5 matches found
EUVD-2007-0253
Malware in sbrugna...
Integer overflow
Integer underflow in the DecodeGRE function in src/decode.c in Snort 2.6.1.2 allows remote attackers to trigger dereferencing of certain memory locations via crafted GRE packets, which may cause corruption of log files or writing of sensitive information into log files...
CVE-2007-0251
Integer underflow in the DecodeGRE function in src/decode.c in Snort 2.6.1.2 allows remote attackers to trigger dereferencing of certain memory locations via crafted GRE packets, which may cause corruption of log files or writing of sensitive information into log files...
CVE-2007-0251
CVE-2007-0251 affects Snort 2.6.1.2, where an integer underflow in DecodeGRE (src/decode.c) can cause dereferencing of certain memory locations when processing crafted GRE packets. This may lead to log file corruption or leakage of sensitive information into logs. Connected sources confirm the vu...
Snort GRE报文解码整数溢出漏洞
Snort是广泛部署的开放源码网络入侵检测系统(IDS)。很多其他IDS产品中也使用了Snort及其组件。 Snort的decode.c文件中DecodeGRE函数在解码GRE协议时存在整数溢出漏洞,攻击者可能利用此漏洞获取某些敏感信息。 漏洞相关代码如下: ==BEGIN CODE== ... line 3459 decode.c void DecodeGREuint8t pkt, const uint32t len, Packet p uint8t flags; uint32t hlen; / GRE header length / uint32t payloadlen;...