High severityNVD Advisory· Published Jul 19, 2019· Updated Aug 5, 2024
CVE-2019-1010142
CVE-2019-1010142
Description
scapy 2.4.0 is affected by: Denial of Service. The impact is: infinite loop, resource consumption and program unresponsive. The component is: _RADIUSAttrPacketListField.getfield(self..). The attack vector is: over the network or in a pcap. both work.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
scapyPyPI | >= 2.4-rc1, < 2.4.1 | 2.4.1 |
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
12- github.com/advisories/GHSA-mpf2-q34c-fc6jghsaADVISORY
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42NRPMC3NS2QVFNIXYP6WV2T3LMLLY7E/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T46XW4S5BCA3VV3JT3C5Q6LBEXSIACLN/mitrevendor-advisoryx_refsource_FEDORA
- nvd.nist.gov/vuln/detail/CVE-2019-1010142ghsaADVISORY
- www.securityfocus.com/bid/106674mitrevdb-entryx_refsource_BID
- github.com/pypa/advisory-database/tree/main/vulns/scapy/PYSEC-2019-120.yamlghsaWEB
- github.com/secdev/scapy/pull/1409ghsax_refsource_MISCWEB
- github.com/secdev/scapy/pull/1409/filesghsax_refsource_MISCWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42NRPMC3NS2QVFNIXYP6WV2T3LMLLY7EghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T46XW4S5BCA3VV3JT3C5Q6LBEXSIACLNghsaWEB
- www.imperva.com/blog/scapy-sploit-python-network-tool-is-vulnerable-to-denial-of-service-dos-attack-cve-pendingghsaWEB
- www.imperva.com/blog/scapy-sploit-python-network-tool-is-vulnerable-to-denial-of-service-dos-attack-cve-pending/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.