Denial of Service (DoS)
Vulnerable module: scapy
Introduced through: scapy@2.4.0
Detailed paths
Introduced through: github/glb-director@github/glb-director#5e1edd0a0fe057320fc30f6ad850c9878c607882 › scapy@2.4.0
Remediation: Upgrade to scapy@2.4.1.
Overview
scapy is a Python-based interactive packet manipulation program and library.
Affected versions of this package are vulnerable to Denial of Service (DoS) due to a lack of input validation when reading the length field in the RADIUS packet’s Attribute Value Pairs (AVP). When Scapy parses a UDP Radius packet that has an AVP with a length byte equal to zero, the getfield function doesn’t shorten the remain value in the while loop. This causes the loop to continue forever, causing Scapy to crash.
Denial of Service (DoS) Vulnerable module: scapy Introduced through: scapy@2.4.0 Detailed paths Introduced through: github/glb-director@github/glb-director#5e1edd0a0fe057320fc30f6ad850c9878c607882 › scapy@2.4.0 Remediation: Upgrade to scapy@2.4.1. Overview scapy is a Python-based interactive packet manipulation program and library.
Affected versions of this package are vulnerable to Denial of Service (DoS) due to a lack of input validation when reading the length field in the RADIUS packet’s Attribute Value Pairs (AVP). When Scapy parses a UDP Radius packet that has an AVP with a length byte equal to zero, the getfield function doesn’t shorten the remain value in the while loop. This causes the loop to continue forever, causing Scapy to crash.