1. CVE-Search
  2. CVE-2006-5276
ID CVE-2006-5276
Summary Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 before beta 2; and Sourcefire Intrusion Sensor; allows remote attackers to execute arbitrary code via crafted SMB traffic. All affected Sourcefire Intrustion Sensor products are only vulnerable if they are used with SEUs prior to SEU 64. Upgrade to the latest version of Snort (2.6.1.3 or later), available from the Snort Web site.
References
Vulnerable Configurations
  • cpe:2.3:a:snort:snort:2.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:2.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:2.6.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:2.6.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:-:*:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:-:*:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:1.6:*:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:1.8.0:*:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:1.8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:1.8.1:*:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:1.8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:1.8.2:*:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:1.8.2:*:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:1.8.3:*:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:1.8.3:*:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:1.8.4:*:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:1.8.4:*:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:1.8.5:*:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:1.8.5:*:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:1.8.6:*:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:1.8.6:*:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:1.8.7:*:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:1.8.7:*:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:1.9.0:*:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:1.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:1.9.1:*:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:1.9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:2.0:beta:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:2.0:beta:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:2.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:2.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:2.6.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:2.6.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:2.7_beta1:*:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:2.7_beta1:*:*:*:*:*:*:*
  • cpe:2.3:a:sourcefire:intrusion_sensor:4.1:*:*:*:*:*:*:*
    cpe:2.3:a:sourcefire:intrusion_sensor:4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:sourcefire:intrusion_sensor:4.1:*:crossbeam:*:*:*:*:*
    cpe:2.3:a:sourcefire:intrusion_sensor:4.1:*:crossbeam:*:*:*:*:*
  • cpe:2.3:a:sourcefire:intrusion_sensor:4.5:*:*:*:*:*:*:*
    cpe:2.3:a:sourcefire:intrusion_sensor:4.5:*:*:*:*:*:*:*
  • cpe:2.3:a:sourcefire:intrusion_sensor:4.5:*:crossbeam:*:*:*:*:*
    cpe:2.3:a:sourcefire:intrusion_sensor:4.5:*:crossbeam:*:*:*:*:*
  • cpe:2.3:a:sourcefire:intrusion_sensor:4.6:*:*:*:*:*:*:*
    cpe:2.3:a:sourcefire:intrusion_sensor:4.6:*:*:*:*:*:*:*
  • cpe:2.3:a:sourcefire:intrusion_sensor:4.6:*:crossbeam:*:*:*:*:*
    cpe:2.3:a:sourcefire:intrusion_sensor:4.6:*:crossbeam:*:*:*:*:*
CVSS
Base: 10.0 (as of 17-10-2018 - 21:41)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bid 22616
bugtraq 20070303 ERRATA: [ GLSA 200703-01 ] Snort: Remote execution of arbitrary code
cert TA07-050A
cert-vn VU#196240
confirm
exploit-db 3362
fedora FEDORA-2007-2060
gentoo GLSA-200703-01
iss 20070219 Sourcefire Snort Remote Buffer Overflow
misc https://bugzilla.redhat.com/show_bug.cgi?id=229265
osvdb 32094
sectrack
  • 1017669
  • 1017670
secunia
  • 24190
  • 24235
  • 24239
  • 24240
  • 24272
  • 26746
vupen
  • ADV-2007-0656
  • ADV-2007-0668
xf smb-bo(31275)
saint via4
bid 22616
description Snort DCE/RPC preprocessor buffer overflow
id misc_snort
osvdb 32094
title snort_dcerpc
type remote
Last major update 17-10-2018 - 21:41
Published 20-02-2007 - 01:28
Last modified 17-10-2018 - 21:41
Back to Top