1. CVE-Search
  2. CVE-2009-3641
ID CVE-2009-3641
Summary Snort before 2.8.5.1, when the -v option is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted IPv6 packet that uses the (1) TCP or (2) ICMP protocol.
References
Vulnerable Configurations
  • cpe:2.3:a:snort:snort:1.6:*:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:1.8.0:*:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:1.8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:1.8.1:*:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:1.8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:1.8.2:*:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:1.8.2:*:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:1.8.3:*:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:1.8.3:*:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:1.8.4:*:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:1.8.4:*:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:1.8.5:*:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:1.8.5:*:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:1.8.6:*:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:1.8.6:*:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:1.8.7:*:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:1.8.7:*:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:1.9.0:*:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:1.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:1.9.1:*:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:1.9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:2.0:beta:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:2.0:beta:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:2.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:2.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:2.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:2.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:2.6.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:2.6.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:2.6.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:2.6.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:2.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:2.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:2.7_beta1:*:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:2.7_beta1:*:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:2.8.0:*:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:2.8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:2.8.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:2.8.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:2.8.3:*:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:2.8.3:*:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:2.8.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:2.8.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:2.8.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:2.8.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:2.8.3.4:*:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:2.8.3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:2.8.3.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:2.8.3.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:snort:snort:-:*:*:*:*:*:*:*
    cpe:2.3:a:snort:snort:-:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 17-08-2017 - 01:31)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:N/A:P
refmap via4
bid 36795
confirm
fulldisc 20091022 Snort <= 2.8.5 IPV6 Remote DoS
mlist
  • [oss-security] 20091025 CVE Request -- Snort - 2.8.5.1
  • [oss-security] 20091025 SANS: Security Thought LeadersRe: CVE Request -- Snort - 2.8.5.1
osvdb 59159
sectrack 1023076
secunia 37135
vupen ADV-2009-3014
xf snort-ipv6-dos(53912)
Last major update 17-08-2017 - 01:31
Published 28-10-2009 - 14:30
Last modified 17-08-2017 - 01:31
Back to Top