Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
11 vulnerabilities found for snort by sourcefire
VAR-200602-0404
Vulnerability from variot - Updated: 2023-12-18 11:12The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option lengths. Snort is reportedly prone to a vulnerability that may allow malicious packets to bypass detection. Reports indicate that the Frag3 preprocessor fails to properly analyze certain packets. A successful attack can allow attackers to bypass intrusion detection and to carry out attacks against computers protected by Snort. This vulnerability affects Snort 2.4.3. Other versions may be vulnerable as well.
TITLE: Snort frag3 Preprocessor Packet Reassembly Vulnerability
SECUNIA ADVISORY ID: SA18959
VERIFY ADVISORY: http://secunia.com/advisories/18959/
CRITICAL: Moderately critical
IMPACT: Security Bypass
WHERE:
From remote
SOFTWARE: Snort 2.4.x http://secunia.com/product/5691/
DESCRIPTION: siouxsie has reported a vulnerability in Snort, which potentially can be exploited by malicious people to bypass certain security restrictions.
The vulnerability has been reported in version 2.4.3.
SOLUTION: Filter potentially malicious fragmented IP packets with a firewall.
PROVIDED AND/OR DISCOVERED BY: siouxsie
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200602-0404",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "snort",
"scope": "eq",
"trust": 1.6,
"vendor": "sourcefire",
"version": "2.4.3"
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "no",
"version": null
},
{
"model": "project snort",
"scope": "eq",
"trust": 0.3,
"vendor": "snort",
"version": "2.4.3"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-0996"
},
{
"db": "BID",
"id": "16705"
},
{
"db": "NVD",
"id": "CVE-2006-0839"
},
{
"db": "CNNVD",
"id": "CNNVD-200602-339"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sourcefire:snort:2.4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-0839"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Reported by",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200602-339"
}
],
"trust": 0.6
},
"cve": "CVE-2006-0839",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2006-0996",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-0839",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2006-0996",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200602-339",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-0996"
},
{
"db": "NVD",
"id": "CVE-2006-0839"
},
{
"db": "CNNVD",
"id": "CNNVD-200602-339"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option lengths. Snort is reportedly prone to a vulnerability that may allow malicious packets to bypass detection. \nReports indicate that the Frag3 preprocessor fails to properly analyze certain packets. \nA successful attack can allow attackers to bypass intrusion detection and to carry out attacks against computers protected by Snort. \nThis vulnerability affects Snort 2.4.3. Other versions may be vulnerable as well. \n\nTITLE:\nSnort frag3 Preprocessor Packet Reassembly Vulnerability\n\nSECUNIA ADVISORY ID:\nSA18959\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/18959/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nSecurity Bypass\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nSnort 2.4.x\nhttp://secunia.com/product/5691/\n\nDESCRIPTION:\nsiouxsie has reported a vulnerability in Snort, which potentially can\nbe exploited by malicious people to bypass certain security\nrestrictions. \n\nThe vulnerability has been reported in version 2.4.3. \n\nSOLUTION:\nFilter potentially malicious fragmented IP packets with a firewall. \n\nPROVIDED AND/OR DISCOVERED BY:\nsiouxsie\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-0839"
},
{
"db": "CNVD",
"id": "CNVD-2006-0996"
},
{
"db": "BID",
"id": "16705"
},
{
"db": "PACKETSTORM",
"id": "44230"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "16705",
"trust": 2.5
},
{
"db": "NVD",
"id": "CVE-2006-0839",
"trust": 2.2
},
{
"db": "SECUNIA",
"id": "18959",
"trust": 1.7
},
{
"db": "CNVD",
"id": "CNVD-2006-0996",
"trust": 0.6
},
{
"db": "XF",
"id": "3",
"trust": 0.6
},
{
"db": "XF",
"id": "24811",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20060217 SNORT INCORRECT FRAGMENTED PACKET REASSEMBLY",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200602-339",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "44230",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-0996"
},
{
"db": "BID",
"id": "16705"
},
{
"db": "PACKETSTORM",
"id": "44230"
},
{
"db": "NVD",
"id": "CVE-2006-0839"
},
{
"db": "CNNVD",
"id": "CNNVD-200602-339"
}
]
},
"id": "VAR-200602-0404",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-0996"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-0996"
}
]
},
"last_update_date": "2023-12-18T11:12:52.992000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-0839"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://www.securityfocus.com/bid/16705"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/18959"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/425290/100/0/threaded"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24811"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/425290/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/24811"
},
{
"trust": 0.3,
"url": "http://www.snort.org/"
},
{
"trust": 0.3,
"url": "/archive/1/425290"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5691/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/18959/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-0996"
},
{
"db": "BID",
"id": "16705"
},
{
"db": "PACKETSTORM",
"id": "44230"
},
{
"db": "NVD",
"id": "CVE-2006-0839"
},
{
"db": "CNNVD",
"id": "CNNVD-200602-339"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2006-0996"
},
{
"db": "BID",
"id": "16705"
},
{
"db": "PACKETSTORM",
"id": "44230"
},
{
"db": "NVD",
"id": "CVE-2006-0839"
},
{
"db": "CNNVD",
"id": "CNNVD-200602-339"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-02-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2006-0996"
},
{
"date": "2006-02-17T00:00:00",
"db": "BID",
"id": "16705"
},
{
"date": "2006-03-01T03:50:51",
"db": "PACKETSTORM",
"id": "44230"
},
{
"date": "2006-02-22T02:02:00",
"db": "NVD",
"id": "CVE-2006-0839"
},
{
"date": "2006-02-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200602-339"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-02-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2006-0996"
},
{
"date": "2006-02-17T18:43:00",
"db": "BID",
"id": "16705"
},
{
"date": "2018-10-18T16:29:23.023000",
"db": "NVD",
"id": "CVE-2006-0839"
},
{
"date": "2006-08-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200602-339"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200602-339"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Snort Frag3 Processor Packet Fragment Avoidance Detection Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-0996"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "16705"
},
{
"db": "CNNVD",
"id": "CNNVD-200602-339"
}
],
"trust": 0.9
}
}
CVE-2006-2769 (GCVE-0-2006-2769)
Vulnerability from nvd – Published: 2006-06-02 10:00 – Updated: 2024-08-07 17:58
VLAI
Summary
The HTTP Inspect preprocessor (http_inspect) in Snort 2.4.0 through 2.4.4 allows remote attackers to bypass "uricontent" rules via a carriage return (\r) after the URL and before the HTTP declaration.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
16 references
Date Public
2006-05-31 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:58:52.058Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060603 Re: New Snort Bypass - Patch - Bypass of Patch",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/435872/100/0/threaded"
},
{
"name": "20060602 New Snort Bypass - Patch - Bypass of Patch",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/435734/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.demarc.com/support/downloads/patch_20060531"
},
{
"name": "20766",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20766"
},
{
"name": "18200",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18200"
},
{
"name": "20413",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20413"
},
{
"name": "20060601 Snort HTTP Inspect Pre-Processor Uricontent Bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/435600/100/0/threaded"
},
{
"name": "ADV-2006-2119",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2119"
},
{
"name": "1018",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1018"
},
{
"name": "snort-uricontent-rule-bypass(26855)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26855"
},
{
"name": "25837",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/25837"
},
{
"name": "SUSE-SR:2006:014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0008.html"
},
{
"name": "1016191",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016191"
},
{
"name": "[Snort-devel] 20060531 Snort Uricontent Bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=snort-devel\u0026m=114909074311462\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.snort.org/pub-bin/snortnews.cgi#431"
},
{
"name": "20060602 Re: New Snort Bypass - Patch - Bypass of Patch",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/435797/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-05-31T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The HTTP Inspect preprocessor (http_inspect) in Snort 2.4.0 through 2.4.4 allows remote attackers to bypass \"uricontent\" rules via a carriage return (\\r) after the URL and before the HTTP declaration."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060603 Re: New Snort Bypass - Patch - Bypass of Patch",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/435872/100/0/threaded"
},
{
"name": "20060602 New Snort Bypass - Patch - Bypass of Patch",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/435734/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.demarc.com/support/downloads/patch_20060531"
},
{
"name": "20766",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20766"
},
{
"name": "18200",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18200"
},
{
"name": "20413",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20413"
},
{
"name": "20060601 Snort HTTP Inspect Pre-Processor Uricontent Bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/435600/100/0/threaded"
},
{
"name": "ADV-2006-2119",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2119"
},
{
"name": "1018",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1018"
},
{
"name": "snort-uricontent-rule-bypass(26855)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26855"
},
{
"name": "25837",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/25837"
},
{
"name": "SUSE-SR:2006:014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0008.html"
},
{
"name": "1016191",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016191"
},
{
"name": "[Snort-devel] 20060531 Snort Uricontent Bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=snort-devel\u0026m=114909074311462\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.snort.org/pub-bin/snortnews.cgi#431"
},
{
"name": "20060602 Re: New Snort Bypass - Patch - Bypass of Patch",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/435797/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2769",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The HTTP Inspect preprocessor (http_inspect) in Snort 2.4.0 through 2.4.4 allows remote attackers to bypass \"uricontent\" rules via a carriage return (\\r) after the URL and before the HTTP declaration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060603 Re: New Snort Bypass - Patch - Bypass of Patch",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/435872/100/0/threaded"
},
{
"name": "20060602 New Snort Bypass - Patch - Bypass of Patch",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/435734/100/0/threaded"
},
{
"name": "http://www.demarc.com/support/downloads/patch_20060531",
"refsource": "MISC",
"url": "http://www.demarc.com/support/downloads/patch_20060531"
},
{
"name": "20766",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20766"
},
{
"name": "18200",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18200"
},
{
"name": "20413",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20413"
},
{
"name": "20060601 Snort HTTP Inspect Pre-Processor Uricontent Bypass",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/435600/100/0/threaded"
},
{
"name": "ADV-2006-2119",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2119"
},
{
"name": "1018",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1018"
},
{
"name": "snort-uricontent-rule-bypass(26855)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26855"
},
{
"name": "25837",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/25837"
},
{
"name": "SUSE-SR:2006:014",
"refsource": "SUSE",
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0008.html"
},
{
"name": "1016191",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016191"
},
{
"name": "[Snort-devel] 20060531 Snort Uricontent Bypass Vulnerability",
"refsource": "MLIST",
"url": "http://marc.info/?l=snort-devel\u0026m=114909074311462\u0026w=2"
},
{
"name": "http://www.snort.org/pub-bin/snortnews.cgi#431",
"refsource": "CONFIRM",
"url": "http://www.snort.org/pub-bin/snortnews.cgi#431"
},
{
"name": "20060602 Re: New Snort Bypass - Patch - Bypass of Patch",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/435797/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-2769",
"datePublished": "2006-06-02T10:00:00.000Z",
"dateReserved": "2006-06-01T00:00:00.000Z",
"dateUpdated": "2024-08-07T17:58:52.058Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0839 (GCVE-0-2006-0839)
Vulnerability from nvd – Published: 2006-02-22 02:00 – Updated: 2024-08-07 16:48
VLAI
Summary
The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option lengths.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/425290/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/16705 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/18959 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2006-02-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:48:56.548Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060217 SNORT Incorrect fragmented packet reassembly",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/425290/100/0/threaded"
},
{
"name": "16705",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16705"
},
{
"name": "18959",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18959"
},
{
"name": "snort-frag3-detection-bypass(24811)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24811"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option lengths."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060217 SNORT Incorrect fragmented packet reassembly",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/425290/100/0/threaded"
},
{
"name": "16705",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16705"
},
{
"name": "18959",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18959"
},
{
"name": "snort-frag3-detection-bypass(24811)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24811"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0839",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option lengths."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060217 SNORT Incorrect fragmented packet reassembly",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/425290/100/0/threaded"
},
{
"name": "16705",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16705"
},
{
"name": "18959",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18959"
},
{
"name": "snort-frag3-detection-bypass(24811)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24811"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0839",
"datePublished": "2006-02-22T02:00:00.000Z",
"dateReserved": "2006-02-22T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:48:56.548Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3252 (GCVE-0-2005-3252)
Vulnerability from nvd – Published: 2005-10-18 04:00 – Updated: 2024-08-07 23:01
VLAI
Summary
Stack-based buffer overflow in the Back Orifice (BO) preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code via a crafted UDP packet.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
15 references
Date Public
2005-10-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:01:59.077Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#175500",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/175500"
},
{
"name": "20051025 Snort\u0027s BO pre-processor exploit",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0505.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=362187\u0026RenditionID="
},
{
"name": "15131",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15131"
},
{
"name": "ADV-2005-2138",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/2138"
},
{
"name": "17559",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17559"
},
{
"name": "20051018 Snort Back Orifice Parsing Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://xforce.iss.net/xforce/alerts/id/207"
},
{
"name": "20034",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/20034"
},
{
"name": "20051101 Snort Back Orifice Preprocessor Exploit (Win32 targets)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0010.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.snort.org/docs/change_logs/2.4.3/Changelog.txt"
},
{
"name": "17220",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17220"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=363396\u0026RenditionID="
},
{
"name": "TA05-291A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA05-291A.html"
},
{
"name": "1015070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015070"
},
{
"name": "17255",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17255"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-10-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the Back Orifice (BO) preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code via a crafted UDP packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-04T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#175500",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/175500"
},
{
"name": "20051025 Snort\u0027s BO pre-processor exploit",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0505.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=362187\u0026RenditionID="
},
{
"name": "15131",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15131"
},
{
"name": "ADV-2005-2138",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/2138"
},
{
"name": "17559",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17559"
},
{
"name": "20051018 Snort Back Orifice Parsing Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://xforce.iss.net/xforce/alerts/id/207"
},
{
"name": "20034",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/20034"
},
{
"name": "20051101 Snort Back Orifice Preprocessor Exploit (Win32 targets)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0010.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.snort.org/docs/change_logs/2.4.3/Changelog.txt"
},
{
"name": "17220",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17220"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=363396\u0026RenditionID="
},
{
"name": "TA05-291A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA05-291A.html"
},
{
"name": "1015070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015070"
},
{
"name": "17255",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17255"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3252",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the Back Orifice (BO) preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code via a crafted UDP packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#175500",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/175500"
},
{
"name": "20051025 Snort\u0027s BO pre-processor exploit",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0505.html"
},
{
"name": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=362187\u0026RenditionID=",
"refsource": "CONFIRM",
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=362187\u0026RenditionID="
},
{
"name": "15131",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15131"
},
{
"name": "ADV-2005-2138",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2138"
},
{
"name": "17559",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17559"
},
{
"name": "20051018 Snort Back Orifice Parsing Remote Code Execution",
"refsource": "ISS",
"url": "http://xforce.iss.net/xforce/alerts/id/207"
},
{
"name": "20034",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20034"
},
{
"name": "20051101 Snort Back Orifice Preprocessor Exploit (Win32 targets)",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0010.html"
},
{
"name": "http://www.snort.org/docs/change_logs/2.4.3/Changelog.txt",
"refsource": "CONFIRM",
"url": "http://www.snort.org/docs/change_logs/2.4.3/Changelog.txt"
},
{
"name": "17220",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17220"
},
{
"name": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=363396\u0026RenditionID=",
"refsource": "CONFIRM",
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=363396\u0026RenditionID="
},
{
"name": "TA05-291A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA05-291A.html"
},
{
"name": "1015070",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015070"
},
{
"name": "17255",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17255"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3252",
"datePublished": "2005-10-18T04:00:00.000Z",
"dateReserved": "2005-10-18T00:00:00.000Z",
"dateUpdated": "2024-08-07T23:01:59.077Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-2652 (GCVE-0-2004-2652)
Vulnerability from nvd – Published: 2005-12-18 22:00 – Updated: 2024-08-08 01:36
VLAI
Summary
The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when printing TCP/IP options using FAST output or verbose mode, allows remote attackers to cause a denial of service (crash) via packets with invalid TCP/IP options, which trigger a null dereference.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://securitytracker.com/id?1012656 | vdb-entryx_refsource_SECTRACK |
| http://www.frsirt.com/exploits/20041222.angelDust.c.php | x_refsource_MISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/12084 | vdb-entryx_refsource_BID |
| http://www.securiteam.com/exploits/6X00L20C0S.html | x_refsource_MISC |
| http://www.osvdb.org/12578 | vdb-entryx_refsource_OSVDB |
| http://www.snort.org/arc_news/ | x_refsource_CONFIRM |
| http://secunia.com/advisories/13664 | third-party-advisoryx_refsource_SECUNIA |
| http://taosecurity.blogspot.com/2004/12/details-o… | x_refsource_MISC |
Date Public
2004-12-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:36:24.604Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1012656",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1012656"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.frsirt.com/exploits/20041222.angelDust.c.php"
},
{
"name": "snort-tcpip-printing-dos(18689)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18689"
},
{
"name": "12084",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12084"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securiteam.com/exploits/6X00L20C0S.html"
},
{
"name": "12578",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/12578"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.snort.org/arc_news/"
},
{
"name": "13664",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13664"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://taosecurity.blogspot.com/2004/12/details-on-snort-dos-condition-you-may.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when printing TCP/IP options using FAST output or verbose mode, allows remote attackers to cause a denial of service (crash) via packets with invalid TCP/IP options, which trigger a null dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1012656",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1012656"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.frsirt.com/exploits/20041222.angelDust.c.php"
},
{
"name": "snort-tcpip-printing-dos(18689)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18689"
},
{
"name": "12084",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12084"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securiteam.com/exploits/6X00L20C0S.html"
},
{
"name": "12578",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/12578"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.snort.org/arc_news/"
},
{
"name": "13664",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13664"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://taosecurity.blogspot.com/2004/12/details-on-snort-dos-condition-you-may.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2652",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when printing TCP/IP options using FAST output or verbose mode, allows remote attackers to cause a denial of service (crash) via packets with invalid TCP/IP options, which trigger a null dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1012656",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1012656"
},
{
"name": "http://www.frsirt.com/exploits/20041222.angelDust.c.php",
"refsource": "MISC",
"url": "http://www.frsirt.com/exploits/20041222.angelDust.c.php"
},
{
"name": "snort-tcpip-printing-dos(18689)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18689"
},
{
"name": "12084",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12084"
},
{
"name": "http://www.securiteam.com/exploits/6X00L20C0S.html",
"refsource": "MISC",
"url": "http://www.securiteam.com/exploits/6X00L20C0S.html"
},
{
"name": "12578",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/12578"
},
{
"name": "http://www.snort.org/arc_news/",
"refsource": "CONFIRM",
"url": "http://www.snort.org/arc_news/"
},
{
"name": "13664",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13664"
},
{
"name": "http://taosecurity.blogspot.com/2004/12/details-on-snort-dos-condition-you-may.html",
"refsource": "MISC",
"url": "http://taosecurity.blogspot.com/2004/12/details-on-snort-dos-condition-you-may.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2652",
"datePublished": "2005-12-18T22:00:00.000Z",
"dateReserved": "2005-12-18T00:00:00.000Z",
"dateUpdated": "2024-08-08T01:36:24.604Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0209 (GCVE-0-2003-0209)
Vulnerability from nvd – Published: 2003-04-16 04:00 – Updated: 2024-08-08 01:43
VLAI
Summary
Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-based buffer overflow.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| http://marc.info/?l=bugtraq&m=105103586927007&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/7178 | vdb-entryx_refsource_BID |
| http://www.cert.org/advisories/CA-2003-13.html | third-party-advisoryx_refsource_CERT |
| http://marc.info/?l=bugtraq&m=105043563016235&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://marc.info/?l=bugtraq&m=105172790914107&w=2 | vendor-advisoryx_refsource_ENGARDE |
| http://www.kb.cert.org/vuls/id/139129 | third-party-advisoryx_refsource_CERT-VN |
| http://www.debian.org/security/2003/dsa-297 | vendor-advisoryx_refsource_DEBIAN |
| http://marc.info/?l=bugtraq&m=105111217731583&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRAKE |
| http://www.coresecurity.com/common/showdoc.php?id… | x_refsource_MISC |
| http://marc.info/?l=bugtraq&m=105154530427824&w=2 | mailing-listx_refsource_BUGTRAQ |
Date Public
2003-04-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:43:36.113Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20030422 GLSA: snort (200304-05)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105103586927007\u0026w=2"
},
{
"name": "7178",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7178"
},
{
"name": "CA-2003-13",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2003-13.html"
},
{
"name": "20030415 CORE-2003-0307: Snort TCP Stream Reassembly Integer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105043563016235\u0026w=2"
},
{
"name": "ESA-20030430-013",
"tags": [
"vendor-advisory",
"x_refsource_ENGARDE",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105172790914107\u0026w=2"
},
{
"name": "VU#139129",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/139129"
},
{
"name": "DSA-297",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-297"
},
{
"name": "20030423 Snort \u003c=1.9.1 exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105111217731583\u0026w=2"
},
{
"name": "MDKSA-2003:052",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:052"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/common/showdoc.php?idx=313\u0026idxseccion=10"
},
{
"name": "20030428 GLSA: snort (200304-06)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105154530427824\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-04-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20030422 GLSA: snort (200304-05)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105103586927007\u0026w=2"
},
{
"name": "7178",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7178"
},
{
"name": "CA-2003-13",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2003-13.html"
},
{
"name": "20030415 CORE-2003-0307: Snort TCP Stream Reassembly Integer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105043563016235\u0026w=2"
},
{
"name": "ESA-20030430-013",
"tags": [
"vendor-advisory",
"x_refsource_ENGARDE"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105172790914107\u0026w=2"
},
{
"name": "VU#139129",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/139129"
},
{
"name": "DSA-297",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-297"
},
{
"name": "20030423 Snort \u003c=1.9.1 exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105111217731583\u0026w=2"
},
{
"name": "MDKSA-2003:052",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:052"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/common/showdoc.php?idx=313\u0026idxseccion=10"
},
{
"name": "20030428 GLSA: snort (200304-06)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105154530427824\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0209",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20030422 GLSA: snort (200304-05)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=105103586927007\u0026w=2"
},
{
"name": "7178",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7178"
},
{
"name": "CA-2003-13",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2003-13.html"
},
{
"name": "20030415 CORE-2003-0307: Snort TCP Stream Reassembly Integer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=105043563016235\u0026w=2"
},
{
"name": "ESA-20030430-013",
"refsource": "ENGARDE",
"url": "http://marc.info/?l=bugtraq\u0026m=105172790914107\u0026w=2"
},
{
"name": "VU#139129",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/139129"
},
{
"name": "DSA-297",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-297"
},
{
"name": "20030423 Snort \u003c=1.9.1 exploit",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=105111217731583\u0026w=2"
},
{
"name": "MDKSA-2003:052",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:052"
},
{
"name": "http://www.coresecurity.com/common/showdoc.php?idx=313\u0026idxseccion=10",
"refsource": "MISC",
"url": "http://www.coresecurity.com/common/showdoc.php?idx=313\u0026idxseccion=10"
},
{
"name": "20030428 GLSA: snort (200304-06)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=105154530427824\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0209",
"datePublished": "2003-04-16T04:00:00.000Z",
"dateReserved": "2003-04-15T00:00:00.000Z",
"dateUpdated": "2024-08-08T01:43:36.113Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-2769 (GCVE-0-2006-2769)
Vulnerability from cvelistv5 – Published: 2006-06-02 10:00 – Updated: 2024-08-07 17:58
VLAI
Summary
The HTTP Inspect preprocessor (http_inspect) in Snort 2.4.0 through 2.4.4 allows remote attackers to bypass "uricontent" rules via a carriage return (\r) after the URL and before the HTTP declaration.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
16 references
Date Public
2006-05-31 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:58:52.058Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060603 Re: New Snort Bypass - Patch - Bypass of Patch",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/435872/100/0/threaded"
},
{
"name": "20060602 New Snort Bypass - Patch - Bypass of Patch",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/435734/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.demarc.com/support/downloads/patch_20060531"
},
{
"name": "20766",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20766"
},
{
"name": "18200",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18200"
},
{
"name": "20413",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20413"
},
{
"name": "20060601 Snort HTTP Inspect Pre-Processor Uricontent Bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/435600/100/0/threaded"
},
{
"name": "ADV-2006-2119",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2119"
},
{
"name": "1018",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1018"
},
{
"name": "snort-uricontent-rule-bypass(26855)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26855"
},
{
"name": "25837",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/25837"
},
{
"name": "SUSE-SR:2006:014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0008.html"
},
{
"name": "1016191",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016191"
},
{
"name": "[Snort-devel] 20060531 Snort Uricontent Bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=snort-devel\u0026m=114909074311462\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.snort.org/pub-bin/snortnews.cgi#431"
},
{
"name": "20060602 Re: New Snort Bypass - Patch - Bypass of Patch",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/435797/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-05-31T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The HTTP Inspect preprocessor (http_inspect) in Snort 2.4.0 through 2.4.4 allows remote attackers to bypass \"uricontent\" rules via a carriage return (\\r) after the URL and before the HTTP declaration."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060603 Re: New Snort Bypass - Patch - Bypass of Patch",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/435872/100/0/threaded"
},
{
"name": "20060602 New Snort Bypass - Patch - Bypass of Patch",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/435734/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.demarc.com/support/downloads/patch_20060531"
},
{
"name": "20766",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20766"
},
{
"name": "18200",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18200"
},
{
"name": "20413",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20413"
},
{
"name": "20060601 Snort HTTP Inspect Pre-Processor Uricontent Bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/435600/100/0/threaded"
},
{
"name": "ADV-2006-2119",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2119"
},
{
"name": "1018",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1018"
},
{
"name": "snort-uricontent-rule-bypass(26855)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26855"
},
{
"name": "25837",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/25837"
},
{
"name": "SUSE-SR:2006:014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0008.html"
},
{
"name": "1016191",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016191"
},
{
"name": "[Snort-devel] 20060531 Snort Uricontent Bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=snort-devel\u0026m=114909074311462\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.snort.org/pub-bin/snortnews.cgi#431"
},
{
"name": "20060602 Re: New Snort Bypass - Patch - Bypass of Patch",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/435797/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2769",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The HTTP Inspect preprocessor (http_inspect) in Snort 2.4.0 through 2.4.4 allows remote attackers to bypass \"uricontent\" rules via a carriage return (\\r) after the URL and before the HTTP declaration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060603 Re: New Snort Bypass - Patch - Bypass of Patch",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/435872/100/0/threaded"
},
{
"name": "20060602 New Snort Bypass - Patch - Bypass of Patch",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/435734/100/0/threaded"
},
{
"name": "http://www.demarc.com/support/downloads/patch_20060531",
"refsource": "MISC",
"url": "http://www.demarc.com/support/downloads/patch_20060531"
},
{
"name": "20766",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20766"
},
{
"name": "18200",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18200"
},
{
"name": "20413",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20413"
},
{
"name": "20060601 Snort HTTP Inspect Pre-Processor Uricontent Bypass",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/435600/100/0/threaded"
},
{
"name": "ADV-2006-2119",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2119"
},
{
"name": "1018",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1018"
},
{
"name": "snort-uricontent-rule-bypass(26855)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26855"
},
{
"name": "25837",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/25837"
},
{
"name": "SUSE-SR:2006:014",
"refsource": "SUSE",
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0008.html"
},
{
"name": "1016191",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016191"
},
{
"name": "[Snort-devel] 20060531 Snort Uricontent Bypass Vulnerability",
"refsource": "MLIST",
"url": "http://marc.info/?l=snort-devel\u0026m=114909074311462\u0026w=2"
},
{
"name": "http://www.snort.org/pub-bin/snortnews.cgi#431",
"refsource": "CONFIRM",
"url": "http://www.snort.org/pub-bin/snortnews.cgi#431"
},
{
"name": "20060602 Re: New Snort Bypass - Patch - Bypass of Patch",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/435797/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-2769",
"datePublished": "2006-06-02T10:00:00.000Z",
"dateReserved": "2006-06-01T00:00:00.000Z",
"dateUpdated": "2024-08-07T17:58:52.058Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0839 (GCVE-0-2006-0839)
Vulnerability from cvelistv5 – Published: 2006-02-22 02:00 – Updated: 2024-08-07 16:48
VLAI
Summary
The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option lengths.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/425290/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/16705 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/18959 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2006-02-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:48:56.548Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060217 SNORT Incorrect fragmented packet reassembly",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/425290/100/0/threaded"
},
{
"name": "16705",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16705"
},
{
"name": "18959",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18959"
},
{
"name": "snort-frag3-detection-bypass(24811)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24811"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option lengths."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060217 SNORT Incorrect fragmented packet reassembly",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/425290/100/0/threaded"
},
{
"name": "16705",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16705"
},
{
"name": "18959",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18959"
},
{
"name": "snort-frag3-detection-bypass(24811)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24811"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0839",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option lengths."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060217 SNORT Incorrect fragmented packet reassembly",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/425290/100/0/threaded"
},
{
"name": "16705",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16705"
},
{
"name": "18959",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18959"
},
{
"name": "snort-frag3-detection-bypass(24811)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24811"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0839",
"datePublished": "2006-02-22T02:00:00.000Z",
"dateReserved": "2006-02-22T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:48:56.548Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-2652 (GCVE-0-2004-2652)
Vulnerability from cvelistv5 – Published: 2005-12-18 22:00 – Updated: 2024-08-08 01:36
VLAI
Summary
The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when printing TCP/IP options using FAST output or verbose mode, allows remote attackers to cause a denial of service (crash) via packets with invalid TCP/IP options, which trigger a null dereference.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://securitytracker.com/id?1012656 | vdb-entryx_refsource_SECTRACK |
| http://www.frsirt.com/exploits/20041222.angelDust.c.php | x_refsource_MISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/12084 | vdb-entryx_refsource_BID |
| http://www.securiteam.com/exploits/6X00L20C0S.html | x_refsource_MISC |
| http://www.osvdb.org/12578 | vdb-entryx_refsource_OSVDB |
| http://www.snort.org/arc_news/ | x_refsource_CONFIRM |
| http://secunia.com/advisories/13664 | third-party-advisoryx_refsource_SECUNIA |
| http://taosecurity.blogspot.com/2004/12/details-o… | x_refsource_MISC |
Date Public
2004-12-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:36:24.604Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1012656",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1012656"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.frsirt.com/exploits/20041222.angelDust.c.php"
},
{
"name": "snort-tcpip-printing-dos(18689)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18689"
},
{
"name": "12084",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12084"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securiteam.com/exploits/6X00L20C0S.html"
},
{
"name": "12578",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/12578"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.snort.org/arc_news/"
},
{
"name": "13664",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13664"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://taosecurity.blogspot.com/2004/12/details-on-snort-dos-condition-you-may.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when printing TCP/IP options using FAST output or verbose mode, allows remote attackers to cause a denial of service (crash) via packets with invalid TCP/IP options, which trigger a null dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1012656",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1012656"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.frsirt.com/exploits/20041222.angelDust.c.php"
},
{
"name": "snort-tcpip-printing-dos(18689)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18689"
},
{
"name": "12084",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12084"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securiteam.com/exploits/6X00L20C0S.html"
},
{
"name": "12578",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/12578"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.snort.org/arc_news/"
},
{
"name": "13664",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13664"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://taosecurity.blogspot.com/2004/12/details-on-snort-dos-condition-you-may.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2652",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when printing TCP/IP options using FAST output or verbose mode, allows remote attackers to cause a denial of service (crash) via packets with invalid TCP/IP options, which trigger a null dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1012656",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1012656"
},
{
"name": "http://www.frsirt.com/exploits/20041222.angelDust.c.php",
"refsource": "MISC",
"url": "http://www.frsirt.com/exploits/20041222.angelDust.c.php"
},
{
"name": "snort-tcpip-printing-dos(18689)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18689"
},
{
"name": "12084",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12084"
},
{
"name": "http://www.securiteam.com/exploits/6X00L20C0S.html",
"refsource": "MISC",
"url": "http://www.securiteam.com/exploits/6X00L20C0S.html"
},
{
"name": "12578",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/12578"
},
{
"name": "http://www.snort.org/arc_news/",
"refsource": "CONFIRM",
"url": "http://www.snort.org/arc_news/"
},
{
"name": "13664",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13664"
},
{
"name": "http://taosecurity.blogspot.com/2004/12/details-on-snort-dos-condition-you-may.html",
"refsource": "MISC",
"url": "http://taosecurity.blogspot.com/2004/12/details-on-snort-dos-condition-you-may.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2652",
"datePublished": "2005-12-18T22:00:00.000Z",
"dateReserved": "2005-12-18T00:00:00.000Z",
"dateUpdated": "2024-08-08T01:36:24.604Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3252 (GCVE-0-2005-3252)
Vulnerability from cvelistv5 – Published: 2005-10-18 04:00 – Updated: 2024-08-07 23:01
VLAI
Summary
Stack-based buffer overflow in the Back Orifice (BO) preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code via a crafted UDP packet.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
15 references
Date Public
2005-10-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:01:59.077Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#175500",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/175500"
},
{
"name": "20051025 Snort\u0027s BO pre-processor exploit",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0505.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=362187\u0026RenditionID="
},
{
"name": "15131",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15131"
},
{
"name": "ADV-2005-2138",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/2138"
},
{
"name": "17559",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17559"
},
{
"name": "20051018 Snort Back Orifice Parsing Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://xforce.iss.net/xforce/alerts/id/207"
},
{
"name": "20034",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/20034"
},
{
"name": "20051101 Snort Back Orifice Preprocessor Exploit (Win32 targets)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0010.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.snort.org/docs/change_logs/2.4.3/Changelog.txt"
},
{
"name": "17220",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17220"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=363396\u0026RenditionID="
},
{
"name": "TA05-291A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA05-291A.html"
},
{
"name": "1015070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015070"
},
{
"name": "17255",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17255"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-10-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the Back Orifice (BO) preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code via a crafted UDP packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-04T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#175500",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/175500"
},
{
"name": "20051025 Snort\u0027s BO pre-processor exploit",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0505.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=362187\u0026RenditionID="
},
{
"name": "15131",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15131"
},
{
"name": "ADV-2005-2138",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/2138"
},
{
"name": "17559",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17559"
},
{
"name": "20051018 Snort Back Orifice Parsing Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://xforce.iss.net/xforce/alerts/id/207"
},
{
"name": "20034",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/20034"
},
{
"name": "20051101 Snort Back Orifice Preprocessor Exploit (Win32 targets)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0010.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.snort.org/docs/change_logs/2.4.3/Changelog.txt"
},
{
"name": "17220",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17220"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=363396\u0026RenditionID="
},
{
"name": "TA05-291A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA05-291A.html"
},
{
"name": "1015070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015070"
},
{
"name": "17255",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17255"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3252",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the Back Orifice (BO) preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code via a crafted UDP packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#175500",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/175500"
},
{
"name": "20051025 Snort\u0027s BO pre-processor exploit",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0505.html"
},
{
"name": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=362187\u0026RenditionID=",
"refsource": "CONFIRM",
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=362187\u0026RenditionID="
},
{
"name": "15131",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15131"
},
{
"name": "ADV-2005-2138",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2138"
},
{
"name": "17559",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17559"
},
{
"name": "20051018 Snort Back Orifice Parsing Remote Code Execution",
"refsource": "ISS",
"url": "http://xforce.iss.net/xforce/alerts/id/207"
},
{
"name": "20034",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20034"
},
{
"name": "20051101 Snort Back Orifice Preprocessor Exploit (Win32 targets)",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0010.html"
},
{
"name": "http://www.snort.org/docs/change_logs/2.4.3/Changelog.txt",
"refsource": "CONFIRM",
"url": "http://www.snort.org/docs/change_logs/2.4.3/Changelog.txt"
},
{
"name": "17220",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17220"
},
{
"name": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=363396\u0026RenditionID=",
"refsource": "CONFIRM",
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=363396\u0026RenditionID="
},
{
"name": "TA05-291A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA05-291A.html"
},
{
"name": "1015070",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015070"
},
{
"name": "17255",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17255"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3252",
"datePublished": "2005-10-18T04:00:00.000Z",
"dateReserved": "2005-10-18T00:00:00.000Z",
"dateUpdated": "2024-08-07T23:01:59.077Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0209 (GCVE-0-2003-0209)
Vulnerability from cvelistv5 – Published: 2003-04-16 04:00 – Updated: 2024-08-08 01:43
VLAI
Summary
Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-based buffer overflow.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| http://marc.info/?l=bugtraq&m=105103586927007&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/7178 | vdb-entryx_refsource_BID |
| http://www.cert.org/advisories/CA-2003-13.html | third-party-advisoryx_refsource_CERT |
| http://marc.info/?l=bugtraq&m=105043563016235&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://marc.info/?l=bugtraq&m=105172790914107&w=2 | vendor-advisoryx_refsource_ENGARDE |
| http://www.kb.cert.org/vuls/id/139129 | third-party-advisoryx_refsource_CERT-VN |
| http://www.debian.org/security/2003/dsa-297 | vendor-advisoryx_refsource_DEBIAN |
| http://marc.info/?l=bugtraq&m=105111217731583&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRAKE |
| http://www.coresecurity.com/common/showdoc.php?id… | x_refsource_MISC |
| http://marc.info/?l=bugtraq&m=105154530427824&w=2 | mailing-listx_refsource_BUGTRAQ |
Date Public
2003-04-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:43:36.113Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20030422 GLSA: snort (200304-05)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105103586927007\u0026w=2"
},
{
"name": "7178",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7178"
},
{
"name": "CA-2003-13",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2003-13.html"
},
{
"name": "20030415 CORE-2003-0307: Snort TCP Stream Reassembly Integer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105043563016235\u0026w=2"
},
{
"name": "ESA-20030430-013",
"tags": [
"vendor-advisory",
"x_refsource_ENGARDE",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105172790914107\u0026w=2"
},
{
"name": "VU#139129",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/139129"
},
{
"name": "DSA-297",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-297"
},
{
"name": "20030423 Snort \u003c=1.9.1 exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105111217731583\u0026w=2"
},
{
"name": "MDKSA-2003:052",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:052"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/common/showdoc.php?idx=313\u0026idxseccion=10"
},
{
"name": "20030428 GLSA: snort (200304-06)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105154530427824\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-04-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20030422 GLSA: snort (200304-05)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105103586927007\u0026w=2"
},
{
"name": "7178",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7178"
},
{
"name": "CA-2003-13",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2003-13.html"
},
{
"name": "20030415 CORE-2003-0307: Snort TCP Stream Reassembly Integer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105043563016235\u0026w=2"
},
{
"name": "ESA-20030430-013",
"tags": [
"vendor-advisory",
"x_refsource_ENGARDE"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105172790914107\u0026w=2"
},
{
"name": "VU#139129",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/139129"
},
{
"name": "DSA-297",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-297"
},
{
"name": "20030423 Snort \u003c=1.9.1 exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105111217731583\u0026w=2"
},
{
"name": "MDKSA-2003:052",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:052"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/common/showdoc.php?idx=313\u0026idxseccion=10"
},
{
"name": "20030428 GLSA: snort (200304-06)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105154530427824\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0209",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20030422 GLSA: snort (200304-05)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=105103586927007\u0026w=2"
},
{
"name": "7178",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7178"
},
{
"name": "CA-2003-13",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2003-13.html"
},
{
"name": "20030415 CORE-2003-0307: Snort TCP Stream Reassembly Integer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=105043563016235\u0026w=2"
},
{
"name": "ESA-20030430-013",
"refsource": "ENGARDE",
"url": "http://marc.info/?l=bugtraq\u0026m=105172790914107\u0026w=2"
},
{
"name": "VU#139129",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/139129"
},
{
"name": "DSA-297",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-297"
},
{
"name": "20030423 Snort \u003c=1.9.1 exploit",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=105111217731583\u0026w=2"
},
{
"name": "MDKSA-2003:052",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:052"
},
{
"name": "http://www.coresecurity.com/common/showdoc.php?idx=313\u0026idxseccion=10",
"refsource": "MISC",
"url": "http://www.coresecurity.com/common/showdoc.php?idx=313\u0026idxseccion=10"
},
{
"name": "20030428 GLSA: snort (200304-06)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=105154530427824\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0209",
"datePublished": "2003-04-16T04:00:00.000Z",
"dateReserved": "2003-04-15T00:00:00.000Z",
"dateUpdated": "2024-08-08T01:43:36.113Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}