Vulnerabilites related to sourcefire - snort
CVE-2006-0839 (GCVE-0-2006-0839)
Vulnerability from cvelistv5
Published
2006-02-22 02:00
Modified
2024-08-07 16:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option lengths.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/425290/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/16705 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/18959 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/24811 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:48:56.548Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060217 SNORT Incorrect fragmented packet reassembly",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/425290/100/0/threaded"
},
{
"name": "16705",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16705"
},
{
"name": "18959",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18959"
},
{
"name": "snort-frag3-detection-bypass(24811)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24811"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option lengths."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060217 SNORT Incorrect fragmented packet reassembly",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/425290/100/0/threaded"
},
{
"name": "16705",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16705"
},
{
"name": "18959",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18959"
},
{
"name": "snort-frag3-detection-bypass(24811)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24811"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0839",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option lengths."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060217 SNORT Incorrect fragmented packet reassembly",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/425290/100/0/threaded"
},
{
"name": "16705",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16705"
},
{
"name": "18959",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18959"
},
{
"name": "snort-frag3-detection-bypass(24811)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24811"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0839",
"datePublished": "2006-02-22T02:00:00",
"dateReserved": "2006-02-22T00:00:00",
"dateUpdated": "2024-08-07T16:48:56.548Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0209 (GCVE-0-2003-0209)
Vulnerability from cvelistv5
Published
2003-04-16 04:00
Modified
2024-08-08 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-based buffer overflow.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=105103586927007&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/7178 | vdb-entry, x_refsource_BID | |
| http://www.cert.org/advisories/CA-2003-13.html | third-party-advisory, x_refsource_CERT | |
| http://marc.info/?l=bugtraq&m=105043563016235&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://marc.info/?l=bugtraq&m=105172790914107&w=2 | vendor-advisory, x_refsource_ENGARDE | |
| http://www.kb.cert.org/vuls/id/139129 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.debian.org/security/2003/dsa-297 | vendor-advisory, x_refsource_DEBIAN | |
| http://marc.info/?l=bugtraq&m=105111217731583&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.mandriva.com/security/advisories?name=MDKSA-2003:052 | vendor-advisory, x_refsource_MANDRAKE | |
| http://www.coresecurity.com/common/showdoc.php?idx=313&idxseccion=10 | x_refsource_MISC | |
| http://marc.info/?l=bugtraq&m=105154530427824&w=2 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:43:36.113Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20030422 GLSA: snort (200304-05)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105103586927007\u0026w=2"
},
{
"name": "7178",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7178"
},
{
"name": "CA-2003-13",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2003-13.html"
},
{
"name": "20030415 CORE-2003-0307: Snort TCP Stream Reassembly Integer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105043563016235\u0026w=2"
},
{
"name": "ESA-20030430-013",
"tags": [
"vendor-advisory",
"x_refsource_ENGARDE",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105172790914107\u0026w=2"
},
{
"name": "VU#139129",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/139129"
},
{
"name": "DSA-297",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-297"
},
{
"name": "20030423 Snort \u003c=1.9.1 exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105111217731583\u0026w=2"
},
{
"name": "MDKSA-2003:052",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:052"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/common/showdoc.php?idx=313\u0026idxseccion=10"
},
{
"name": "20030428 GLSA: snort (200304-06)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105154530427824\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-04-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20030422 GLSA: snort (200304-05)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105103586927007\u0026w=2"
},
{
"name": "7178",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7178"
},
{
"name": "CA-2003-13",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2003-13.html"
},
{
"name": "20030415 CORE-2003-0307: Snort TCP Stream Reassembly Integer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105043563016235\u0026w=2"
},
{
"name": "ESA-20030430-013",
"tags": [
"vendor-advisory",
"x_refsource_ENGARDE"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105172790914107\u0026w=2"
},
{
"name": "VU#139129",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/139129"
},
{
"name": "DSA-297",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-297"
},
{
"name": "20030423 Snort \u003c=1.9.1 exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105111217731583\u0026w=2"
},
{
"name": "MDKSA-2003:052",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:052"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/common/showdoc.php?idx=313\u0026idxseccion=10"
},
{
"name": "20030428 GLSA: snort (200304-06)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105154530427824\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0209",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20030422 GLSA: snort (200304-05)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=105103586927007\u0026w=2"
},
{
"name": "7178",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7178"
},
{
"name": "CA-2003-13",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2003-13.html"
},
{
"name": "20030415 CORE-2003-0307: Snort TCP Stream Reassembly Integer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=105043563016235\u0026w=2"
},
{
"name": "ESA-20030430-013",
"refsource": "ENGARDE",
"url": "http://marc.info/?l=bugtraq\u0026m=105172790914107\u0026w=2"
},
{
"name": "VU#139129",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/139129"
},
{
"name": "DSA-297",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-297"
},
{
"name": "20030423 Snort \u003c=1.9.1 exploit",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=105111217731583\u0026w=2"
},
{
"name": "MDKSA-2003:052",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:052"
},
{
"name": "http://www.coresecurity.com/common/showdoc.php?idx=313\u0026idxseccion=10",
"refsource": "MISC",
"url": "http://www.coresecurity.com/common/showdoc.php?idx=313\u0026idxseccion=10"
},
{
"name": "20030428 GLSA: snort (200304-06)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=105154530427824\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0209",
"datePublished": "2003-04-16T04:00:00",
"dateReserved": "2003-04-15T00:00:00",
"dateUpdated": "2024-08-08T01:43:36.113Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-2769 (GCVE-0-2006-2769)
Vulnerability from cvelistv5
Published
2006-06-02 10:00
Modified
2024-08-07 17:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The HTTP Inspect preprocessor (http_inspect) in Snort 2.4.0 through 2.4.4 allows remote attackers to bypass "uricontent" rules via a carriage return (\r) after the URL and before the HTTP declaration.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:58:52.058Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060603 Re: New Snort Bypass - Patch - Bypass of Patch",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/435872/100/0/threaded"
},
{
"name": "20060602 New Snort Bypass - Patch - Bypass of Patch",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/435734/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.demarc.com/support/downloads/patch_20060531"
},
{
"name": "20766",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20766"
},
{
"name": "18200",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18200"
},
{
"name": "20413",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20413"
},
{
"name": "20060601 Snort HTTP Inspect Pre-Processor Uricontent Bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/435600/100/0/threaded"
},
{
"name": "ADV-2006-2119",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2119"
},
{
"name": "1018",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1018"
},
{
"name": "snort-uricontent-rule-bypass(26855)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26855"
},
{
"name": "25837",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/25837"
},
{
"name": "SUSE-SR:2006:014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0008.html"
},
{
"name": "1016191",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016191"
},
{
"name": "[Snort-devel] 20060531 Snort Uricontent Bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=snort-devel\u0026m=114909074311462\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.snort.org/pub-bin/snortnews.cgi#431"
},
{
"name": "20060602 Re: New Snort Bypass - Patch - Bypass of Patch",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/435797/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-05-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The HTTP Inspect preprocessor (http_inspect) in Snort 2.4.0 through 2.4.4 allows remote attackers to bypass \"uricontent\" rules via a carriage return (\\r) after the URL and before the HTTP declaration."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060603 Re: New Snort Bypass - Patch - Bypass of Patch",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/435872/100/0/threaded"
},
{
"name": "20060602 New Snort Bypass - Patch - Bypass of Patch",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/435734/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.demarc.com/support/downloads/patch_20060531"
},
{
"name": "20766",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20766"
},
{
"name": "18200",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18200"
},
{
"name": "20413",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20413"
},
{
"name": "20060601 Snort HTTP Inspect Pre-Processor Uricontent Bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/435600/100/0/threaded"
},
{
"name": "ADV-2006-2119",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2119"
},
{
"name": "1018",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1018"
},
{
"name": "snort-uricontent-rule-bypass(26855)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26855"
},
{
"name": "25837",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/25837"
},
{
"name": "SUSE-SR:2006:014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0008.html"
},
{
"name": "1016191",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016191"
},
{
"name": "[Snort-devel] 20060531 Snort Uricontent Bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=snort-devel\u0026m=114909074311462\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.snort.org/pub-bin/snortnews.cgi#431"
},
{
"name": "20060602 Re: New Snort Bypass - Patch - Bypass of Patch",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/435797/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2769",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The HTTP Inspect preprocessor (http_inspect) in Snort 2.4.0 through 2.4.4 allows remote attackers to bypass \"uricontent\" rules via a carriage return (\\r) after the URL and before the HTTP declaration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060603 Re: New Snort Bypass - Patch - Bypass of Patch",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/435872/100/0/threaded"
},
{
"name": "20060602 New Snort Bypass - Patch - Bypass of Patch",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/435734/100/0/threaded"
},
{
"name": "http://www.demarc.com/support/downloads/patch_20060531",
"refsource": "MISC",
"url": "http://www.demarc.com/support/downloads/patch_20060531"
},
{
"name": "20766",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20766"
},
{
"name": "18200",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18200"
},
{
"name": "20413",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20413"
},
{
"name": "20060601 Snort HTTP Inspect Pre-Processor Uricontent Bypass",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/435600/100/0/threaded"
},
{
"name": "ADV-2006-2119",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2119"
},
{
"name": "1018",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1018"
},
{
"name": "snort-uricontent-rule-bypass(26855)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26855"
},
{
"name": "25837",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/25837"
},
{
"name": "SUSE-SR:2006:014",
"refsource": "SUSE",
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0008.html"
},
{
"name": "1016191",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016191"
},
{
"name": "[Snort-devel] 20060531 Snort Uricontent Bypass Vulnerability",
"refsource": "MLIST",
"url": "http://marc.info/?l=snort-devel\u0026m=114909074311462\u0026w=2"
},
{
"name": "http://www.snort.org/pub-bin/snortnews.cgi#431",
"refsource": "CONFIRM",
"url": "http://www.snort.org/pub-bin/snortnews.cgi#431"
},
{
"name": "20060602 Re: New Snort Bypass - Patch - Bypass of Patch",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/435797/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-2769",
"datePublished": "2006-06-02T10:00:00",
"dateReserved": "2006-06-01T00:00:00",
"dateUpdated": "2024-08-07T17:58:52.058Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3252 (GCVE-0-2005-3252)
Vulnerability from cvelistv5
Published
2005-10-18 04:00
Modified
2024-08-07 23:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stack-based buffer overflow in the Back Orifice (BO) preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code via a crafted UDP packet.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:01:59.077Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#175500",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/175500"
},
{
"name": "20051025 Snort\u0027s BO pre-processor exploit",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0505.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=362187\u0026RenditionID="
},
{
"name": "15131",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15131"
},
{
"name": "ADV-2005-2138",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/2138"
},
{
"name": "17559",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17559"
},
{
"name": "20051018 Snort Back Orifice Parsing Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://xforce.iss.net/xforce/alerts/id/207"
},
{
"name": "20034",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/20034"
},
{
"name": "20051101 Snort Back Orifice Preprocessor Exploit (Win32 targets)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0010.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.snort.org/docs/change_logs/2.4.3/Changelog.txt"
},
{
"name": "17220",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17220"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=363396\u0026RenditionID="
},
{
"name": "TA05-291A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA05-291A.html"
},
{
"name": "1015070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015070"
},
{
"name": "17255",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17255"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-10-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the Back Orifice (BO) preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code via a crafted UDP packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-04T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#175500",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/175500"
},
{
"name": "20051025 Snort\u0027s BO pre-processor exploit",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0505.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=362187\u0026RenditionID="
},
{
"name": "15131",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15131"
},
{
"name": "ADV-2005-2138",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/2138"
},
{
"name": "17559",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17559"
},
{
"name": "20051018 Snort Back Orifice Parsing Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://xforce.iss.net/xforce/alerts/id/207"
},
{
"name": "20034",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/20034"
},
{
"name": "20051101 Snort Back Orifice Preprocessor Exploit (Win32 targets)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0010.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.snort.org/docs/change_logs/2.4.3/Changelog.txt"
},
{
"name": "17220",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17220"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=363396\u0026RenditionID="
},
{
"name": "TA05-291A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA05-291A.html"
},
{
"name": "1015070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015070"
},
{
"name": "17255",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17255"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3252",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the Back Orifice (BO) preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code via a crafted UDP packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#175500",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/175500"
},
{
"name": "20051025 Snort\u0027s BO pre-processor exploit",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0505.html"
},
{
"name": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=362187\u0026RenditionID=",
"refsource": "CONFIRM",
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=362187\u0026RenditionID="
},
{
"name": "15131",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15131"
},
{
"name": "ADV-2005-2138",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2138"
},
{
"name": "17559",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17559"
},
{
"name": "20051018 Snort Back Orifice Parsing Remote Code Execution",
"refsource": "ISS",
"url": "http://xforce.iss.net/xforce/alerts/id/207"
},
{
"name": "20034",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20034"
},
{
"name": "20051101 Snort Back Orifice Preprocessor Exploit (Win32 targets)",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0010.html"
},
{
"name": "http://www.snort.org/docs/change_logs/2.4.3/Changelog.txt",
"refsource": "CONFIRM",
"url": "http://www.snort.org/docs/change_logs/2.4.3/Changelog.txt"
},
{
"name": "17220",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17220"
},
{
"name": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=363396\u0026RenditionID=",
"refsource": "CONFIRM",
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=363396\u0026RenditionID="
},
{
"name": "TA05-291A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA05-291A.html"
},
{
"name": "1015070",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015070"
},
{
"name": "17255",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17255"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3252",
"datePublished": "2005-10-18T04:00:00",
"dateReserved": "2005-10-18T00:00:00",
"dateUpdated": "2024-08-07T23:01:59.077Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-2652 (GCVE-0-2004-2652)
Vulnerability from cvelistv5
Published
2005-12-18 22:00
Modified
2024-08-08 01:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when printing TCP/IP options using FAST output or verbose mode, allows remote attackers to cause a denial of service (crash) via packets with invalid TCP/IP options, which trigger a null dereference.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securitytracker.com/id?1012656 | vdb-entry, x_refsource_SECTRACK | |
| http://www.frsirt.com/exploits/20041222.angelDust.c.php | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/18689 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/12084 | vdb-entry, x_refsource_BID | |
| http://www.securiteam.com/exploits/6X00L20C0S.html | x_refsource_MISC | |
| http://www.osvdb.org/12578 | vdb-entry, x_refsource_OSVDB | |
| http://www.snort.org/arc_news/ | x_refsource_CONFIRM | |
| http://secunia.com/advisories/13664 | third-party-advisory, x_refsource_SECUNIA | |
| http://taosecurity.blogspot.com/2004/12/details-on-snort-dos-condition-you-may.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:36:24.604Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1012656",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1012656"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.frsirt.com/exploits/20041222.angelDust.c.php"
},
{
"name": "snort-tcpip-printing-dos(18689)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18689"
},
{
"name": "12084",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12084"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securiteam.com/exploits/6X00L20C0S.html"
},
{
"name": "12578",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/12578"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.snort.org/arc_news/"
},
{
"name": "13664",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13664"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://taosecurity.blogspot.com/2004/12/details-on-snort-dos-condition-you-may.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when printing TCP/IP options using FAST output or verbose mode, allows remote attackers to cause a denial of service (crash) via packets with invalid TCP/IP options, which trigger a null dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1012656",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1012656"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.frsirt.com/exploits/20041222.angelDust.c.php"
},
{
"name": "snort-tcpip-printing-dos(18689)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18689"
},
{
"name": "12084",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12084"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securiteam.com/exploits/6X00L20C0S.html"
},
{
"name": "12578",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/12578"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.snort.org/arc_news/"
},
{
"name": "13664",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13664"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://taosecurity.blogspot.com/2004/12/details-on-snort-dos-condition-you-may.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2652",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when printing TCP/IP options using FAST output or verbose mode, allows remote attackers to cause a denial of service (crash) via packets with invalid TCP/IP options, which trigger a null dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1012656",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1012656"
},
{
"name": "http://www.frsirt.com/exploits/20041222.angelDust.c.php",
"refsource": "MISC",
"url": "http://www.frsirt.com/exploits/20041222.angelDust.c.php"
},
{
"name": "snort-tcpip-printing-dos(18689)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18689"
},
{
"name": "12084",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12084"
},
{
"name": "http://www.securiteam.com/exploits/6X00L20C0S.html",
"refsource": "MISC",
"url": "http://www.securiteam.com/exploits/6X00L20C0S.html"
},
{
"name": "12578",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/12578"
},
{
"name": "http://www.snort.org/arc_news/",
"refsource": "CONFIRM",
"url": "http://www.snort.org/arc_news/"
},
{
"name": "13664",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13664"
},
{
"name": "http://taosecurity.blogspot.com/2004/12/details-on-snort-dos-condition-you-may.html",
"refsource": "MISC",
"url": "http://taosecurity.blogspot.com/2004/12/details-on-snort-dos-condition-you-may.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2652",
"datePublished": "2005-12-18T22:00:00",
"dateReserved": "2005-12-18T00:00:00",
"dateUpdated": "2024-08-08T01:36:24.604Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when printing TCP/IP options using FAST output or verbose mode, allows remote attackers to cause a denial of service (crash) via packets with invalid TCP/IP options, which trigger a null dereference.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sourcefire | snort | 2.1.0 | |
| sourcefire | snort | 2.1.1_rc1 | |
| sourcefire | snort | 2.1.3 | |
| sourcefire | snort | 2.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sourcefire:snort:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11C03A21-9920-44BC-AE7F-D551AA95BF2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sourcefire:snort:2.1.1_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "DCD1C39E-CF11-44F4-8ED4-5836414CEA1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sourcefire:snort:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6FDD4F38-F403-4219-A671-C6C34B2C57E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sourcefire:snort:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D52DF39F-5A63-4211-8871-6FBD72839833",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when printing TCP/IP options using FAST output or verbose mode, allows remote attackers to cause a denial of service (crash) via packets with invalid TCP/IP options, which trigger a null dereference."
}
],
"id": "CVE-2004-2652",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/13664"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://securitytracker.com/id?1012656"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://taosecurity.blogspot.com/2004/12/details-on-snort-dos-condition-you-may.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.frsirt.com/exploits/20041222.angelDust.c.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.osvdb.org/12578"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securiteam.com/exploits/6X00L20C0S.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/12084"
},
{
"source": "cve@mitre.org",
"url": "http://www.snort.org/arc_news/"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18689"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/13664"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://securitytracker.com/id?1012656"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://taosecurity.blogspot.com/2004/12/details-on-snort-dos-condition-you-may.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.frsirt.com/exploits/20041222.angelDust.c.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.osvdb.org/12578"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securiteam.com/exploits/6X00L20C0S.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/12084"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.snort.org/arc_news/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18689"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-06-02 10:18
Modified
2025-04-03 01:03
Severity ?
Summary
The HTTP Inspect preprocessor (http_inspect) in Snort 2.4.0 through 2.4.4 allows remote attackers to bypass "uricontent" rules via a carriage return (\r) after the URL and before the HTTP declaration.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sourcefire | snort | 2.4 | |
| sourcefire | snort | 2.4.1 | |
| sourcefire | snort | 2.4.2 | |
| sourcefire | snort | 2.4.3 | |
| sourcefire | snort | 2.4.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sourcefire:snort:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CAB10D25-F039-498D-880B-ACA29AF2E990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sourcefire:snort:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78C4A2D0-E47D-419B-98F2-8FB14A097DC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sourcefire:snort:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "07636BAF-C6CE-4452-B0BF-3A032D53B2C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sourcefire:snort:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "660AF80B-1512-4CD0-89B2-93658C0A12B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sourcefire:snort:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9A4A28FF-1E4F-42D0-8EA8-B23CDCDE6780",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The HTTP Inspect preprocessor (http_inspect) in Snort 2.4.0 through 2.4.4 allows remote attackers to bypass \"uricontent\" rules via a carriage return (\\r) after the URL and before the HTTP declaration."
},
{
"lang": "es",
"value": "El preprocesador HTTP Inspect (http_inspect) en Snort 2.4.0 hasta la versi\u00f3n 2.4.4 permite a atacantes remotos eludir reglas \"uricontent\" a trav\u00e9s de un retorno de carro (\\r) despu\u00e9s de la URL y antes de la declaraci\u00f3n HTTP."
}
],
"evaluatorSolution": "This vulnerability is addressed in the following product release:\r\nSnort, 2.4.4 source with uricontent patch",
"id": "CVE-2006-2769",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-06-02T10:18:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0008.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=snort-devel\u0026m=114909074311462\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20413"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20766"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/1018"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://securitytracker.com/id?1016191"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.demarc.com/support/downloads/patch_20060531"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.osvdb.org/25837"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/435600/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/435734/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/435797/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/435872/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/18200"
},
{
"source": "cve@mitre.org",
"url": "http://www.snort.org/pub-bin/snortnews.cgi#431"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/2119"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26855"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=snort-devel\u0026m=114909074311462\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20413"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20766"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/1018"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://securitytracker.com/id?1016191"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.demarc.com/support/downloads/patch_20060531"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.osvdb.org/25837"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/435600/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/435734/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/435797/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/435872/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/18200"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.snort.org/pub-bin/snortnews.cgi#431"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/2119"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26855"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-02-22 02:02
Modified
2025-04-03 01:03
Severity ?
Summary
The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option lengths.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sourcefire | snort | 2.4.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sourcefire:snort:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "660AF80B-1512-4CD0-89B2-93658C0A12B2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option lengths."
}
],
"id": "CVE-2006-0839",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-02-22T02:02:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/18959"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/425290/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/16705"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24811"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18959"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/425290/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/16705"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24811"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-10-18 21:02
Modified
2025-04-03 01:03
Severity ?
Summary
Stack-based buffer overflow in the Back Orifice (BO) preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code via a crafted UDP packet.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sourcefire | snort | 2.4.0 | |
| sourcefire | snort | 2.4.1 | |
| sourcefire | snort | 2.4.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sourcefire:snort:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F29DDB0C-701D-429C-82EE-04EB5E18FA96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sourcefire:snort:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78C4A2D0-E47D-419B-98F2-8FB14A097DC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sourcefire:snort:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "07636BAF-C6CE-4452-B0BF-3A032D53B2C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the Back Orifice (BO) preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code via a crafted UDP packet."
}
],
"id": "CVE-2005-3252",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-10-18T21:02:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0505.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0010.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/17220"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/17255"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/17559"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015070"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/175500"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/20034"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/15131"
},
{
"source": "cve@mitre.org",
"url": "http://www.snort.org/docs/change_logs/2.4.3/Changelog.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA05-291A.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2005/2138"
},
{
"source": "cve@mitre.org",
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=362187\u0026RenditionID="
},
{
"source": "cve@mitre.org",
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=363396\u0026RenditionID="
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://xforce.iss.net/xforce/alerts/id/207"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0505.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/17220"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/17255"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/17559"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/175500"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/20034"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/15131"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.snort.org/docs/change_logs/2.4.3/Changelog.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA05-291A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2005/2138"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=362187\u0026RenditionID="
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=363396\u0026RenditionID="
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://xforce.iss.net/xforce/alerts/id/207"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-05-05 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-based buffer overflow.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| smoothwall | smoothwall | 2.0_beta_4 | |
| sourcefire | snort | 1.8 | |
| sourcefire | snort | 1.8.1 | |
| sourcefire | snort | 1.8.2 | |
| sourcefire | snort | 1.8.3 | |
| sourcefire | snort | 1.8.4 | |
| sourcefire | snort | 1.8.5 | |
| sourcefire | snort | 1.8.6 | |
| sourcefire | snort | 1.8.7 | |
| sourcefire | snort | 1.9 | |
| sourcefire | snort | 1.9.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:smoothwall:smoothwall:2.0_beta_4:*:*:*:*:*:*:*",
"matchCriteriaId": "AFACAD55-4A59-40C8-9665-A0EB0615AF7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sourcefire:snort:1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "19112117-1F8B-477A-8F56-D5A3DA088909",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sourcefire:snort:1.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D195A059-BA72-4636-8093-F6F30F4DC5C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sourcefire:snort:1.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF0C881-920C-461D-B5C5-0521901AFA5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sourcefire:snort:1.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "092083FB-4C92-4C61-9F9C-86D4EF4E4590",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sourcefire:snort:1.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F0343E1B-7157-4024-9B72-3C74441D5FDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sourcefire:snort:1.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3CAB5AE0-7D15-46EB-8790-7FAEFBF8374E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sourcefire:snort:1.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AF224355-257D-419F-9C21-077CDE718AFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sourcefire:snort:1.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "35775A5D-BB95-4ACF-B44A-A8C0C966EE0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sourcefire:snort:1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "15001BBA-CF05-49C4-87EA-615BC25B1D9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sourcefire:snort:1.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "23824FEE-6160-4F4F-8531-80B8894E9F7F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-based buffer overflow."
},
{
"lang": "es",
"value": "Desbordamiento de enteros en el modulo de reensamblaje TCP (stream4) de Snort 2.0 y anteriores permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante n\u00fameros de secuencia largo en paquetes, lo que permite un desbordamiento de b\u00fafer basado en el mont\u00f3n."
}
],
"id": "CVE-2003-0209",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-05-05T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=105043563016235\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=105103586927007\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=105111217731583\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=105154530427824\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=105172790914107\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2003-13.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.coresecurity.com/common/showdoc.php?idx=313\u0026idxseccion=10"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2003/dsa-297"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/139129"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:052"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/7178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=105043563016235\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=105103586927007\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=105111217731583\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=105154530427824\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=105172790914107\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2003-13.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.coresecurity.com/common/showdoc.php?idx=313\u0026idxseccion=10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2003/dsa-297"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/139129"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/7178"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
var-200602-0404
Vulnerability from variot
The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option lengths. Snort is reportedly prone to a vulnerability that may allow malicious packets to bypass detection. Reports indicate that the Frag3 preprocessor fails to properly analyze certain packets. A successful attack can allow attackers to bypass intrusion detection and to carry out attacks against computers protected by Snort. This vulnerability affects Snort 2.4.3. Other versions may be vulnerable as well.
TITLE: Snort frag3 Preprocessor Packet Reassembly Vulnerability
SECUNIA ADVISORY ID: SA18959
VERIFY ADVISORY: http://secunia.com/advisories/18959/
CRITICAL: Moderately critical
IMPACT: Security Bypass
WHERE:
From remote
SOFTWARE: Snort 2.4.x http://secunia.com/product/5691/
DESCRIPTION: siouxsie has reported a vulnerability in Snort, which potentially can be exploited by malicious people to bypass certain security restrictions.
The vulnerability has been reported in version 2.4.3.
SOLUTION: Filter potentially malicious fragmented IP packets with a firewall.
PROVIDED AND/OR DISCOVERED BY: siouxsie
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200602-0404",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "snort",
"scope": "eq",
"trust": 1.6,
"vendor": "sourcefire",
"version": "2.4.3"
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "no",
"version": null
},
{
"model": "project snort",
"scope": "eq",
"trust": 0.3,
"vendor": "snort",
"version": "2.4.3"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-0996"
},
{
"db": "BID",
"id": "16705"
},
{
"db": "CNNVD",
"id": "CNNVD-200602-339"
},
{
"db": "NVD",
"id": "CVE-2006-0839"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Reported by",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200602-339"
}
],
"trust": 0.6
},
"cve": "CVE-2006-0839",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2006-0839",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2006-0996",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-0839",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2006-0996",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200602-339",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-0996"
},
{
"db": "CNNVD",
"id": "CNNVD-200602-339"
},
{
"db": "NVD",
"id": "CVE-2006-0839"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option lengths. Snort is reportedly prone to a vulnerability that may allow malicious packets to bypass detection. \nReports indicate that the Frag3 preprocessor fails to properly analyze certain packets. \nA successful attack can allow attackers to bypass intrusion detection and to carry out attacks against computers protected by Snort. \nThis vulnerability affects Snort 2.4.3. Other versions may be vulnerable as well. \n\nTITLE:\nSnort frag3 Preprocessor Packet Reassembly Vulnerability\n\nSECUNIA ADVISORY ID:\nSA18959\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/18959/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nSecurity Bypass\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nSnort 2.4.x\nhttp://secunia.com/product/5691/\n\nDESCRIPTION:\nsiouxsie has reported a vulnerability in Snort, which potentially can\nbe exploited by malicious people to bypass certain security\nrestrictions. \n\nThe vulnerability has been reported in version 2.4.3. \n\nSOLUTION:\nFilter potentially malicious fragmented IP packets with a firewall. \n\nPROVIDED AND/OR DISCOVERED BY:\nsiouxsie\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-0839"
},
{
"db": "CNVD",
"id": "CNVD-2006-0996"
},
{
"db": "BID",
"id": "16705"
},
{
"db": "PACKETSTORM",
"id": "44230"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "16705",
"trust": 2.5
},
{
"db": "NVD",
"id": "CVE-2006-0839",
"trust": 2.2
},
{
"db": "SECUNIA",
"id": "18959",
"trust": 1.7
},
{
"db": "CNVD",
"id": "CNVD-2006-0996",
"trust": 0.6
},
{
"db": "XF",
"id": "3",
"trust": 0.6
},
{
"db": "XF",
"id": "24811",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20060217 SNORT INCORRECT FRAGMENTED PACKET REASSEMBLY",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200602-339",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "44230",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-0996"
},
{
"db": "BID",
"id": "16705"
},
{
"db": "PACKETSTORM",
"id": "44230"
},
{
"db": "CNNVD",
"id": "CNNVD-200602-339"
},
{
"db": "NVD",
"id": "CVE-2006-0839"
}
]
},
"id": "VAR-200602-0404",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-0996"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-0996"
}
]
},
"last_update_date": "2024-11-23T21:12:56.820000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-0839"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://www.securityfocus.com/bid/16705"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/18959"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/425290/100/0/threaded"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24811"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/425290/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/24811"
},
{
"trust": 0.3,
"url": "http://www.snort.org/"
},
{
"trust": 0.3,
"url": "/archive/1/425290"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5691/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/18959/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-0996"
},
{
"db": "BID",
"id": "16705"
},
{
"db": "PACKETSTORM",
"id": "44230"
},
{
"db": "CNNVD",
"id": "CNNVD-200602-339"
},
{
"db": "NVD",
"id": "CVE-2006-0839"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2006-0996"
},
{
"db": "BID",
"id": "16705"
},
{
"db": "PACKETSTORM",
"id": "44230"
},
{
"db": "CNNVD",
"id": "CNNVD-200602-339"
},
{
"db": "NVD",
"id": "CVE-2006-0839"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-02-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2006-0996"
},
{
"date": "2006-02-17T00:00:00",
"db": "BID",
"id": "16705"
},
{
"date": "2006-03-01T03:50:51",
"db": "PACKETSTORM",
"id": "44230"
},
{
"date": "2006-02-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200602-339"
},
{
"date": "2006-02-22T02:02:00",
"db": "NVD",
"id": "CVE-2006-0839"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-02-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2006-0996"
},
{
"date": "2006-02-17T18:43:00",
"db": "BID",
"id": "16705"
},
{
"date": "2006-08-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200602-339"
},
{
"date": "2024-11-21T00:07:27.493000",
"db": "NVD",
"id": "CVE-2006-0839"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200602-339"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Snort Frag3 Processor Packet Fragment Avoidance Detection Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-0996"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "16705"
},
{
"db": "CNNVD",
"id": "CNNVD-200602-339"
}
],
"trust": 0.9
}
}