CVE-2006-0839
https://notcve.org/view.php?id=CVE-2006-0839
The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option lengths. • http://secunia.com/advisories/18959 http://www.securityfocus.com/archive/1/425290/100/0/threaded http://www.securityfocus.com/bid/16705 https://exchange.xforce.ibmcloud.com/vulnerabilities/24811 •
CVE-2005-3252 – Snort 2.4.2 - Back Orifice Pre-Preprocessor Remote
https://notcve.org/view.php?id=CVE-2005-3252
Stack-based buffer overflow in the Back Orifice (BO) preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code via a crafted UDP packet. • https://www.exploit-db.com/exploits/1314 https://www.exploit-db.com/exploits/1272 https://www.exploit-db.com/exploits/16834 https://www.exploit-db.com/exploits/10026 https://www.exploit-db.com/exploits/1313 http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0505.html http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0010.html http://secunia.com/advisories/17220 http://secunia.com/advisories/17255 http://secunia.com/advisories/17559 http://securitytracker& •
CVE-2004-2652 – Snort 2.1/2.2 - DecodeTCPOptions Remote Denial of Service
https://notcve.org/view.php?id=CVE-2004-2652
The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when printing TCP/IP options using FAST output or verbose mode, allows remote attackers to cause a denial of service (crash) via packets with invalid TCP/IP options, which trigger a null dereference. • https://www.exploit-db.com/exploits/25046 https://www.exploit-db.com/exploits/25047 http://secunia.com/advisories/13664 http://securitytracker.com/id?1012656 http://taosecurity.blogspot.com/2004/12/details-on-snort-dos-condition-you-may.html http://www.frsirt.com/exploits/20041222.angelDust.c.php http://www.osvdb.org/12578 http://www.securiteam.com/exploits/6X00L20C0S.html http://www.securityfocus.com/bid/12084 http://www.snort.org/arc_news https://exchange.xforce.ibmclou •
CVE-2003-0209 – Snort 1.9.1 - 'p7snort191.sh' Remote Command Execution
https://notcve.org/view.php?id=CVE-2003-0209
Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-based buffer overflow. Desbordamiento de enteros en el modulo de reensamblaje TCP (stream4) de Snort 2.0 y anteriores permite a atacantes remotos ejecutar código arbitrario mediante números de secuencia largo en paquetes, lo que permite un desbordamiento de búfer basado en el montón. • https://www.exploit-db.com/exploits/18 http://marc.info/?l=bugtraq&m=105043563016235&w=2 http://marc.info/?l=bugtraq&m=105103586927007&w=2 http://marc.info/?l=bugtraq&m=105111217731583&w=2 http://marc.info/?l=bugtraq&m=105154530427824&w=2 http://marc.info/? •
CVE-2003-0033
https://notcve.org/view.php?id=CVE-2003-0033
Buffer overflow in the RPC preprocessor for Snort 1.8 and 1.9.x before 1.9.1 allows remote attackers to execute arbitrary code via fragmented RPC packets. Desbordamiento de búfer en el preprocesador RPC de Snort 1.8 y 1.9.x anteriores a la 1.9.1 permite a atacantes remotos la ejecución arbitraria de código mediante paquetes RPC fragmentados. • http://marc.info/?l=bugtraq&m=104673386226064&w=2 http://marc.info/?l=bugtraq&m=104716001503409&w=2 http://marc.info/?l=bugtraq&m=105154530427824&w=2 http://www.cert.org/advisories/CA-2003-13.html http://www.debian.org/security/2003/dsa-297 http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21951 http://www.iss.net/security_center/static/10956.php http://www.kb.cert.org/vuls/id/916785 http://www.linuxsecurity.com/advisories/engarde_advisory-2944 •