6.5 Medium
AI Score
Confidence
Low
7.1 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
0.054 Low
EPSS
Percentile
93.1%
The frag3 preprocessor in Snort 2.6.1.1, 2.6.1.2, and 2.7.0 beta, when configured for inline use on Linux without the ip_conntrack module loaded, allows remote attackers to cause a denial of service (segmentation fault and application crash) via certain UDP packets produced by send_morefrag_packet and send_overlap_packet.
CPE | Name | Operator | Version |
---|---|---|---|
snort:snort | snort | eq | 2.6.1.1 |
snort:snort | snort | eq | 2.6.1.2 |
snort:snort | snort | eq | 2.7_beta1 |