| Bug ID |
12569
|
| Summary |
Incorrect interpretation of Cisco NHRP Authentication Extension
|
| Product |
Wireshark
|
| Version |
Git
|
| Hardware |
x86
|
| OS |
All
|
| Status |
UNCONFIRMED
|
| Severity |
Normal
|
| Priority |
Low
|
| Component |
Dissection engine (libwireshark)
|
| Assignee |
[email protected]
|
| Reporter |
[email protected]
|
Created attachment 14691 [details]
NHRP packets with authentication extension
Build Information:
TShark (Wireshark) 2.1.0-git (v2.1.0rc0-3301-gf7cd537 from unknown)
--
Dear Wireshark developers,
Although RFC 2332 specifies that NHRP Authentication Extension have to include
Src Addr a variable length field
(https://tools.ietf.org/html/rfc2332#section-5.3.4.1), Cisco implemented it
without Src Addr field. This leads to incorrect interpretation of
Authentication Extension.
I checked it using classic IOS version [Cisco IOS Software, C2600 Software
(C2600-ADVENTERPRISEK9-M), Version 12.4(25d), RELEASE SOFTWARE (fc1)] and using
modern IOS XE version [Cisco IOS Software, CSR1000V Software
(X86_64_LINUX_IOSD-UNIVERSALK9-M), Version 15.5(1)S2, RELEASE SOFTWARE (fc2)].
The dumped packets from both versions are attached. Authentication string is
"CISCO". Many thanks in advance!
Garri
You are receiving this mail because:
- You are watching all bug changes.
