ARGUSBug - Argus Seg Faults When Analyzing Wireless PCAP File

Mathew Brown mathewbrown at fastmail.fm
Fri Feb 1 00:05:25 EST 2008 

>Description:
	
Argus Seg Faults When Analyzing Wireless PCAP File

I ran into a pcap file when reading the article: "Wireless Forensics:
Tapping the Air - Part Two" -
http;//www.securityfocus.com/print/infocus/1885.  The actual pcap file
can be downloaded directly from here:
http://www.raulsiles.com/downloads/VoIP_roaming_session.zip  After
unzipping, running:

argus -r merged_voip_roaming_session.pcap -w
merged_voip_roaming_session.pcap.argus

would give me the error:

Segmentation Fault

>How-To-Repeat:

   See Description

>Fix:
   
   None that I know of.

>Submitter-Id:  None
>Originator:    mathewbrown at fastmail.fm
>Organization:	None
>ARGUS support: none
>Release:       argus-3.0
>Product:       argus
>Synopsis:      Argus Seg Faults When Analyzing Wireless PCAP File
>Class:	        sw-bug
>Severity:      non-critical
>Priority:      low/medium

>Environment:   <machine, os, target, libraries (multiple lines)>

System:  Linux deb 2.6.22-grml #1 SMP PREEMPT Tue Jul 10 00:35:57 CEST
2007 i686 GNU/Linux


Paths:    /usr/local/sbin/argus /usr/local/bin/ra /usr/bin/make
/usr/bin/gcc

ARGUS:   Argus Version 3.0.0
RA:      Ra Version 3.0.0.rc.68


GCC:     Using built-in specs.
Target: i486-linux-gnu
Configured with: ../src/configure -v
--enable-languages=c,c++,fortran,objc,obj-c++,treelang --prefix=/usr
--enable-shared --with-system-zlib --libexecdir=/usr/lib
--without-included-gettext --enable-threads=posix --enable-nls
--with-gxx-include-dir=/usr/include/c++/4.1.3 --program-suffix=-4.1
--enable-__cxa_atexit --enable-clocale=gnu --enable-libstdcxx-debug
--enable-mpfr --enable-checking=release i486-linux-gnu
Thread model: posix
gcc version 4.1.3 20080114 (prerelease) (Debian 4.1.2-19)

LIBC:    
lrwxrwxrwx 1 root root 11 2007-12-14 13:55 /lib/libc.so.6 -> libc-2.7.so
-rwxr-xr-x 1 root root 1356012 2007-12-07 11:38 /lib/libc-2.7.so
-rw-r--r-- 1 root root 3030784 2007-12-07 11:39 /usr/lib/libc.a
-rw-r--r-- 1 root root 238 2007-12-07 11:11 /usr/lib/libc.so

PS.  I had trouble sending the report using argusbug due to SMTP being
unavailable, so I'm sending it via web mail.  I also tried running it
through argus on my Fedora 8 box and it would also seg fault.
-- 
  Mathew Brown
  mathewbrown at fastmail.fm

-- 
http://www.fastmail.fm - The professional email service

More information about the argus mailing list