CVE-2007-1398

2007-03-1022:19:00

mitre

web.nvd.nist.gov

snort

frag3 preprocessor

denial of service

vulnerability

cve-2007-1398

nvd

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

AI Score

6.5

Confidence

Low

EPSS

0.057

Percentile

93.4%

JSON

The frag3 preprocessor in Snort 2.6.1.1, 2.6.1.2, and 2.7.0 beta, when configured for inline use on Linux without the ip_conntrack module loaded, allows remote attackers to cause a denial of service (segmentation fault and application crash) via certain UDP packets produced by send_morefrag_packet and send_overlap_packet.

Affected configurations

Nvd

Node

linuxlinux_kernelia32_64-bit

AND

snortsnortMatch2.6.1.1

snortsnortMatch2.6.1.2

snortsnortMatch2.7_beta1

VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:ia32_64-bit:*:*:*:*:*
snortsnort2.6.1.1cpe:2.3:a:snort:snort:2.6.1.1:*:*:*:*:*:*:*
snortsnort2.6.1.2cpe:2.3:a:snort:snort:2.6.1.2:*:*:*:*:*:*:*
snortsnort2.7_beta1cpe:2.3:a:snort:snort:2.7_beta1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel:::ia32_64-bit:::::*
snort	snort	2.6.1.1	cpe:2.3:a:snort:snort:2.6.1.1:::::::*
snort	snort	2.6.1.2	cpe:2.3:a:snort:snort:2.6.1.2:::::::*
snort	snort	2.7_beta1	cpe:2.3:a:snort:snort:2.7_beta1:::::::*