Lucene search

[email protected]CVE-2007-0251

HistoryJan 16, 2007 - 11:28 p.m.

CVE-2007-0251

2007-01-1623:28:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-0251

snort

integer underflow

decodegre

memory corruption

gre packets

security vulnerability

nvd

6.7 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.05 Low

EPSS

Percentile

92.8%

JSON

Integer underflow in the DecodeGRE function in src/decode.c in Snort 2.6.1.2 allows remote attackers to trigger dereferencing of certain memory locations via crafted GRE packets, which may cause corruption of log files or writing of sensitive information into log files.

CPENameOperatorVersion
snort:snortsnorteq2.6.1.2

CPE	Name	Operator	Version
snort:snort	snort	eq	2.6.1.2

References

labs.calyptix.com/advisories/CX-2007-01.txt

osvdb.org/32095

osvdb.org/33464

securityreason.com/securityalert/2165

securitytracker.com/id?1017507

www.securityfocus.com/archive/1/456598/100/0/threaded

www.securityfocus.com/bid/22004

www.snort.org/got_source/source.html

www.vupen.com/english/advisories/2007/0152

6.7 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.05 Low

EPSS

Percentile

92.8%

JSON

Related for CVE-2007-0251

prion1 debiancve1 ubuntucve1 securityvulns1 cvelist1