Lucene search

K

SAINT CorporationSAINT:28934E2EE6C1637FE0B15CF3B036D041

HistoryJul 09, 2007 - 12:00 a.m.

Snort DCE/RPC preprocessor buffer overflow

2007-07-0900:00:00

SAINT Corporation

my.saintcorporation.com

23

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.71 High

EPSS

Percentile

98.0%

Added: 07/09/2007
CVE: CVE-2006-5276
BID: 22616
OSVDB: 32094

Background

Snort is an open-source intrusion detection system. It includes a DCE/RPC preprocessor, which reassembles DCE/RPC traffic before it is passed to the intrusion detection engine.

Problem

A buffer overflow vulnerability in the DCE/RPC preprocessor allows remote attackers to execute arbitrary commands by chaining together multiple **WriteAndX** requests in the same TCP segment.

Resolution

Upgrade to Snort 2.6.1.3 or higher.

References

<http://www.us-cert.gov/cas/techalerts/TA07-050A.html>
<http://www.snort.org/docs/advisory-2007-02-19.html>

Limitations

Exploit works on Snort 2.6.1.1 on Windows and Snort 2.6.1.2 on Red Hat 8, and requires port 445/TCP to be open on the target.

Platforms

Windows 2000
Windows XP SP0 / Windows XP SP1
Windows XP SP2 / Windows XP
Linux

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.71 High

EPSS

Percentile

98.0%

Related for SAINT:28934E2EE6C1637FE0B15CF3B036D041

openvas6 fedora1 nessus3 canvas1 securityvulns2 cert1 cve1 gentoo1 exploitpack1 packetstorm2 checkpoint_advisories1 saint3 debiancve1 seebug1 freebsd1 ubuntucve1 exploitdb1