Tripwire 1.2 Long Filename Request DoS Vulnerability
BID:1362
Info
Tripwire 1.2 Long Filename Request DoS Vulnerability
| Bugtraq ID: | 1362 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Jan 04 1999 12:00AM |
| Updated: | Jan 04 1999 12:00AM |
| Credit: | Discovered by Chuck Campbell <[email protected]> and posted to Bugtraq by CyberPsychotic <[email protected]> on Jan 4, 1999. |
| Vulnerable: |
Tripwire Tripwire 1.2 |
| Not Vulnerable: | |
Discussion
Tripwire 1.2 Long Filename Request DoS Vulnerability
If Tripwire1.2 and earlier encounters a filename composed of 128-255 characters, it will crash. The application must be restarted to regain normal functionality.
If Tripwire1.2 and earlier encounters a filename composed of 128-255 characters, it will crash. The application must be restarted to regain normal functionality.
Exploit / POC
Tripwire 1.2 Long Filename Request DoS Vulnerability
See Discussion.
See Discussion.
Solution / Fix
Tripwire 1.2 Long Filename Request DoS Vulnerability
Solution:
Later versions of Tripwire are not vulnerable to this issue.
A patch for version 1.2 is available at:
http://www.securityfocus.com/data/vulnerabilities/patches/tw12.c
Solution:
Later versions of Tripwire are not vulnerable to this issue.
A patch for version 1.2 is available at:
http://www.securityfocus.com/data/vulnerabilities/patches/tw12.c