6 matches found
SUSE CVE-2006-2769
The HTTP Inspect preprocessor httpinspect in Snort 2.4.0 through 2.4.4 allows remote attackers to bypass "uricontent" rules via a carriage return \r after the URL and before the HTTP declaration...
SuSE9 Security Update : snort (YOU Patch Number 11055)
This update fixes an evasion attack on URL parsing. The faulty code is in the httpinspect preprocessor. CVE-2006-2769 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
openSUSE 10 Security Update : snort (snort-1598)
This update fixes an evasion attack on URL parsing. The faulty code is in the httpinspect preprocessor. CVE-2006-2769 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update snort-1598. The text...
CVE-2006-2769
The HTTP Inspect preprocessor httpinspect in Snort 2.4.0 through 2.4.4 allows remote attackers to bypass "uricontent" rules via a carriage return \r after the URL and before the HTTP declaration...
CVE-2006-2769
The CVE-2006-2769 issue affects Snort 2.4.0–2.4.4 and is described in connected sources as an evasion flaw in the http_inspect preprocessor. A carriage return (\r) placed after the URL and before the HTTP declaration can bypass uricontent rules, enabling remote attackers to bypass certain URL con...
CVE-2006-2769
Removed by vendor...