| Bug ID |
10916
|
| Summary |
NHRP dissector incorrect decode of authentication extension
|
| Product |
Wireshark
|
| Version |
1.6.7
|
| Hardware |
x86
|
| OS |
Ubuntu
|
| Status |
UNCONFIRMED
|
| Severity |
Minor
|
| Priority |
Low
|
| Component |
Dissection engine (libwireshark)
|
| Assignee |
[email protected]
|
| Reporter |
[email protected]
|
Created attachment 13424 [details]
NHRP registrations with the incorrect dissection for NHRP authentication
extension
Build Information:
Version 1.6.7
Copyright 1998-2012 Gerald Combs <[email protected]> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled (64-bit) with GTK+ 2.24.10, with GLib 2.32.0, with libpcap (version
unknown), with libz 1.2.3.4, with POSIX capabilities (Linux), without libpcre,
with SMI 0.4.8, with c-ares 1.7.5, with Lua 5.1, without Python, with GnuTLS
2.12.14, with Gcrypt 1.5.0, with MIT Kerberos, with GeoIP, with PortAudio
V19-devel (built Dec 10 2011 11:43:10), without AirPcap.
Running on Linux 3.8.0-44-generic, with libpcap version 1.1.1, with libz
1.2.3.4, GnuTLS 2.12.14, Gcrypt 1.5.0.
Built using gcc 4.6.3.
--
The NHRP dissector incorrectly decodes the cleartext password used in the NHRP
Authentication Extension - see the attached capture -
The first 4 bytes are decoded as an a Source Address when in fact they are the
first 4 bytes of the password, the second four bytes are displayed as just data
- when they should be displayed as a password.
You are receiving this mail because:
- You are watching all bug changes.
