------------------
III. Impact

Denial of service 
------------------------------------------------
IV. Affected
Colasoft Capsa 7.2.1 and before 7.2.1
------------------------------------------------ V.Solution

There is no known workaround at this time.

----------------------------------------------
VI.Credit

The penetration test team Of NCNIPC (China) is credited for this vulnerability.