Описание
Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-based buffer overflow.
Ссылки
- US Government Resource
- Third Party AdvisoryUS Government Resource
- ExploitPatchVendor Advisory
- US Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:smoothwall:smoothwall:2.0_beta_4:*:*:*:*:*:*:*
cpe:2.3:a:sourcefire:snort:1.8:*:*:*:*:*:*:*
cpe:2.3:a:sourcefire:snort:1.8.1:*:*:*:*:*:*:*
cpe:2.3:a:sourcefire:snort:1.8.2:*:*:*:*:*:*:*
cpe:2.3:a:sourcefire:snort:1.8.3:*:*:*:*:*:*:*
cpe:2.3:a:sourcefire:snort:1.8.4:*:*:*:*:*:*:*
cpe:2.3:a:sourcefire:snort:1.8.5:*:*:*:*:*:*:*
cpe:2.3:a:sourcefire:snort:1.8.6:*:*:*:*:*:*:*
cpe:2.3:a:sourcefire:snort:1.8.7:*:*:*:*:*:*:*
cpe:2.3:a:sourcefire:snort:1.9:*:*:*:*:*:*:*
cpe:2.3:a:sourcefire:snort:1.9.1:*:*:*:*:*:*:*
EPSS
Процентиль: 98%
0.57434
Средний
10 Critical
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
debian
почти 23 года назад
Integer overflow in the TCP stream reassembly module (stream4) for Sno ...
github
почти 4 года назад
Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-based buffer overflow.
EPSS
Процентиль: 98%
0.57434
Средний
10 Critical
CVSS2
Дефекты
NVD-CWE-Other