User: Password:
|
|
Subscribe / Log in / New account

snort: remote arbitrary code execution

Package(s):snort CVE #(s):CVE-2006-5276
Created:March 2, 2007 Updated:September 7, 2007
Description: The Snort intrusion detection system is vulnerable to a buffer overflow in the DCE/RPC preprocessor code. Remote attackers can send specially crafted fragmented SMB or DCE/RPC packets which can be used to allow the the remote execution of arbitrary code.
Alerts:
Fedora FEDORA-2007-2060 snort 2007-09-07
Gentoo 200703-01:02 snort 2007-02-23
Gentoo 200703-01 snort 2007-02-23

(Log in to post comments)

snort: remote arbitrary code execution

Posted Mar 11, 2007 19:39 UTC (Sun) by kreutzm (guest, #4700) [Link]

Debian Stable is not affected, as Snort versions 2.3.x do not contain the DCE RPC preprocessor.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds