CVE-2008-1804
Severity Score
6.8
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
preprocessors/spp_frag3.c in Sourcefire Snort before 2.8.1 does not properly identify packet fragments that have dissimilar TTL values, which allows remote attackers to bypass detection rules by using a different TTL for each fragment.
preprocessors/spp_frag3.c en Sourcefire Snort before 2.8.1 no identifica adecuadamente los fragmentos de paquetes que tienen valores TTL distintos, esto permite a atacantes remotos evitar las reglas de detección usando un paquete TTL para cada fragmento.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2008-04-15 CVE Reserved
- 2008-05-22 CVE Published
- 2024-05-28 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (14)
| URL | Tag | Source |
|---|---|---|
| http://cvs.snort.org/viewcvs.cgi/snort/ChangeLog?rev=1.534.2.11 | X_refsource_confirm | |
| http://cvs.snort.org/viewcvs.cgi/snort/src/preprocessors/spp_frag3.c.diff?r1=text&tr1=1.46.2.4&r2=text&tr2=1.46.2.5&diff_format=h | X_refsource_confirm | |
| http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=701 | Third Party Advisory | |
| http://secunia.com/advisories/30348 | Third Party Advisory | |
| http://secunia.com/advisories/30563 | Third Party Advisory | |
| http://secunia.com/advisories/31204 | Third Party Advisory | |
| http://securitytracker.com/id?1020081 | Vdb Entry | |
| http://www.ipcop.org/index.php?name=News&file=article&sid=40 | X_refsource_confirm | |
| http://www.securityfocus.com/bid/29327 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2008/1602 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/42584 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|