Search criteria
8 vulnerabilities by sourcefire
CVE-2010-2306 (GCVE-0-2010-2306)
Vulnerability from cvelistv5 – Published: 2010-06-16 20:00 – Updated: 2024-08-07 02:32
VLAI?
Summary
The default installation of Sourcefire 3D Sensor 1000, 2000, and 9900; and Defense Center 1000; uses the same static, private SSL keys for multiple devices and installations, which allows remote attackers to decrypt SSL traffic via a man-in-the-middle (MITM) attack.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:32:15.528Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "65470",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/65470"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.sourcefire.com/notices/notice/1437"
},
{
"name": "40143",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40143"
},
{
"name": "1024092",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024092"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-107/"
},
{
"name": "ADV-2010-1438",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1438"
},
{
"name": "20100610 ZDI-10-107: Multiple Sourcefire Products Static Web SSL Keys Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/511792/100/0/threaded"
},
{
"name": "sourcefire3d-ssl-mitm(59380)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59380"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-06-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The default installation of Sourcefire 3D Sensor 1000, 2000, and 9900; and Defense Center 1000; uses the same static, private SSL keys for multiple devices and installations, which allows remote attackers to decrypt SSL traffic via a man-in-the-middle (MITM) attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "65470",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/65470"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.sourcefire.com/notices/notice/1437"
},
{
"name": "40143",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40143"
},
{
"name": "1024092",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024092"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-107/"
},
{
"name": "ADV-2010-1438",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1438"
},
{
"name": "20100610 ZDI-10-107: Multiple Sourcefire Products Static Web SSL Keys Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/511792/100/0/threaded"
},
{
"name": "sourcefire3d-ssl-mitm(59380)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59380"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2306",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The default installation of Sourcefire 3D Sensor 1000, 2000, and 9900; and Defense Center 1000; uses the same static, private SSL keys for multiple devices and installations, which allows remote attackers to decrypt SSL traffic via a man-in-the-middle (MITM) attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "65470",
"refsource": "OSVDB",
"url": "http://osvdb.org/65470"
},
{
"name": "https://support.sourcefire.com/notices/notice/1437",
"refsource": "MISC",
"url": "https://support.sourcefire.com/notices/notice/1437"
},
{
"name": "40143",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40143"
},
{
"name": "1024092",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024092"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-10-107/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-107/"
},
{
"name": "ADV-2010-1438",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1438"
},
{
"name": "20100610 ZDI-10-107: Multiple Sourcefire Products Static Web SSL Keys Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/511792/100/0/threaded"
},
{
"name": "sourcefire3d-ssl-mitm(59380)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59380"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-2306",
"datePublished": "2010-06-16T20:00:00",
"dateReserved": "2010-06-16T00:00:00",
"dateUpdated": "2024-08-07T02:32:15.528Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-2344 (GCVE-0-2009-2344)
Vulnerability from cvelistv5 – Published: 2009-07-07 19:00 – Updated: 2024-08-07 05:44
VLAI?
Summary
The web-based management interfaces in Sourcefire Defense Center (DC) and 3D Sensor before 4.8.2 allow remote authenticated users to gain privileges via a $admin value for the admin parameter in an edit action to admin/user/user.cgi and unspecified other components.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:44:55.955Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "35658",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35658"
},
{
"name": "1022500",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022500"
},
{
"name": "9074",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/9074"
},
{
"name": "20090701 Sourcefire 3D Sensor and DC, privilege escalation vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/504694/100/0/threaded"
},
{
"name": "ADV-2009-1785",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1785"
},
{
"name": "35553",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35553"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-07-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The web-based management interfaces in Sourcefire Defense Center (DC) and 3D Sensor before 4.8.2 allow remote authenticated users to gain privileges via a $admin value for the admin parameter in an edit action to admin/user/user.cgi and unspecified other components."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "35658",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35658"
},
{
"name": "1022500",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022500"
},
{
"name": "9074",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/9074"
},
{
"name": "20090701 Sourcefire 3D Sensor and DC, privilege escalation vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/504694/100/0/threaded"
},
{
"name": "ADV-2009-1785",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1785"
},
{
"name": "35553",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35553"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2344",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The web-based management interfaces in Sourcefire Defense Center (DC) and 3D Sensor before 4.8.2 allow remote authenticated users to gain privileges via a $admin value for the admin parameter in an edit action to admin/user/user.cgi and unspecified other components."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "35658",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35658"
},
{
"name": "1022500",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022500"
},
{
"name": "9074",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/9074"
},
{
"name": "20090701 Sourcefire 3D Sensor and DC, privilege escalation vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/504694/100/0/threaded"
},
{
"name": "ADV-2009-1785",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1785"
},
{
"name": "35553",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35553"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-2344",
"datePublished": "2009-07-07T19:00:00",
"dateReserved": "2009-07-07T00:00:00",
"dateUpdated": "2024-08-07T05:44:55.955Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5276 (GCVE-0-2006-5276)
Vulnerability from cvelistv5 – Published: 2007-02-20 00:00 – Updated: 2024-08-07 19:48
VLAI?
Summary
Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 before beta 2; and Sourcefire Intrusion Sensor; allows remote attackers to execute arbitrary code via crafted SMB traffic.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:48:28.530Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "TA07-050A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-050A.html"
},
{
"name": "VU#196240",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/196240"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www116.nortelnetworks.com/pub/repository/CLARIFY/DOCUMENT/2007/08/021923-01.pdf"
},
{
"name": "GLSA-200703-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200703-01.xml"
},
{
"name": "26746",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26746"
},
{
"name": "20070303 ERRATA: [ GLSA 200703-01 ] Snort: Remote execution of arbitrary code",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/461810/100/0/threaded"
},
{
"name": "24190",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24190"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.snort.org/docs/advisory-2007-02-19.html"
},
{
"name": "24239",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24239"
},
{
"name": "24272",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24272"
},
{
"name": "ADV-2007-0656",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0656"
},
{
"name": "smb-bo(31275)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31275"
},
{
"name": "FEDORA-2007-2060",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://fedoranews.org/updates/FEDORA-2007-206.shtml"
},
{
"name": "ADV-2007-0668",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0668"
},
{
"name": "32094",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/32094"
},
{
"name": "24235",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24235"
},
{
"name": "1017670",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017670"
},
{
"name": "24240",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24240"
},
{
"name": "20070219 Sourcefire Snort Remote Buffer Overflow",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://iss.net/threats/257.html"
},
{
"name": "22616",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22616"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=540173"
},
{
"name": "3362",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/3362"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=229265"
},
{
"name": "1017669",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017669"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 before beta 2; and Sourcefire Intrusion Sensor; allows remote attackers to execute arbitrary code via crafted SMB traffic."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "TA07-050A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-050A.html"
},
{
"name": "VU#196240",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/196240"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www116.nortelnetworks.com/pub/repository/CLARIFY/DOCUMENT/2007/08/021923-01.pdf"
},
{
"name": "GLSA-200703-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200703-01.xml"
},
{
"name": "26746",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26746"
},
{
"name": "20070303 ERRATA: [ GLSA 200703-01 ] Snort: Remote execution of arbitrary code",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/461810/100/0/threaded"
},
{
"name": "24190",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24190"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.snort.org/docs/advisory-2007-02-19.html"
},
{
"name": "24239",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24239"
},
{
"name": "24272",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24272"
},
{
"name": "ADV-2007-0656",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0656"
},
{
"name": "smb-bo(31275)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31275"
},
{
"name": "FEDORA-2007-2060",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://fedoranews.org/updates/FEDORA-2007-206.shtml"
},
{
"name": "ADV-2007-0668",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0668"
},
{
"name": "32094",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/32094"
},
{
"name": "24235",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24235"
},
{
"name": "1017670",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017670"
},
{
"name": "24240",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24240"
},
{
"name": "20070219 Sourcefire Snort Remote Buffer Overflow",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://iss.net/threats/257.html"
},
{
"name": "22616",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22616"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=540173"
},
{
"name": "3362",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/3362"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=229265"
},
{
"name": "1017669",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017669"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5276",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 before beta 2; and Sourcefire Intrusion Sensor; allows remote attackers to execute arbitrary code via crafted SMB traffic."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "TA07-050A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-050A.html"
},
{
"name": "VU#196240",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/196240"
},
{
"name": "http://www116.nortelnetworks.com/pub/repository/CLARIFY/DOCUMENT/2007/08/021923-01.pdf",
"refsource": "CONFIRM",
"url": "http://www116.nortelnetworks.com/pub/repository/CLARIFY/DOCUMENT/2007/08/021923-01.pdf"
},
{
"name": "GLSA-200703-01",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200703-01.xml"
},
{
"name": "26746",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26746"
},
{
"name": "20070303 ERRATA: [ GLSA 200703-01 ] Snort: Remote execution of arbitrary code",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/461810/100/0/threaded"
},
{
"name": "24190",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24190"
},
{
"name": "http://www.snort.org/docs/advisory-2007-02-19.html",
"refsource": "CONFIRM",
"url": "http://www.snort.org/docs/advisory-2007-02-19.html"
},
{
"name": "24239",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24239"
},
{
"name": "24272",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24272"
},
{
"name": "ADV-2007-0656",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0656"
},
{
"name": "smb-bo(31275)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31275"
},
{
"name": "FEDORA-2007-2060",
"refsource": "FEDORA",
"url": "http://fedoranews.org/updates/FEDORA-2007-206.shtml"
},
{
"name": "ADV-2007-0668",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0668"
},
{
"name": "32094",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/32094"
},
{
"name": "24235",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24235"
},
{
"name": "1017670",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017670"
},
{
"name": "24240",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24240"
},
{
"name": "20070219 Sourcefire Snort Remote Buffer Overflow",
"refsource": "ISS",
"url": "http://iss.net/threats/257.html"
},
{
"name": "22616",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22616"
},
{
"name": "http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=540173",
"refsource": "CONFIRM",
"url": "http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=540173"
},
{
"name": "3362",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3362"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=229265",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=229265"
},
{
"name": "1017669",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017669"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5276",
"datePublished": "2007-02-20T00:00:00",
"dateReserved": "2006-10-13T00:00:00",
"dateUpdated": "2024-08-07T19:48:28.530Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-2769 (GCVE-0-2006-2769)
Vulnerability from cvelistv5 – Published: 2006-06-02 10:00 – Updated: 2024-08-07 17:58
VLAI?
Summary
The HTTP Inspect preprocessor (http_inspect) in Snort 2.4.0 through 2.4.4 allows remote attackers to bypass "uricontent" rules via a carriage return (\r) after the URL and before the HTTP declaration.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:58:52.058Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060603 Re: New Snort Bypass - Patch - Bypass of Patch",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/435872/100/0/threaded"
},
{
"name": "20060602 New Snort Bypass - Patch - Bypass of Patch",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/435734/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.demarc.com/support/downloads/patch_20060531"
},
{
"name": "20766",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20766"
},
{
"name": "18200",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18200"
},
{
"name": "20413",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20413"
},
{
"name": "20060601 Snort HTTP Inspect Pre-Processor Uricontent Bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/435600/100/0/threaded"
},
{
"name": "ADV-2006-2119",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2119"
},
{
"name": "1018",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1018"
},
{
"name": "snort-uricontent-rule-bypass(26855)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26855"
},
{
"name": "25837",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/25837"
},
{
"name": "SUSE-SR:2006:014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0008.html"
},
{
"name": "1016191",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016191"
},
{
"name": "[Snort-devel] 20060531 Snort Uricontent Bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=snort-devel\u0026m=114909074311462\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.snort.org/pub-bin/snortnews.cgi#431"
},
{
"name": "20060602 Re: New Snort Bypass - Patch - Bypass of Patch",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/435797/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-05-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The HTTP Inspect preprocessor (http_inspect) in Snort 2.4.0 through 2.4.4 allows remote attackers to bypass \"uricontent\" rules via a carriage return (\\r) after the URL and before the HTTP declaration."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060603 Re: New Snort Bypass - Patch - Bypass of Patch",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/435872/100/0/threaded"
},
{
"name": "20060602 New Snort Bypass - Patch - Bypass of Patch",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/435734/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.demarc.com/support/downloads/patch_20060531"
},
{
"name": "20766",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20766"
},
{
"name": "18200",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18200"
},
{
"name": "20413",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20413"
},
{
"name": "20060601 Snort HTTP Inspect Pre-Processor Uricontent Bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/435600/100/0/threaded"
},
{
"name": "ADV-2006-2119",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2119"
},
{
"name": "1018",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1018"
},
{
"name": "snort-uricontent-rule-bypass(26855)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26855"
},
{
"name": "25837",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/25837"
},
{
"name": "SUSE-SR:2006:014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0008.html"
},
{
"name": "1016191",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016191"
},
{
"name": "[Snort-devel] 20060531 Snort Uricontent Bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=snort-devel\u0026m=114909074311462\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.snort.org/pub-bin/snortnews.cgi#431"
},
{
"name": "20060602 Re: New Snort Bypass - Patch - Bypass of Patch",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/435797/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2769",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The HTTP Inspect preprocessor (http_inspect) in Snort 2.4.0 through 2.4.4 allows remote attackers to bypass \"uricontent\" rules via a carriage return (\\r) after the URL and before the HTTP declaration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060603 Re: New Snort Bypass - Patch - Bypass of Patch",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/435872/100/0/threaded"
},
{
"name": "20060602 New Snort Bypass - Patch - Bypass of Patch",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/435734/100/0/threaded"
},
{
"name": "http://www.demarc.com/support/downloads/patch_20060531",
"refsource": "MISC",
"url": "http://www.demarc.com/support/downloads/patch_20060531"
},
{
"name": "20766",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20766"
},
{
"name": "18200",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18200"
},
{
"name": "20413",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20413"
},
{
"name": "20060601 Snort HTTP Inspect Pre-Processor Uricontent Bypass",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/435600/100/0/threaded"
},
{
"name": "ADV-2006-2119",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2119"
},
{
"name": "1018",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1018"
},
{
"name": "snort-uricontent-rule-bypass(26855)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26855"
},
{
"name": "25837",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/25837"
},
{
"name": "SUSE-SR:2006:014",
"refsource": "SUSE",
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0008.html"
},
{
"name": "1016191",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016191"
},
{
"name": "[Snort-devel] 20060531 Snort Uricontent Bypass Vulnerability",
"refsource": "MLIST",
"url": "http://marc.info/?l=snort-devel\u0026m=114909074311462\u0026w=2"
},
{
"name": "http://www.snort.org/pub-bin/snortnews.cgi#431",
"refsource": "CONFIRM",
"url": "http://www.snort.org/pub-bin/snortnews.cgi#431"
},
{
"name": "20060602 Re: New Snort Bypass - Patch - Bypass of Patch",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/435797/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-2769",
"datePublished": "2006-06-02T10:00:00",
"dateReserved": "2006-06-01T00:00:00",
"dateUpdated": "2024-08-07T17:58:52.058Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0839 (GCVE-0-2006-0839)
Vulnerability from cvelistv5 – Published: 2006-02-22 02:00 – Updated: 2024-08-07 16:48
VLAI?
Summary
The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option lengths.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:48:56.548Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060217 SNORT Incorrect fragmented packet reassembly",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/425290/100/0/threaded"
},
{
"name": "16705",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16705"
},
{
"name": "18959",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18959"
},
{
"name": "snort-frag3-detection-bypass(24811)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24811"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option lengths."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060217 SNORT Incorrect fragmented packet reassembly",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/425290/100/0/threaded"
},
{
"name": "16705",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16705"
},
{
"name": "18959",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18959"
},
{
"name": "snort-frag3-detection-bypass(24811)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24811"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0839",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option lengths."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060217 SNORT Incorrect fragmented packet reassembly",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/425290/100/0/threaded"
},
{
"name": "16705",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16705"
},
{
"name": "18959",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18959"
},
{
"name": "snort-frag3-detection-bypass(24811)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24811"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0839",
"datePublished": "2006-02-22T02:00:00",
"dateReserved": "2006-02-22T00:00:00",
"dateUpdated": "2024-08-07T16:48:56.548Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-2652 (GCVE-0-2004-2652)
Vulnerability from cvelistv5 – Published: 2005-12-18 22:00 – Updated: 2024-08-08 01:36
VLAI?
Summary
The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when printing TCP/IP options using FAST output or verbose mode, allows remote attackers to cause a denial of service (crash) via packets with invalid TCP/IP options, which trigger a null dereference.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:36:24.604Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1012656",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1012656"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.frsirt.com/exploits/20041222.angelDust.c.php"
},
{
"name": "snort-tcpip-printing-dos(18689)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18689"
},
{
"name": "12084",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12084"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securiteam.com/exploits/6X00L20C0S.html"
},
{
"name": "12578",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/12578"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.snort.org/arc_news/"
},
{
"name": "13664",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13664"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://taosecurity.blogspot.com/2004/12/details-on-snort-dos-condition-you-may.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when printing TCP/IP options using FAST output or verbose mode, allows remote attackers to cause a denial of service (crash) via packets with invalid TCP/IP options, which trigger a null dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1012656",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1012656"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.frsirt.com/exploits/20041222.angelDust.c.php"
},
{
"name": "snort-tcpip-printing-dos(18689)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18689"
},
{
"name": "12084",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12084"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securiteam.com/exploits/6X00L20C0S.html"
},
{
"name": "12578",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/12578"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.snort.org/arc_news/"
},
{
"name": "13664",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13664"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://taosecurity.blogspot.com/2004/12/details-on-snort-dos-condition-you-may.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2652",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when printing TCP/IP options using FAST output or verbose mode, allows remote attackers to cause a denial of service (crash) via packets with invalid TCP/IP options, which trigger a null dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1012656",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1012656"
},
{
"name": "http://www.frsirt.com/exploits/20041222.angelDust.c.php",
"refsource": "MISC",
"url": "http://www.frsirt.com/exploits/20041222.angelDust.c.php"
},
{
"name": "snort-tcpip-printing-dos(18689)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18689"
},
{
"name": "12084",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12084"
},
{
"name": "http://www.securiteam.com/exploits/6X00L20C0S.html",
"refsource": "MISC",
"url": "http://www.securiteam.com/exploits/6X00L20C0S.html"
},
{
"name": "12578",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/12578"
},
{
"name": "http://www.snort.org/arc_news/",
"refsource": "CONFIRM",
"url": "http://www.snort.org/arc_news/"
},
{
"name": "13664",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13664"
},
{
"name": "http://taosecurity.blogspot.com/2004/12/details-on-snort-dos-condition-you-may.html",
"refsource": "MISC",
"url": "http://taosecurity.blogspot.com/2004/12/details-on-snort-dos-condition-you-may.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2652",
"datePublished": "2005-12-18T22:00:00",
"dateReserved": "2005-12-18T00:00:00",
"dateUpdated": "2024-08-08T01:36:24.604Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3252 (GCVE-0-2005-3252)
Vulnerability from cvelistv5 – Published: 2005-10-18 04:00 – Updated: 2024-08-07 23:01
VLAI?
Summary
Stack-based buffer overflow in the Back Orifice (BO) preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code via a crafted UDP packet.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:01:59.077Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#175500",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/175500"
},
{
"name": "20051025 Snort\u0027s BO pre-processor exploit",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0505.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=362187\u0026RenditionID="
},
{
"name": "15131",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15131"
},
{
"name": "ADV-2005-2138",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/2138"
},
{
"name": "17559",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17559"
},
{
"name": "20051018 Snort Back Orifice Parsing Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://xforce.iss.net/xforce/alerts/id/207"
},
{
"name": "20034",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/20034"
},
{
"name": "20051101 Snort Back Orifice Preprocessor Exploit (Win32 targets)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0010.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.snort.org/docs/change_logs/2.4.3/Changelog.txt"
},
{
"name": "17220",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17220"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=363396\u0026RenditionID="
},
{
"name": "TA05-291A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA05-291A.html"
},
{
"name": "1015070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015070"
},
{
"name": "17255",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17255"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-10-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the Back Orifice (BO) preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code via a crafted UDP packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-04T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#175500",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/175500"
},
{
"name": "20051025 Snort\u0027s BO pre-processor exploit",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0505.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=362187\u0026RenditionID="
},
{
"name": "15131",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15131"
},
{
"name": "ADV-2005-2138",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/2138"
},
{
"name": "17559",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17559"
},
{
"name": "20051018 Snort Back Orifice Parsing Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://xforce.iss.net/xforce/alerts/id/207"
},
{
"name": "20034",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/20034"
},
{
"name": "20051101 Snort Back Orifice Preprocessor Exploit (Win32 targets)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0010.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.snort.org/docs/change_logs/2.4.3/Changelog.txt"
},
{
"name": "17220",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17220"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=363396\u0026RenditionID="
},
{
"name": "TA05-291A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA05-291A.html"
},
{
"name": "1015070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015070"
},
{
"name": "17255",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17255"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3252",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the Back Orifice (BO) preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code via a crafted UDP packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#175500",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/175500"
},
{
"name": "20051025 Snort\u0027s BO pre-processor exploit",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0505.html"
},
{
"name": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=362187\u0026RenditionID=",
"refsource": "CONFIRM",
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=362187\u0026RenditionID="
},
{
"name": "15131",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15131"
},
{
"name": "ADV-2005-2138",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2138"
},
{
"name": "17559",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17559"
},
{
"name": "20051018 Snort Back Orifice Parsing Remote Code Execution",
"refsource": "ISS",
"url": "http://xforce.iss.net/xforce/alerts/id/207"
},
{
"name": "20034",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20034"
},
{
"name": "20051101 Snort Back Orifice Preprocessor Exploit (Win32 targets)",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0010.html"
},
{
"name": "http://www.snort.org/docs/change_logs/2.4.3/Changelog.txt",
"refsource": "CONFIRM",
"url": "http://www.snort.org/docs/change_logs/2.4.3/Changelog.txt"
},
{
"name": "17220",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17220"
},
{
"name": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=363396\u0026RenditionID=",
"refsource": "CONFIRM",
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=363396\u0026RenditionID="
},
{
"name": "TA05-291A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA05-291A.html"
},
{
"name": "1015070",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015070"
},
{
"name": "17255",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17255"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3252",
"datePublished": "2005-10-18T04:00:00",
"dateReserved": "2005-10-18T00:00:00",
"dateUpdated": "2024-08-07T23:01:59.077Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0209 (GCVE-0-2003-0209)
Vulnerability from cvelistv5 – Published: 2003-04-16 04:00 – Updated: 2024-08-08 01:43
VLAI?
Summary
Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-based buffer overflow.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:43:36.113Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20030422 GLSA: snort (200304-05)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105103586927007\u0026w=2"
},
{
"name": "7178",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7178"
},
{
"name": "CA-2003-13",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2003-13.html"
},
{
"name": "20030415 CORE-2003-0307: Snort TCP Stream Reassembly Integer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105043563016235\u0026w=2"
},
{
"name": "ESA-20030430-013",
"tags": [
"vendor-advisory",
"x_refsource_ENGARDE",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105172790914107\u0026w=2"
},
{
"name": "VU#139129",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/139129"
},
{
"name": "DSA-297",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-297"
},
{
"name": "20030423 Snort \u003c=1.9.1 exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105111217731583\u0026w=2"
},
{
"name": "MDKSA-2003:052",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:052"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/common/showdoc.php?idx=313\u0026idxseccion=10"
},
{
"name": "20030428 GLSA: snort (200304-06)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105154530427824\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-04-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20030422 GLSA: snort (200304-05)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105103586927007\u0026w=2"
},
{
"name": "7178",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7178"
},
{
"name": "CA-2003-13",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2003-13.html"
},
{
"name": "20030415 CORE-2003-0307: Snort TCP Stream Reassembly Integer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105043563016235\u0026w=2"
},
{
"name": "ESA-20030430-013",
"tags": [
"vendor-advisory",
"x_refsource_ENGARDE"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105172790914107\u0026w=2"
},
{
"name": "VU#139129",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/139129"
},
{
"name": "DSA-297",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-297"
},
{
"name": "20030423 Snort \u003c=1.9.1 exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105111217731583\u0026w=2"
},
{
"name": "MDKSA-2003:052",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:052"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/common/showdoc.php?idx=313\u0026idxseccion=10"
},
{
"name": "20030428 GLSA: snort (200304-06)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105154530427824\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0209",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20030422 GLSA: snort (200304-05)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=105103586927007\u0026w=2"
},
{
"name": "7178",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7178"
},
{
"name": "CA-2003-13",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2003-13.html"
},
{
"name": "20030415 CORE-2003-0307: Snort TCP Stream Reassembly Integer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=105043563016235\u0026w=2"
},
{
"name": "ESA-20030430-013",
"refsource": "ENGARDE",
"url": "http://marc.info/?l=bugtraq\u0026m=105172790914107\u0026w=2"
},
{
"name": "VU#139129",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/139129"
},
{
"name": "DSA-297",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-297"
},
{
"name": "20030423 Snort \u003c=1.9.1 exploit",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=105111217731583\u0026w=2"
},
{
"name": "MDKSA-2003:052",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:052"
},
{
"name": "http://www.coresecurity.com/common/showdoc.php?idx=313\u0026idxseccion=10",
"refsource": "MISC",
"url": "http://www.coresecurity.com/common/showdoc.php?idx=313\u0026idxseccion=10"
},
{
"name": "20030428 GLSA: snort (200304-06)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=105154530427824\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0209",
"datePublished": "2003-04-16T04:00:00",
"dateReserved": "2003-04-15T00:00:00",
"dateUpdated": "2024-08-08T01:43:36.113Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}