Scapy is prone to a remote denial-of-service vulnerability.
Attackers can exploit this issue to crash the affected application, denying service to legitimate users.
Bugtraq ID: 106674
Class: Failure to Handle Exceptional Conditions
Published: Jan 08 2019 12:00AM
Updated: Jul 23 2019 08:00AM
Credit: Johnathan Azaria and Koby Kilimnik.
Vulnerable: Scapy Scapy 2.4
python scapy-http 1.8
python pysap 0.1.8
python pyersinia 1.0.5
python ooniprobe 1.3.2
python mim 0.2.43
python jldcmds 0.3
python IcmpTool 0.1.8
The researcher who discovered this issue has created a proof-of-concept. Please see the references for more information.
Remove useless _RADIUSAttrPacketListField class (Scapy)
Scapy Home Page (Scapy)
Scapy-sploit: Python Network Tool is Vulnerable to Denial of Service (DoS) Attac (Imperva)