Heap overflow in Snort "stream4" preprocessor

Overview The Snort "stream4" preprocessor module contains a vulnerability that allows remote attackers to execute arbitrary code with the privileges of the user running Snort, typically root. Description Researchers at CORE Security Technologies have discovered a remotely exploitable heap overflo...

Problems with Snort-1.9.1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Problem: Snort-1.9.1 using a default snort.conf configuration does not detect certain crafted packets. Details: Snort-1.9.1 does not detect packets when the SYN,FIN and ECN echo bits set. The following is an example of a packet: 12:37:12.386797...

CVE-2003-0033

Buffer overflow in the RPC preprocessor for Snort 1.8 and 1.9.x before 1.9.1 allows remote attackers to execute arbitrary code via fragmented RPC packets...

Buffer overflow in Snort RPC preprocessor

Overview There is a buffer overflow vulnerability in the RPC preprocessing feature of Snort versions 1.8 through 1.9.0 and 2.0 beta. Description Martin Roesch, the primary Snort developer, described the vulnerability by saying:When the RPC decoder normalizes fragmented RPC records, it incorrectly...