PT-1998-1238 · Network Flight Recorder · Network Flight Recorder

Published

1998-04-08

Updated

2008-09-05

CVE-1999-1503

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Network Flight Recorder (NFR) versions 1.5 through 1.6

Description The issue allows remote attackers to cause a denial of service, resulting in the crash of the nfrd service. This can be achieved by sending a TCP packet with a null header and data field.

Recommendations For versions 1.5 and 1.6, consider implementing packet validation to prevent null headers and data fields from being processed by the nfrd service. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-1999-1503

Affected Products

Network Flight Recorder

PT-1998-1238 · Network Flight Recorder · Network Flight Recorder

CVE-1999-1503

Related Identifiers

Affected Products

References · 2