Snort TCP/IP Options Denial of Service Vulnerability

Sunday, December 26th, 2004
by Marc Erickson

No Related Post

Secunia Advisory: SA13664

Critical: Moderately critical

Impact: DoS

Where: From remote

Solution Status: Vendor Patch

Software: Snort 2.2.x

Description: Marcin Zgorecki has reported a vulnerability in Snort, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error in the printing of TCP/IP options. This can be exploited to cause an unspecified DoS by sending a specially crafted packet.

Successful exploitation requires that snort is configured with “FAST” output or verbose mode.

The vulnerability has been reported in version 2.2.10. Other versions may also be affected.

Solution: Update to 2.3.0-RC1 or later.

http://www.snort.org/dl/

What Do You Think?

GnomeREPORT - Jul 10, 2009

Bill Gates Vs Hurricanes

Download - Jul 9, 2009

LANcet Chat v2.3.285

Business, Career, Tips - Jul 7, 2009

Are You Taking Accountability For Your Own Work Life Balance?

Download - Jul 6, 2009

Son Of Snoop On Steroids v3.2.0.1

Snort TCP/IP Options Denial of Service Vulnerability

Tags

Categories

What Do You Think?

GnomeREPORT - Jul 10, 2009

Bill Gates Vs Hurricanes

Download - Jul 9, 2009

LANcet Chat v2.3.285

Business, Career, Tips - Jul 7, 2009

Are You Taking Accountability For Your Own Work Life Balance?

Download - Jul 6, 2009

Son Of Snoop On Steroids v3.2.0.1

What's New?

Older Posts

Snort TCP/IP Options Denial of Service Vulnerability

Latest Information

Tags

Categories

What Do You Think?

GnomeREPORT - Jul 10, 2009

Bill Gates Vs Hurricanes

Download - Jul 9, 2009

LANcet Chat v2.3.285

Business, Career, Tips - Jul 7, 2009

Are You Taking Accountability For Your Own Work Life Balance?

Download - Jul 6, 2009

Son Of Snoop On Steroids v3.2.0.1

What's New?

Older Posts