Stefan Fritsch wrote:
> Package: honeyd
> Severity: important
> Tags: security
>
>
> CVE-2006-4292:
> Unspecified vulnerability in Niels Provos Honeyd before 1.5b allows
> remote attackers to cause a denial of service (application crash) via
> certain Address Resolution Protocol (ARP) packets.
>
> Please mention the CVE-id in the changelog.
>
> I am not sure about the severity, adjust if necessary.
Javier, can you comment on this one? Is this a theoretical issue or
can the honeyd be crashed reliably?
In normal mode of operation Malice shouldn't notice that the attacked
net is a honey net, so this doesn't seem too severe.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
