CVE-2009-3641 – Snort 2.8.5 - Multiple Denial of Service Vulnerabilities
https://notcve.org/view.php?id=CVE-2009-3641
Snort before 2.8.5.1, when the -v option is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted IPv6 packet that uses the (1) TCP or (2) ICMP protocol. Snort anterior v.2.8.5.1, cuando la opción -v es activada, permite a atacantes remotos causar una denegación de servicio (caída aplicación) a través de un paquete Ipv6 manipulado que usa el protocolo (1) TCP o (2)ICMP. • https://www.exploit-db.com/exploits/33306 https://www.exploit-db.com/exploits/9969 http://dl.snort.org/snort-current/release_notes_2851.txt http://marc.info/?l=oss-security&m=125649553414700&w=2 http://seclists.org/fulldisclosure/2009/Oct/299 http://secunia.com/advisories/37135 http://securitytracker.com/id?1023076 http://vrt-sourcefire.blogspot.com/2009/10/snort-2851-release.html http://www.openwall.com/lists/oss-security/2009/10/25/5 http://www.osvdb.org/591 •
CVE-2008-1804
https://notcve.org/view.php?id=CVE-2008-1804
preprocessors/spp_frag3.c in Sourcefire Snort before 2.8.1 does not properly identify packet fragments that have dissimilar TTL values, which allows remote attackers to bypass detection rules by using a different TTL for each fragment. preprocessors/spp_frag3.c en Sourcefire Snort before 2.8.1 no identifica adecuadamente los fragmentos de paquetes que tienen valores TTL distintos, esto permite a atacantes remotos evitar las reglas de detección usando un paquete TTL para cada fragmento. • http://cvs.snort.org/viewcvs.cgi/snort/ChangeLog?rev=1.534.2.11 http://cvs.snort.org/viewcvs.cgi/snort/src/preprocessors/spp_frag3.c.diff?r1=text&tr1=1.46.2.4&r2=text&tr2=1.46.2.5&diff_format=h http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=701 http://secunia.com/advisories/30348 http://secunia.com/advisories/30563 http://secunia.com/advisories/31204 http://securitytracker.com/id?1020081 http://www.ipcop.org/index.php? •
CVE-2007-1398 – Snort 2.6.1.1/2.6.1.2/2.7.0 - 'fragementation' Remote Denial of Service
https://notcve.org/view.php?id=CVE-2007-1398
The frag3 preprocessor in Snort 2.6.1.1, 2.6.1.2, and 2.7.0 beta, when configured for inline use on Linux without the ip_conntrack module loaded, allows remote attackers to cause a denial of service (segmentation fault and application crash) via certain UDP packets produced by send_morefrag_packet and send_overlap_packet. El preprocesador en Snort 2.6.1.1, 2.6.1.2, y 2.7.0 beta, cuando se configura para usuarios inline usado sobre Linux sin el modulo cargado ip_conntrack, permite a atacantes remotos provocar denegación de servicio (fallo de segmentación y caida de aplicación) a través de ciertos paquetes UDP producidos por send_morefrag_packet y send_overlap_packet. • https://www.exploit-db.com/exploits/3434 http://www.osvdb.org/33024 http://www.securityfocus.com/bid/22872 http://www.snort.org/docs/release_notes/release_notes_2613.txt •
CVE-2006-5276 – Snort 2.6.1 (Linux) - DCE/RPC Preprocessor Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-5276
Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 before beta 2; and Sourcefire Intrusion Sensor; allows remote attackers to execute arbitrary code via crafted SMB traffic. Desbordamiento de búfer en el preprocesador DCE/RPC en Snort anterior a 2.6.1.3, y 2.7 anterior a beta 2; y Sourcefire Intrusion Sensor;permite a atacantes remotos ejecutar código de su elección mediante tráfico SMB manipulado. • https://www.exploit-db.com/exploits/3609 https://www.exploit-db.com/exploits/3362 https://www.exploit-db.com/exploits/18723 https://www.exploit-db.com/exploits/3391 http://fedoranews.org/updates/FEDORA-2007-206.shtml http://iss.net/threats/257.html http://secunia.com/advisories/24190 http://secunia.com/advisories/24235 http://secunia.com/advisories/24239 http://secunia.com/advisories/24240 http://secunia.com/advisories/24272 http://secunia.com/advisories/26746 htt •
CVE-2007-0251
https://notcve.org/view.php?id=CVE-2007-0251
Integer underflow in the DecodeGRE function in src/decode.c in Snort 2.6.1.2 allows remote attackers to trigger dereferencing of certain memory locations via crafted GRE packets, which may cause corruption of log files or writing of sensitive information into log files. Desbordamiento inferior de entero en la función DecodeGRE en src/decode.c en Snort 2.6.1.2 permite a atacantes remotos provocar referencias a ciertas localizaciones de memoria mediante paquetes GRE artesanales, lo cual puede causar la corrupción de ficheros de log o la escritura de información sensible en ficheros de log. • http://labs.calyptix.com/advisories/CX-2007-01.txt http://osvdb.org/32095 http://osvdb.org/33464 http://securityreason.com/securityalert/2165 http://securitytracker.com/id?1017507 http://www.securityfocus.com/archive/1/456598/100/0/threaded http://www.securityfocus.com/bid/22004 http://www.snort.org/got_source/source.html http://www.vupen.com/english/advisories/2007/0152 •