E-Mail:

Snort TCP/IP Options Denial of Service Vulnerability

Sunday, December 26th, 2004
by Marc Erickson

Secunia Advisory: SA13664

Critical: Moderately critical

Impact: DoS

Where: From remote

Solution Status: Vendor Patch

Software: Snort 2.2.x

Description: Marcin Zgorecki has reported a vulnerability in Snort, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error in the printing of TCP/IP options. This can be exploited to cause an unspecified DoS by sending a specially crafted packet.

Successful exploitation requires that snort is configured with “FAST” output or verbose mode.

The vulnerability has been reported in version 2.2.10. Other versions may also be affected.

Solution: Update to 2.3.0-RC1 or later.

http://www.snort.org/dl/

What Do You Think?

 

Want to Start a Blog Here for Free?

Are you an expert in one subject or another? If your goal is to help others and dispense hard-earned information back to the community, stake a claim on your very own Lockergnome blog today! You can write about anything - no matter the topic. Sign-up to start blogging!

GnomeREPORT - Oct 6, 2008

Reality Checks, Grooving With A Recoup

Database, Podcast - Oct 3, 2008

Steven Choy Measures Server Performance

Resources, Tech, VoIP, Wi-Fi - Oct 1, 2008

Telephony Magazine

GnomeREPORT - Sep 29, 2008

A PC Repair Slowdown?

68 queries / 0.411 seconds.