SUSE CVE-2006-2769

The HTTP Inspect preprocessor httpinspect in Snort 2.4.0 through 2.4.4 allows remote attackers to bypass "uricontent" rules via a carriage return \r after the URL and before the HTTP declaration...

CVE-2006-2769

The HTTP Inspect preprocessor httpinspect in Snort 2.4.0 through 2.4.4 allows remote attackers to bypass "uricontent" rules via a carriage return \r after the URL and before the HTTP declaration...

CVE-2006-2769

The HTTP Inspect preprocessor httpinspect in Snort 2.4.0 through 2.4.4 allows remote attackers to bypass "uricontent" rules via a carriage return \r after the URL and before the HTTP declaration...

Design/Logic Flaw

The HTTP Inspect preprocessor httpinspect in Snort 2.4.0 through 2.4.4 allows remote attackers to bypass "uricontent" rules via a carriage return \r after the URL and before the HTTP declaration...

CVE-2006-2769

The HTTP Inspect preprocessor httpinspect in Snort 2.4.0 through 2.4.4 allows remote attackers to bypass "uricontent" rules via a carriage return \r after the URL and before the HTTP declaration...

CVE-2006-2769

The CVE-2006-2769 issue affects Snort 2.4.0–2.4.4 and is described in connected sources as an evasion flaw in the http_inspect preprocessor. A carriage return (\r) placed after the URL and before the HTTP declaration can bypass uricontent rules, enabling remote attackers to bypass certain URL con...

CVE-2006-2769

The HTTP Inspect preprocessor httpinspect in Snort 2.4.0 through 2.4.4 allows remote attackers to bypass "uricontent" rules via a carriage return \r after the URL and before the HTTP declaration...

CVE-2006-2769

Removed by vendor...

Snort HTTP Inspect Pre-Processor Uricontent Bypass

For those of you using snort on this list, this got posted to some of the snort mailing lists this morning. http://www.demarc.com/support/downloads/patch20060531 http://www.osvdb.org/25837 "The evasion technique allows an attack to bypass detection of "uricontent" rules by adding a carriage retur...