Snort Back Orifice preprocessor buffer overflow

2005-10-18T00:00:00
ID VU:175500
Type cert
Reporter CERT
Modified 2005-11-11T06:14:00

Description

Overview

A buffer overflow exists in the Snort Back Orifice preprocessor that may allow a remote, unauthenticated attacker to execute arbitrary code, possibly with elevated privileges.

Description

Snort is an open-source intrusion detection system (IDS). A lack of validation on attacker-controlled data may allow a buffer overflow to occur in the in Snort Back Orifice preprocessor. A remote, unauthenticated attacker may be able to trigger the buffer overflow by sending a specially crafted Back Orifice ping to a vulnerable Snort installation.

To exploit this vulnerability, an attacker does not need to send packets directly to the Snort sensor. It is sufficient to send packets to any of the hosts on the network monitored by Snort.


Impact

A remote attacker can execute arbitrary code with the privileges of the Snort process, typically root or SYSTEM.


Solution

Update

This issue has been addressed in Snort version 2.4.3.


Disable Snort Back Orifice preprocessor

Disabling the Snort Back Orifice preprocessor will mitigate this vulnerability. However, without the Snort preprocessor, the Snort sensor will not detect or prevent Back Orifice traffic. Snort suggests the following steps to disable the Back Orifice preprocessor:

`The Back Orifice preprocessor can be disabled by commenting out the line "preprocessor bo" in snort.conf. This can be done in any text editor using the following procedure:

  1. Locate the line "preprocessor bo"
  2. Comment out this line by preceding it with a hash (#). The new line will look like "#preprocessor bo"
  3. Save the file
  4. Restart snort`

Vendor Information

175500

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Vendor has issued information

__ Sort by: Status Alphabetical

Expand all

Affected Unknown __ Unaffected

Javascript is disabled. Click here to view vendors.

FreeBSD, Inc.

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Vulnerable

Vendor Statement

snort is available in the FreeBSD Ports Collection. Please see <http://vuxml.freebsd.org/97d45e95-3ffc-11da-a263-0001020eed82.html> for details regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Nortel Networks, Inc.

Notified: October 18, 2005 Updated: October 19, 2005

Status

__ Vulnerable

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Please see Nortel Security Advisory Bulletin 2005006335, available from <http://nortel.com/securityadvisories>.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

SUSE Linux

Notified: October 18, 2005 Updated: October 19, 2005

Status

__ Vulnerable

Vendor Statement

We are currently fixing this issue and will release updates very soon.

As soon as the new packages are available our customers can install the fixed version of snort by using YOU Online-Update.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Snort

Notified: October 14, 2005 Updated: October 18, 2005

Status

__ Vulnerable

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Please see <http://www.snort.org/pub-bin/snortnews.cgi#99>

In addition, the following is from the Snort version 2.4.3 Release notes:

2005-10-17 - Snort 2.4.3 Released [*] Improvements * Fixed possible buffer overflow in back orifice preprocessor. * Added snort.conf options to bo preprocessor for finer control of alerting and dropping of bo traffic. * Added alert to detect the bo buffer overflow attack against snort.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

__ Sourcefire

Notified: October 14, 2005 Updated: October 26, 2005

Status

__ Vulnerable

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Sourcefire Intrusion Sensors v4.0.2 and higher are affected by this vulnerability. We do not know what versions or patches address this vulnerability. Please contact Sourcefire customer support.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Ubuntu

Notified: October 18, 2005 Updated: October 19, 2005

Status

__ Vulnerable

Vendor Statement

Snort is not officially supported in Ubuntu, the package resides in the "universe" section of the archive. The next Ubuntu release will contain a fixed version. We will gladly accept community efforts to fix it for the currently released Ubuntu versions, though.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Apple Computer, Inc.

Notified: October 18, 2005 Updated: November 09, 2005

Status

__ Not Vulnerable

Vendor Statement

Mac OS X and Mac OS X Server do not contain software affected by the issue described in this vulnerability note.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Avaya, Inc.

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Not Vulnerable

Vendor Statement

Avaya Systems products do not ship with snort BackOrafice installed, and are therefore not vulnerable to this issue.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Debian Linux

Notified: October 18, 2005 Updated: November 11, 2005

Status

__ Not Vulnerable

Vendor Statement

The vulnerable code in snort is not present in the versions shipped with Debian stable (3.1, alias sarge) and Debian oldstable (3.0, alias woody).

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

F5 Networks, Inc.

Notified: October 18, 2005 Updated: October 19, 2005

Status

__ Not Vulnerable

Vendor Statement

F5 products do not include Snort components and are not vulnerable to this issue.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Global Technology Associates

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Not Vulnerable

Vendor Statement

This vulnerability VU#175500 does not affect any GTA Firewall products.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Hitachi

Notified: October 18, 2005 Updated: October 20, 2005

Status

__ Not Vulnerable

Vendor Statement

Hitachi does not have any SNORT products.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Internet Security Systems, Inc.

Notified: October 14, 2005 Updated: October 18, 2005

Status

__ Not Vulnerable

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Intoto

Notified: October 18, 2005 Updated: November 11, 2005

Status

__ Not Vulnerable

Vendor Statement

Intoto's iGateway network security platform does not use Snort, so it is not vulnerable to the potential buffer overflow exploit described in this vulnerability note.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Juniper Networks, Inc.

Notified: October 18, 2005 Updated: October 20, 2005

Status

__ Not Vulnerable

Vendor Statement

Juniper Networks products are not susceptible to this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

NextHop Technologies, Inc.

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Not Vulnerable

Vendor Statement

NextHop Technologies does not make use of the Snort Back Orifice preprocessor in any of our products; as a result no NextHop products are susceptible to this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Openwall GNU/*/Linux

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Not Vulnerable

Vendor Statement

Openwall GNU/*/Linux is not vulnerable. We do not package Snort.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Red Hat, Inc.

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Not Vulnerable

Vendor Statement

The snort application is not shipped as part of any Red Hat Enterprise Linux distribution.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Secure Computing Network Security Division

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Not Vulnerable

Vendor Statement

Snort is not part of any Secure Computing products, so this should have no effect on us.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Stonesoft

Notified: October 18, 2005 Updated: October 20, 2005

Status

__ Not Vulnerable

Vendor Statement

Stonesoft's StoneGate IPS, Intrusion Detection and Analysis for Active Response, uses its own intrusion detection engine and does not rely on Snort code. Therefore the vulnerability in Snort's Back Orifice preprocessor does not affect Stonesoft products in any way.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Sun Microsystems, Inc.

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Not Vulnerable

Vendor Statement

Sun distributes snort-2.0.0 with Solaris Companion CD or Solaris Operating System Freeware site: <http://www.sun.com/software/solaris/freeware/>. snort-2.0.0 is not affected by this vulnerability.

Also Sun's Java Desktop System (JDS) for Linux does not contain snort and is not vulnerable.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Watchguard Technologies, Inc.

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Not Vulnerable

Vendor Statement

WatchGuard is not effected by this issue.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ 3com, Inc.

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ AT&T

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Alcatel

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Avici Systems, Inc.

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Borderware Technologies

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Bro

Notified: November 11, 2005 Updated: November 11, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ CIAC

Notified: November 11, 2005 Updated: November 11, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Charlotte's Web Networks

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Check Point Software Technologies

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Check Point is acquiring Sourcefire.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

__ Chiaro Networks, Inc.

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Cisco Systems, Inc.

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Computer Associates

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Computer Associates eTrust Security Management

Notified: November 11, 2005 Updated: November 10, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Conectiva Inc.

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Cray Inc.

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ D-Link Systems, Inc.

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Data Connection, Ltd.

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ EMC, Inc. (formerly Data General Corporation)

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Engarde Secure Linux

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Enterasys Networks

Notified: November 11, 2005 Updated: November 10, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Ericsson

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Extreme Networks

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Fedora Project

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Force10 Networks, Inc.

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Fortinet, Inc.

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Foundry Networks, Inc.

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Fujitsu

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ GNU netfilter

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Gentoo Linux

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Hewlett-Packard Company

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Hyperchip

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ IBM Corporation

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ IP Filter

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Immunix Communications, Inc.

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Ingrian Networks, Inc.

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Intel Corporation

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Linksys (A division of Cisco Systems)

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Lucent Technologies

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Luminous Networks

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Mandriva, Inc.

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ McAfee

Notified: November 11, 2005 Updated: November 10, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Microsoft Corporation

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ MontaVista Software, Inc.

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Multinet (owned Process Software Corporation)

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Multitech, Inc.

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ NEC Corporation

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ NetBSD

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Network Appliance, Inc.

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Novell, Inc.

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ OpenBSD

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ QNX, Software Systems, Inc.

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Redback Networks, Inc.

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Riverstone Networks, Inc.

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Sequent Computer Systems, Inc.

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Silicon Graphics, Inc.

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Slackware Linux Inc.

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Sony Corporation

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Symantec, Inc.

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ The SCO Group

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ TippingPoint, Technologies, Inc.

Notified: November 11, 2005 Updated: November 10, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Trustix Secure Linux

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Turbolinux

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Unisys

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ Wind River Systems, Inc.

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ ZyXEL

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

__ eSoft, Inc.

Notified: October 18, 2005 Updated: October 18, 2005

Status

__ Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

CVSS Metrics

Group | Score | Vector
---|---|---
Base | N/A | N/A
Temporal | N/A | N/A
Environmental | | N/A

References

  • <http://www.snort.org/pub-bin/snortnews.cgi#99>
  • <http://www.snort.org/docs/change_logs/2.4.3/Changelog.txt>
  • <http://www.snort.org/docs/snort_htmanuals/htmanual_2.4/node11.html#SECTION00310000000000000000>
  • <http://xforce.iss.net/xforce/alerts/id/207>
  • <http://secunia.com/advisories/17220/>

Credit

This vulnerability was researched and reported by Internet Security Systems (ISS).

This document was written by Art Manion and Jeff Gennari.

Other Information

CVE IDs: | CVE-2005-3252
---|---
Severity Metric:** | 31.05
Date Public:
| 2005-10-18
Date First Published: | 2005-10-18
Date Last Updated: | 2005-11-11 06:14 UTC
Document Revision: | 37