CVE-2007-1398

The frag3 preprocessor in Snort 2.6.1.1, 2.6.1.2, and 2.7.0 beta, when configured for inline use on Linux without the ipconntrack module loaded, allows remote attackers to cause a denial of service segmentation fault and application crash via certain UDP packets produced by sendmorefragpacket and...

Code injection

The frag3 preprocessor in Snort 2.6.1.1, 2.6.1.2, and 2.7.0 beta, when configured for inline use on Linux without the ipconntrack module loaded, allows remote attackers to cause a denial of service segmentation fault and application crash via certain UDP packets produced by sendmorefragpacket and...

CVE-2007-1398

The frag3 preprocessor in Snort 2.6.1.1, 2.6.1.2, and 2.7.0 beta, when configured for inline use on Linux without the ipconntrack module loaded, allows remote attackers to cause a denial of service segmentation fault and application crash via certain UDP packets produced by sendmorefragpacket and...

CVE-2007-1398

The CVE-2007-1398 entry concerns the frag3 preprocessor in Snort relevant to inline mode on Linux without ip_conntrack. Affected versions include Snort 2.6.1.1, 2.6.1.2, and 2.7.0 beta. The underlying issue is a denial-of-service caused by certain UDP packets generated via send_morefrag_packet an...

CVE-2007-1398

Removed by vendor...

Snort 2.6.1 DCE/RPC Preprocessor Remote Buffer Overflow DoS Exploit

No description provided by source. !/usr/bin/python Snort DCE/RPC Preprocessor Buffer Overflow DoS Author: Trirat Puttaraksa http://sf-freedom.blogspot.com For educational purpose only This exploit just crash Snort 2.6.1 on Fedora Core 4. However, Code Execution may be possible, but I have no tim...

Snort: Remote execution of arbitrary code

Background Snort is a widely deployed intrusion detection program. Description The Snort DCE/RPC preprocessor does not properly reassemble certain types of fragmented SMB and DCE/RPC packets. Impact A remote attacker could send specially crafted fragmented SMB or DCE/RPC packets, without the need...

FreeBSD : snort -- DCE/RPC preprocessor vulnerability (afdf500f-c1f6-11db-95c5-000c6ec775d9)

A IBM Internet Security Systems Protection Advisory reports : Snort is vulnerable to a stack-based buffer overflow as a result of DCE/RPC reassembly. This vulnerability is in a dynamic-preprocessor enabled in the default configuration, and the configuration for this preprocessor allows for...

security flaw

Unspecified vulnerability in PHP before 5.2.1 allows attackers to "clobber" certain super-global variables via unspecified vectors...

US-CERT Technical Cyber Security Alert TA07-050A -- Sourcefire Snort DCE/RPC Preprocessor Buffer Overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA07-050A Sourcefire Snort DCE/RPC Preprocessor Buffer Overflow Original release date: February 19, 2007 Last revised: -- Source: US-CERT Systems Affected Snort 2.6.1, 2.6.1.1, and 2.6.1.2 Sno...

CVE-2006-5276

Removed by vendor...

snort -- DCE/RPC preprocessor vulnerability

A IBM Internet Security Systems Protection Advisory reports: Snort is vulnerable to a stack-based buffer overflow as a result of DCE/RPC reassembly. This vulnerability is in a dynamic-preprocessor enabled in the default configuration, and the configuration for this preprocessor allows for...

Sourcefire Snort DCE/RPC preprocessor does not properly reassemble fragmented packets

Overview A vulnerability in the Sourcefire Snort DCE/RPC preprocessor may allow a remote, unauthenticated attacker to execute arbitrary code. Description Sourcefire Snort is a widely-deployed, open-source network intrusion detection system IDS. Snort and its components are used in other IDS...

CVE-2006-2769

The CVE-2006-2769 issue affects Snort 2.4.0–2.4.4 and is described in connected sources as an evasion flaw in the http_inspect preprocessor. A carriage return (\r) placed after the URL and before the HTTP declaration can bypass uricontent rules, enabling remote attackers to bypass certain URL con...

FreeBSD : snort -- Back Orifice preprocessor buffer overflow vulnerability (97d45e95-3ffc-11da-a263-0001020eed82)

Jennifer Steffens reports : The Back Orifice preprocessor contains a stack-based buffer overflow. This vulnerability could be leveraged by an attacker to execute code remotely on a Snort sensor where the Back Orifice preprocessor is enabled. However, there are a number of factors that make remote...

CVE-2006-0839

The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option lengths...

CVE-2006-0839

The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option lengths...

Snort 2.4.2 - Back Orifice Pre-Preprocessor Remote (4)

!/usr/bin/ruby -w Version 0.1 Public snort 2.4.0 - 2.4.2 Back Orifice Pre-Preprocessor Remote Exploit by xwings at mysec dot org URL : http://www.mysec.org , somebody need to update the page Saying Hi to .... . All the 1337 c0d3r @ pulltheplug.org . Gurus from rubylang @ freenode.net . Skywizard ...

Snort 2.4.2 - Back Orifice Pre-Preprocessor Remote (3)

/ snort 2.4.0 - 2.4.2 Back Orifice Pre-Preprocessor Remote Exploit by Russell Sanford [email protected] - www.code-junkies.net include include include include include include include include include include define buffsize 1056 define COOKIE "!QWTY?" typedef struct char magic8; int len; int id; char...

Snort 2.4.2 - Back Orifice Pre-Preprocessor Remote (3)

Snort 2.4.2 - Back Orifice Pre-Preprocessor Remote 3 / snort 2.4.0 - 2.4.2 Back Orifice Pre-Preprocessor Remote Exploit by Russell Sanford [email protected] - www.code-junkies.net include include include include include include include include include include define buffsize 1056 define COOKIE...