Alexis La Goutte
changed
bug 10916
| What |
Removed |
Added |
| Status |
UNCONFIRMED
|
INCOMPLETE
|
| CC |
|
[email protected]
|
| Ever confirmed |
|
1
|
Comment # 2
on bug 10916
from Alexis La Goutte
(In reply to Chris Maynard from comment #1)
> (In reply to Patrick from comment #0)
[...]
> > The NHRP dissector incorrectly decodes the cleartext password used in the
> > NHRP Authentication Extension - see the attached capture -
> > The first 4 bytes are decoded as an a Source Address when in fact they are
> > the first 4 bytes of the password, the second four bytes are displayed as
> > just data - when they should be displayed as a password.
>
> Wireshark appears to be dissecting the extension properly according to
> section 5.3.4 NHRP Authentication Extension of RFC 2332
> (http://tools.ietf.org/html/rfc2332).
>
> By the way, the data is not a password at all, but rather, "The data field
> contains the keyed hash calculated over the entire NHRP payload."
+1
You are receiving this mail because:
- You are watching all bug changes.