Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

-advisory- * [Thu Mar 16 13:40:07 EST 2006] * DoS Vulnerability in Snort

From: dr () kyx net
Date: Thu, 16 Mar 2006 18:40:13 +0000 (GMT)



-advisory- * [Thu Mar 16 13:40:07 EST 2006] * DoS Vulnerability in Snort




++++++++
I. BACKGROUND
++++++++
This problem had no identified background commentary on the problem at hand.
++++++++
II. DESCRIPTION
++++++++
Sending a specially crafted  malformed  packet to the services communication socket can create a loss of service.

++++++++
III. HISTORY
++++++++
2-12-2006 - Vendor Notification.
3-16-2006 - Public Disclosure.
++++++++
IV. WORKAROUND
++++++++
This advisory has no workarounds.
++++++++
V. VENDOR RESPONSE
++++++++
Snort had presented no explanation.
++++++++
VI. CVE INFORMATION
++++++++
The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2006-870137 to this issue

++++++++
APPENDIX A VENDOR INFORMATION
++++++++
http://www.snort.org/

++++++++
APPENDIX B REFERENCES
++++++++
RFC 7335

++++++++
CONTACT
++++++++
Dragos Ruiu lolville () spam la
1-888-565-9428

GSAE GREM SSP-CNSA GIPS SSCP 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: