CVE-2017-6657
Cisco Sourcefire Snort 3.0 before build 233 mishandles Ether Type Validation, allowing crafted packets with IP protocol numbers in the ether type field to confuse the Snort++ decoder. Affected decoders include gre, llc, trans_bridge, ciscometadata, linux_sll, and token_ring; the fix adds a check ...