Search...

snort multiple bugs

2003-04-18T00:00:00

ID SECURITYVULNS:VULN:2743
Type securityvulns
Reporter BUGTRAQ
Modified 2003-04-18T00:00:00

Description

Integer overflow during TCP stream processing leads to heap overflow. Heap overflow in stream4 filter.

JSON Vulners Source

Initial Source

{"id": "SECURITYVULNS:VULN:2743", "bulletinFamily": "software", "title": "snort multiple bugs", "description": "Integer overflow during TCP stream processing leads to heap overflow. Heap overflow in stream4 filter.", "published": "2003-04-18T00:00:00", "modified": "2003-04-18T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:2743", "reporter": "BUGTRAQ", "references": ["https://vulners.com/securityvulns/securityvulns:doc:4402", "https://vulners.com/securityvulns/securityvulns:doc:4397"], "cvelist": [], "type": "securityvulns", "lastseen": "2018-08-31T11:09:17", "edition": 1, "viewCount": 2, "enchantments": {"score": {"value": 4.6, "vector": "NONE", "modified": "2018-08-31T11:09:17", "rev": 2}, "dependencies": {"references": [{"type": "nessus", "idList": ["EULEROS_SA-2020-1498.NASL", "EULEROS_SA-2020-1457.NASL", "EULEROS_SA-2020-1496.NASL", "EULEROS_SA-2020-1477.NASL", "EULEROS_SA-2020-1491.NASL", "EULEROS_SA-2020-1494.NASL", "EULEROS_SA-2020-1483.NASL", "EULEROS_SA-2020-1489.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562311220201494", "OPENVAS:1361412562311220201489", "OPENVAS:1361412562311220201457", "OPENVAS:1361412562311220201446", "OPENVAS:1361412562311220201477", "OPENVAS:1361412562311220201400", "OPENVAS:1361412562311220201491", "OPENVAS:1361412562311220201476", "OPENVAS:1361412562311220201430", "OPENVAS:1361412562311220201473"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:4397", "SECURITYVULNS:DOC:4402"]}], "modified": "2018-08-31T11:09:17", "rev": 2}, "vulnersScore": 4.6}, "affectedSoftware": [{"name": "snort", "operator": "eq", "version": "2.0"}, {"name": "snort", "operator": "eq", "version": "1.8"}], "immutableFields": []}

{"rst": [{"lastseen": "2021-04-10T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **www[.]rrgwmmwgk.com** in [RST Threat Feed](https://rstcloud.net/profeed) with score **20**.\n First seen: 2020-05-08T03:00:00, Last seen: 2021-04-10T03:00:00.\n IOC tags: **c2**.\nIt was found that the IOC is used by: **naikon**.\nWhois:\n Created: 2021-03-29 03:19:27, \n Registrar: GMO INTERNET INC, \n Registrant: Whois Privacy Protection Service by VALUEDOMAIN.\nIOC could be a **False Positive** (Domain not resolved, but Whois records found).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-05-08T00:00:00", "id": "RST:61BA85FD-2743-33BE-908D-7293D98ABB7C", "href": "", "published": "2021-04-11T00:00:00", "title": "RST Threat feed. IOC: www.rrgwmmwgk.com", "type": "rst", "cvss": {}}, {"lastseen": "2021-04-10T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **lockstick[.]co** in [RST Threat Feed](https://rstcloud.net/profeed) with score **11**.\n First seen: 2020-12-10T03:00:00, Last seen: 2021-04-10T03:00:00.\n IOC tags: **spam**.\nDomain has DNS A records: 50[.]3.203.36\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-10T00:00:00", "id": "RST:BC02FD89-2743-3E4F-A9E0-5B68D92F26C6", "href": "", "published": "2021-04-11T00:00:00", "title": "RST Threat feed. IOC: lockstick.co", "type": "rst", "cvss": {}}, {"lastseen": "2021-04-02T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **https://onedrive[.]live.com/download?cid=30e33fc2c147c72f&resid=30e33fc2c147c72f!2743&authkey=ao4um908kkhavqg** in [RST Threat Feed](https://rstcloud.net/profeed) with score **34**.\n First seen: 2021-03-08T03:00:00, Last seen: 2021-04-02T03:00:00.\n IOC tags: **generic**.\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-03-08T00:00:00", "id": "RST:08EF32E9-ECB1-3E91-9289-120FAFAE42B1", "href": "", "published": "2021-04-10T00:00:00", "title": "RST Threat feed. IOC: https://onedrive.live.com/download?cid=30e33fc2c147c72f&resid=30e33fc2c147c72f!2743&authkey=ao4um908kkhavqg", "type": "rst", "cvss": {}}, {"lastseen": "2021-04-08T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **102[.]43.68.86** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **44**.\n First seen: 2021-04-08T03:00:00, Last seen: 2021-04-08T03:00:00.\n IOC tags: **generic**.\nASN 8452: (First IP 102.40.0.0, Last IP 102.47.255.255).\nASN Name \"TEAS\" and Organisation \"TEAS\".\nASN hosts 3566 domains.\nGEO IP information: City \"Alexandria\", Country \"Egypt\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-04-08T00:00:00", "id": "RST:8817D3A2-2743-33AB-880B-DA638C304E44", "href": "", "published": "2021-04-08T00:00:00", "title": "RST Threat feed. IOC: 102.43.68.86", "type": "rst", "cvss": {}}, {"lastseen": "2021-04-05T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **103[.]68.3.34** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **43**.\n First seen: 2021-03-30T03:00:00, Last seen: 2021-04-05T03:00:00.\n IOC tags: **shellprobe**.\nASN 135459: (First IP 103.68.0.0, Last IP 103.68.3.255).\nASN Name \"GDSNETWORKASID\" and Organisation \"PTGLOBALRIAU DATA SOLUSI\".\nASN hosts 7 domains.\nGEO IP information: City \"\", Country \"Indonesia\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-03-30T00:00:00", "id": "RST:69AB8C84-2743-3BB6-9022-139F691A74EE", "href": "", "published": "2021-04-06T00:00:00", "title": "RST Threat feed. IOC: 103.68.3.34", "type": "rst", "cvss": {}}, {"lastseen": "2021-04-03T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **183[.]89.115.232** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **9**.\n First seen: 2020-12-26T03:00:00, Last seen: 2021-04-03T03:00:00.\n IOC tags: **generic**.\nASN 45629: (First IP 183.88.0.0, Last IP 183.89.255.255).\nASN Name \"JASTELNETWORKTHAP\" and Organisation \"JasTel Network International Gateway\".\nASN hosts 1702 domains.\nGEO IP information: City \"Pattaya\", Country \"Thailand\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-26T00:00:00", "id": "RST:0328A3B1-2743-35EE-A618-A39A8000F690", "href": "", "published": "2021-04-04T00:00:00", "title": "RST Threat feed. IOC: 183.89.115.232", "type": "rst", "cvss": {}}, {"lastseen": "2021-03-21T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **121[.]4.103.114** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **15**.\n First seen: 2020-12-28T03:00:00, Last seen: 2021-03-21T03:00:00.\n IOC tags: **generic**.\nASN 45090: (First IP 121.4.0.0, Last IP 121.5.255.255).\nASN Name \"CNNICTENCENTNETAP\" and Organisation \"Shenzhen Tencent Computer Systems Company Limited\".\nASN hosts 483346 domains.\nGEO IP information: City \"\", Country \"China\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-28T00:00:00", "id": "RST:E2B6AD24-2743-32C5-B22C-52B2A0BF1B3B", "href": "", "published": "2021-03-22T00:00:00", "title": "RST Threat feed. IOC: 121.4.103.114", "type": "rst", "cvss": {}}, {"lastseen": "2021-03-13T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **85[.]212.168.59** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **52**.\n First seen: 2021-03-13T03:00:00, Last seen: 2021-03-13T03:00:00.\n IOC tags: **tor_node**.\nASN 12312: (First IP 85.212.0.0, Last IP 85.212.171.255).\nASN Name \"ECOTEL\" and Organisation \"\".\nASN hosts 51932 domains.\nGEO IP information: City \"Konstanz\", Country \"Germany\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-03-13T00:00:00", "id": "RST:1D7FF15A-2743-3A11-ABD1-F028F9AC14D5", "href": "", "published": "2021-03-14T00:00:00", "title": "RST Threat feed. IOC: 85.212.168.59", "type": "rst", "cvss": {}}, {"lastseen": "2021-03-13T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **wwwfac3b00kimage389383782[.]000webhostapp.com** in [RST Threat Feed](https://rstcloud.net/profeed) with score **53**.\n First seen: 2021-03-13T03:00:00, Last seen: 2021-03-13T03:00:00.\n IOC tags: **phishing**.\nDomain has DNS A records: 145[.]14.144.90 and CNAME records: us-east-1.route-1.000webhost.awex.io.\nWhois:\n Created: 2016-05-11 13:34:12, \n Registrar: Hostinger UAB, \n Registrant: unknown.\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-03-13T00:00:00", "id": "RST:05B8386D-2743-3B71-B461-806CDC2BB848", "href": "", "published": "2021-03-13T00:00:00", "title": "RST Threat feed. IOC: wwwfac3b00kimage389383782.000webhostapp.com", "type": "rst", "cvss": {}}, {"lastseen": "2021-03-05T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **31[.]155.181.215** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **3**.\n First seen: 2020-03-15T03:00:00, Last seen: 2021-03-05T03:00:00.\n IOC tags: **generic**.\nASN 8386: (First IP 31.155.174.0, Last IP 31.155.215.255).\nASN Name \"KOCNET\" and Organisation \"\".\nASN hosts 365 domains.\nGEO IP information: City \"Mersin\", Country \"Turkey\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-03-15T00:00:00", "id": "RST:7060A2FC-2743-3C8D-A2B9-3AD1A38F1688", "href": "", "published": "2021-03-11T00:00:00", "title": "RST Threat feed. IOC: 31.155.181.215", "type": "rst", "cvss": {}}], "cve": [{"lastseen": "2021-04-08T12:46:06", "description": "The unity-firefox-extension package could be tricked into dropping a C callback which was still in use, which Firefox would then free, causing Firefox to crash. This could be achieved by adding an action to the launcher and updating it with new callbacks until the libunity-webapps rate limit was hit. Fixed in 3.0.0+14.04.20140416-0ubuntu1.14.04.1 of unity-firefox-extension and in all versions of libunity-webapps by shipping an empty unity-firefox-extension package, thus disabling the extension entirely and invalidating the attack against the libunity-webapps package.", "edition": 1, "cvss3": {}, "published": "2021-04-07T20:15:00", "title": "CVE-2013-1055", "type": "cve", "cwe": [], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2013-1055"], "modified": "2021-04-07T20:30:00", "cpe": [], "id": "CVE-2013-1055", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1055", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": []}, {"lastseen": "2021-04-08T12:46:06", "description": "The unity-firefox-extension package could be tricked into destroying the Unity webapps context, causing Firefox to crash. This could be achieved by spinning the event loop inside the webapps initialization callback. Fixed in 3.0.0+14.04.20140416-0ubuntu1.14.04.1 by shipping an empty package, thus disabling the extension entirely.", "edition": 1, "cvss3": {}, "published": "2021-04-07T20:15:00", "title": "CVE-2013-1054", "type": "cve", "cwe": [], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2013-1054"], "modified": "2021-04-07T20:30:00", "cpe": [], "id": "CVE-2013-1054", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1054", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": []}]}