584 matches found
CVE-2006-0839
The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option lengths...
Snort 2.4.2 - Back Orifice Pre-Preprocessor Remote (3)
Snort 2.4.2 - Back Orifice Pre-Preprocessor Remote 3 / snort 2.4.0 - 2.4.2 Back Orifice Pre-Preprocessor Remote Exploit by Russell Sanford [email protected] - www.code-junkies.net include include include include include include include include include include define buffsize 1056 define COOKIE...
Snort <= 2.4.2 Back Orifice Pre-Preprocessor Remote Exploit (3)
No description provided by source. / snort 2.4.0 - 2.4.2 Back Orifice Pre-Preprocessor Remote Exploit by Russell Sanford [email protected] - www.code-junkies.net - Date: Nov 11, 2005 Discription: A buffer overflow exist in the snort pre-preprocessor designed to detect encrypted Back Orifice ping...
Snort 2.4.2 - Back Orifice Pre-Preprocessor Remote (4)
!/usr/bin/ruby -w Version 0.1 Public snort 2.4.0 - 2.4.2 Back Orifice Pre-Preprocessor Remote Exploit by xwings at mysec dot org URL : http://www.mysec.org , somebody need to update the page Saying Hi to .... . All the 1337 c0d3r @ pulltheplug.org . Gurus from rubylang @ freenode.net . Skywizard ...
Snort 2.4.2 - Back Orifice Pre-Preprocessor Remote (3)
/ snort 2.4.0 - 2.4.2 Back Orifice Pre-Preprocessor Remote Exploit by Russell Sanford [email protected] - www.code-junkies.net include include include include include include include include include include define buffsize 1056 define COOKIE "!QWTY?" typedef struct char magic8; int len; int id; char...
US-CERT Technical Cyber Security Alert TA05-291A -- Snort Back Orifice Preprocessor Buffer Overflow
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA05-291A Snort Back Orifice Preprocessor Buffer Overflow Original release date: October 18, 2005 Last revised: -- Source: US-CERT Systems Affected Snort versions 2.4.0 to 2.4.2 Sourcefire...
Internet Security Systems Protection Advisory: Snort Back Orifice Parsing Remote Code Execution
Internet Security Systems Protection Advisory October 18, 2005 Snort Back Orifice Parsing Remote Code Execution Summary: ISS X-Force has discovered a remotely exploitable vulnerability in Snort’s Back Orifice pre-processor. A stack-based overflow can be triggered with a single UDP packet, allowin...
CVE-2005-3252
CVE-2005-3252 affects Snort’s Back Orifice preprocessor up through version 2.4.3. The vulnerability is a stack-based buffer overflow in the UDP handling of the BO preprocessor, enabling remote code execution. Publicized in multiple advisories and evidenced by exploit/module entries (Metasploit an...
CVE-2005-3252
Removed by vendor...
Snort 2.4.0 < 2.4.3 - Back Orifice Pre-Preprocessor Remote (Metasploit)
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Snort Back...
Snort Back Orifice preprocessor buffer overflow
Overview A buffer overflow exists in the Snort Back Orifice preprocessor that may allow a remote, unauthenticated attacker to execute arbitrary code, possibly with elevated privileges. Description Snort is an open-source intrusion detection system IDS. A lack of validation on attacker-controlled...
snort -- Back Orifice preprocessor buffer overflow vulnerability
Jennifer Steffens reports: The Back Orifice preprocessor contains a stack-based buffer overflow. This vulnerability could be leveraged by an attacker to execute code remotely on a Snort sensor where the Back Orifice preprocessor is enabled. However, there are a number of factors that make remote...
Snort 2.x - PrintTcpOptions Remote Denial of Service
Snort 2.x - PrintTcpOptions Remote Denial of Service // source: https://www.securityfocus.com/bid/14811/info Snort is reported prone to a remote denial of service vulnerability. The vulnerability is reported to exist in the 'PrintTcpOptions' function of 'log.c', and is a result of a failure to...
Snort 2.x - PrintTcpOptions Remote Denial of Service
// source: https://www.securityfocus.com/bid/14811/info Snort is reported prone to a remote denial of service vulnerability. The vulnerability is reported to exist in the 'PrintTcpOptions' function of 'log.c', and is a result of a failure to sufficiently handle malicious TCP packets. A remote...
security flaw
Buffer overflow in the error function in preproc.c for NASM 0.98.38 1.2 allows attackers to execute arbitrary code via a crafted asm file, a different vulnerability than CVE-2005-1194...
security flaw
Buffer overflow in the exifreaddata function in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to execute arbitrary code via a long section name in an image file...
PT-2004-1043 · Debian +2 · Debian +2
Name of the Vulnerable Software and Affected Versions: nasm version 0.98.38 nasm version 1.2 Debian GNU/Linux nasm affected versions not specified Description: The issue is related to a buffer overflow in the error function in preproc.c for nasm, which allows attackers to execute arbitrary code v...
NASM 0.98.x - Error Preprocessor Directive Buffer Overflow
NASM 0.98.x - Error Preprocessor Directive Buffer Overflow source: https://www.securityfocus.com/bid/11991/info NASM is prone to a buffer overflow. This condition is exposed when the application attempts to assemble a source file that contains malformed '%error' preprocessor directive arguments...
Mandrake Linux Security Advisory : snort (MDKSA-2003:052)
An integer overflow was discovered in the Snort stream4 preprocessor by the Sourcefire Vulnerability Research Team. This preprocessor sppstream4 incorrectly calculates segment size parameters during stream reassembly for certainm sequence number ranges. This can lead to an integer overflow that c...
Mandrake Linux Security Advisory : snort (MDKSA-2003:029)
A buffer overflow was discovered in the snort RPC normalization routines by ISS-XForce which can cause snort to execute arbitrary code embedded within sniffed network packets. The rpcdecode preprocessor is enabled by default. The snort developers have released version 1.9.1 to correct this...