Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2652

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2004-2652
Last Modified 05 Sep 2008 04:44:44
Published 31 Dec 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-2652

Summary

The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when printing TCP/IP options using FAST output or verbose mode, allows remote attackers to cause a denial of service (crash) via packets with invalid TCP/IP options, which trigger a null dereference.

Vulnerable Systems

Application

  • Sourcefire Snort 2.1.0

  • Sourcefire Snort 2.1.1 Rc1

  • Sourcefire Snort 2.1.3

  • Sourcefire Snort 2.2


References

SECTRACK - 1012656

SECUNIA - 13664

XF - snort-tcpip-printing-dos(18689)

CONFIRM - http://www.snort.org/arc_news/

BID - 12084

MISC - http://www.securiteam.com/exploits/6X00L20C0S.html

OSVDB - 12578

MISC - http://www.frsirt.com/exploits/20041222.angelDust.c.php

MISC - http://taosecurity.blogspot.com/2004/12/details-on-snort-dos-condition-you-may.html


Last Updated: 27 May 2016 10:39:34