Nergal

**Name of the Vulnerable Software and Affected Versions** libnids versions prior to 1.24 **Description** The issue allows remote attackers to cause a denial of service via crafted fragmented packets, resulting in a NULL pointer dereference and crash. This is due to a problem in the `ip evictor` function in `ip fragment.c`, which is used in products such as dsniff. **Recommendations** For versions prior to 1.24, update to version 1.24 or later to resolve the issue. As a temporary workaround, consider restricting the handling of fragmented packets to minimize the risk of exploitation.