Immunity Canvas: SNORTRPC

Name| snortrpc ---|--- CVE| CVE-2006-5276 Exploit Pack| CANVAS Description| Snort RPC Notes| CVE Name: CVE-2006-5276 VENDOR: SourceFire Notes: This version of the exploit needs to connect to a port 139 Note that it does not need to be an actual Netbios target. Something like a netcat listener wil...

CVE-2006-5276

Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 before beta 2; and Sourcefire Intrusion Sensor; allows remote attackers to execute arbitrary code via crafted SMB traffic...

CVE-2006-5276

CVE-2006-5276 describes a stack-based buffer overflow in the DCE/RPC preprocessor of Snort (and Sourcefire IDS) that can be triggered by crafted SMB traffic to remote receivers. Affected versions include Snort before 2.6.1.3 and 2.7 before beta 2, as well as the Sourcefire Intrusion Sensor. The v...

US-CERT Technical Cyber Security Alert TA07-050A -- Sourcefire Snort DCE/RPC Preprocessor Buffer Overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA07-050A Sourcefire Snort DCE/RPC Preprocessor Buffer Overflow Original release date: February 19, 2007 Last revised: -- Source: US-CERT Systems Affected Snort 2.6.1, 2.6.1.1, and 2.6.1.2 Sno...

CVE-2006-5276

Removed by vendor...

CVE-2006-5276

Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 before beta 2; and Sourcefire Intrusion Sensor; allows remote attackers to execute arbitrary code via crafted SMB traffic...

snort -- DCE/RPC preprocessor vulnerability

A IBM Internet Security Systems Protection Advisory reports: Snort is vulnerable to a stack-based buffer overflow as a result of DCE/RPC reassembly. This vulnerability is in a dynamic-preprocessor enabled in the default configuration, and the configuration for this preprocessor allows for...

Sourcefire Snort DCE/RPC preprocessor does not properly reassemble fragmented packets

Overview A vulnerability in the Sourcefire Snort DCE/RPC preprocessor may allow a remote, unauthenticated attacker to execute arbitrary code. Description Sourcefire Snort is a widely-deployed, open-source network intrusion detection system IDS. Snort and its components are used in other IDS...

Calyptix Security Advisory CX-2007-001 - Snort 2.6.1.2 Integer Underflow Vulnerability

Calyptix Security Advisory CX-2007-001 Date: 01/11/2007 http://www.calyptix.com/ http://labs.calyptix.com/advisories/CX-2007-01.txt Overview Snort 2.6.1.2 is vulnerable to an integer underflow that allows a remote attacker to cause Snort to read beyond a specified length of memory, potentially...

[OpenPKG-SA-2006.014] OpenPKG Security Advisory (shiela)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security/ http://www.openpkg.org [email protected] [email protected] OpenPKG-SA-2006.014 25-Jul-2006 Package: shiela Vulnerability: arbitrary code execution OpenPKG...

Design/Logic Flaw

The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option lengths...

CVE-2006-0839

The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option lengths...

CVE-2006-0839

The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option lengths...

CVE-2006-0839

The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option lengths...

CVE-2006-0839

The CVE-2006-0839 entry concerns the frag3 preprocessor in Sourcefire Snort 2.4.3. It states that certain fragmented packets with IP options are not properly reassembled, which can allow remote attackers to evade detection of certain attacks (potentially related to IP option lengths). The existin...

CVE-2006-0839

Removed by vendor...

US-CERT Technical Cyber Security Alert TA05-291A -- Snort Back Orifice Preprocessor Buffer Overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA05-291A Snort Back Orifice Preprocessor Buffer Overflow Original release date: October 18, 2005 Last revised: -- Source: US-CERT Systems Affected Snort versions 2.4.0 to 2.4.2 Sourcefire...

Immunity Canvas: STINKY

Name| stinky ---|--- CVE| CVE-2005-3252 Exploit Pack| CANVAS Description| Stinky Notes| CVE Name: CVE-2005-3252 VENDOR: SourceFire Repeatability: Single shot References: http://xforce.iss.net/xforce/alerts/id/207 CVE Url: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3252 Date public...