BID:17665

Tcpick Write.C Remote Denial of Service Vulnerability

Info

Tcpick Write.C Remote Denial of Service Vulnerability

Bugtraq ID:	17665
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2006-0048
Remote:	Yes
Local:	No
Published:	Apr 24 2006 12:00AM
Updated:	Apr 24 2006 08:46PM
Credit:	Andrea Barisani is credited with the discovery of this issue.
Vulnerable:	Tcpick Tcpick 0.2.1

Not Vulnerable:

Discussion

Tcpick Write.C Remote Denial of Service Vulnerability

Tcpick is susceptible to a remote denial-of-service vulnerability. This issue is due to the application's failure to properly handle malformed input.

This vulnerability allows remote attackers to crash the application, denying service to legitimate users.

Exploit / POC

Tcpick Write.C Remote Denial of Service Vulnerability

Attackers likely use readily available network utilities to exploit this issue.

Solution / Fix

Tcpick Write.C Remote Denial of Service Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].

References

Tcpick Write.C Remote Denial of Service Vulnerability

References:

tcpick 0.2.1 segfault condition (Andrea Barisani)
Tcpick Homepage (Tcpick)