CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
97.3%
Buffer overflow in the RPC preprocessor for Snort 1.8 and 1.9.x before 1.9.1 allows remote attackers to execute arbitrary code via fragmented RPC packets.
Vendor | Product | Version | CPE |
---|---|---|---|
snort | snort | 1.8.0 | cpe:2.3:a:snort:snort:1.8.0:*:*:*:*:*:*:* |
snort | snort | 1.8.1 | cpe:2.3:a:snort:snort:1.8.1:*:*:*:*:*:*:* |
snort | snort | 1.8.2 | cpe:2.3:a:snort:snort:1.8.2:*:*:*:*:*:*:* |
snort | snort | 1.8.3 | cpe:2.3:a:snort:snort:1.8.3:*:*:*:*:*:*:* |
snort | snort | 1.8.4 | cpe:2.3:a:snort:snort:1.8.4:*:*:*:*:*:*:* |
snort | snort | 1.8.5 | cpe:2.3:a:snort:snort:1.8.5:*:*:*:*:*:*:* |
snort | snort | 1.8.6 | cpe:2.3:a:snort:snort:1.8.6:*:*:*:*:*:*:* |
snort | snort | 1.8.7 | cpe:2.3:a:snort:snort:1.8.7:*:*:*:*:*:*:* |
snort | snort | 1.9.0 | cpe:2.3:a:snort:snort:1.9.0:*:*:*:*:*:*:* |
marc.info/?l=bugtraq&m=104673386226064&w=2
marc.info/?l=bugtraq&m=104716001503409&w=2
marc.info/?l=bugtraq&m=105154530427824&w=2
www.cert.org/advisories/CA-2003-13.html
www.debian.org/security/2003/dsa-297
www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21951
www.iss.net/security_center/static/10956.php
www.kb.cert.org/vuls/id/916785
www.linuxsecurity.com/advisories/engarde_advisory-2944.html
www.mandrakesoft.com/security/advisories?name=MDKSA-2003:029
www.osvdb.org/4418
www.securityfocus.com/bid/6963