Post a Reply

Scapy '_RADIUSAttrPacketListField' Class Remote Denial of Service Vulnerability

  1. last year
    Edited last year by Men in Black


    Scapy is prone to a remote denial-of-service vulnerability.

    Attackers can exploit this issue to crash the affected application, denying service to legitimate users.


    Bugtraq ID: 106674
    Class: Failure to Handle Exceptional Conditions
    CVE: CVE-2019-1010142

    Remote: Yes
    Local: No
    Published: Jan 08 2019 12:00AM
    Updated: Jul 23 2019 08:00AM
    Credit: Johnathan Azaria and Koby Kilimnik.
    Vulnerable: Scapy Scapy 2.4
    python scapy-http 1.8
    python pysap 0.1.8
    python pyersinia 1.0.5
    python ooniprobe 1.3.2
    python mim 0.2.43
    python jldcmds 0.3
    python IcmpTool 0.1.8

    Not Vulnerable:


    The researcher who discovered this issue has created a proof-of-concept. Please see the references for more information.


    Remove useless _RADIUSAttrPacketListField class (Scapy)
    Scapy Home Page (Scapy)
    Scapy-sploit: Python Network Tool is Vulnerable to Denial of Service (DoS) Attac (Imperva)



or Sign Up to reply!