ID CVE-2005-3252
Summary Stack-based buffer overflow in the Back Orifice (BO) preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code via a crafted UDP packet.
References
Vulnerable Configurations
  • cpe:2.3:a:sourcefire:snort:2.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:sourcefire:snort:2.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:sourcefire:snort:2.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:sourcefire:snort:2.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:sourcefire:snort:2.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:sourcefire:snort:2.4.2:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 08-03-2011 - 02:26)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bid 15131
cert TA05-291A
cert-vn VU#175500
confirm
fulldisc
  • 20051025 Snort's BO pre-processor exploit
  • 20051101 Snort Back Orifice Preprocessor Exploit (Win32 targets)
iss 20051018 Snort Back Orifice Parsing Remote Code Execution
osvdb 20034
sectrack 1015070
secunia
  • 17220
  • 17255
  • 17559
suse SUSE-SR:2005:026
vupen ADV-2005-2138
saint via4
bid 15131
description Snort Back Orifice Pre-Processor buffer overflow
id misc_snort
osvdb 20034
title snort_back_orifice
type remote
Last major update 08-03-2011 - 02:26
Published 18-10-2005 - 21:02
Back to Top