{"api_version":"1","generated_at":"2026-04-23T07:55:26+00:00","cve":"CVE-2007-0251","urls":{"html":"https://cve.report/CVE-2007-0251","api":"https://cve.report/api/cve/CVE-2007-0251.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2007-0251","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2007-0251"},"summary":{"title":"CVE-2007-0251","description":"Integer underflow in the DecodeGRE function in src/decode.c in Snort 2.6.1.2 allows remote attackers to trigger dereferencing of certain memory locations via crafted GRE packets, which may cause corruption of log files or writing of sensitive information into log files.","state":"PUBLISHED","assigner":"mitre","published_at":"2007-01-16 23:28:00","updated_at":"2026-04-23 00:35:47"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"7.8","severity":"","vector":"AV:N/AC:L/Au:N/C:N/I:N/A:C","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:C","baseScore":7.8,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"COMPLETE"}}],"references":[{"url":"http://www.securityfocus.com/archive/1/456598/100/0/threaded","name":"http://www.securityfocus.com/archive/1/456598/100/0/threaded","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityFocus","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://securityreason.com/securityalert/2165","name":"http://securityreason.com/securityalert/2165","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityReason - Snort 2.6.1.2 Integer Underflow Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://osvdb.org/33464","name":"http://osvdb.org/33464","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"http://www.snort.org/got_source/source.html","name":"http://www.snort.org/got_source/source.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Just a moment...","mime":"text/html","httpstatus":"503","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/22004","name":"http://www.securityfocus.com/bid/22004","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Snort GRE Packet Decoding Integer Underflow Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://osvdb.org/32095","name":"http://osvdb.org/32095","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"http://securitytracker.com/id?1017507","name":"http://securitytracker.com/id?1017507","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityTracker.com Archives - Snort Integer Underflow in Processing the GRE Protocol May Let Remote Users Corrupt Log Files","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://labs.calyptix.com/advisories/CX-2007-01.txt","name":"http://labs.calyptix.com/advisories/CX-2007-01.txt","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Calyptix Your Simple and Powerful Network Security Solution","mime":"text/plain","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2007/0152","name":"http://www.vupen.com/english/advisories/2007/0152","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2007-0251","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-0251","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2007","cve_id":"251","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"snort","cpe5":"snort","cpe6":"2.6.1.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T12:12:17.829Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"http://labs.calyptix.com/advisories/CX-2007-01.txt"},{"name":"ADV-2007-0152","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2007/0152"},{"name":"32095","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/32095"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.snort.org/got_source/source.html"},{"name":"1017507","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://securitytracker.com/id?1017507"},{"name":"33464","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/33464"},{"name":"20070111 Calyptix Security Advisory CX-2007-001 - Snort 2.6.1.2 Integer Underflow Vulnerability","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/456598/100/0/threaded"},{"name":"22004","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/22004"},{"name":"2165","tags":["third-party-advisory","x_refsource_SREASON","x_transferred"],"url":"http://securityreason.com/securityalert/2165"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2007-01-07T00:00:00.000Z","descriptions":[{"lang":"en","value":"Integer underflow in the DecodeGRE function in src/decode.c in Snort 2.6.1.2 allows remote attackers to trigger dereferencing of certain memory locations via crafted GRE packets, which may cause corruption of log files or writing of sensitive information into log files."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2018-10-16T14:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"tags":["x_refsource_MISC"],"url":"http://labs.calyptix.com/advisories/CX-2007-01.txt"},{"name":"ADV-2007-0152","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2007/0152"},{"name":"32095","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/32095"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.snort.org/got_source/source.html"},{"name":"1017507","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://securitytracker.com/id?1017507"},{"name":"33464","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/33464"},{"name":"20070111 Calyptix Security Advisory CX-2007-001 - Snort 2.6.1.2 Integer Underflow Vulnerability","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/456598/100/0/threaded"},{"name":"22004","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/22004"},{"name":"2165","tags":["third-party-advisory","x_refsource_SREASON"],"url":"http://securityreason.com/securityalert/2165"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2007-0251","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Integer underflow in the DecodeGRE function in src/decode.c in Snort 2.6.1.2 allows remote attackers to trigger dereferencing of certain memory locations via crafted GRE packets, which may cause corruption of log files or writing of sensitive information into log files."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"http://labs.calyptix.com/advisories/CX-2007-01.txt","refsource":"MISC","url":"http://labs.calyptix.com/advisories/CX-2007-01.txt"},{"name":"ADV-2007-0152","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2007/0152"},{"name":"32095","refsource":"OSVDB","url":"http://osvdb.org/32095"},{"name":"http://www.snort.org/got_source/source.html","refsource":"CONFIRM","url":"http://www.snort.org/got_source/source.html"},{"name":"1017507","refsource":"SECTRACK","url":"http://securitytracker.com/id?1017507"},{"name":"33464","refsource":"OSVDB","url":"http://osvdb.org/33464"},{"name":"20070111 Calyptix Security Advisory CX-2007-001 - Snort 2.6.1.2 Integer Underflow Vulnerability","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/456598/100/0/threaded"},{"name":"22004","refsource":"BID","url":"http://www.securityfocus.com/bid/22004"},{"name":"2165","refsource":"SREASON","url":"http://securityreason.com/securityalert/2165"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2007-0251","datePublished":"2007-01-16T23:00:00.000Z","dateReserved":"2007-01-16T00:00:00.000Z","dateUpdated":"2024-08-07T12:12:17.829Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2007-01-16 23:28:00","lastModifiedDate":"2026-04-23 00:35:47","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:C","baseScore":7.8,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:snort:snort:2.6.1.2:*:*:*:*:*:*:*","matchCriteriaId":"CE956C2B-8647-497B-A4C1-05A526629B97"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2007","CveId":"251","Ordinal":"1","Title":"CVE-2007-0251","CVE":"CVE-2007-0251","Year":"2007"},"notes":[{"CveYear":"2007","CveId":"251","Ordinal":"1","NoteData":"Integer underflow in the DecodeGRE function in src/decode.c in Snort 2.6.1.2 allows remote attackers to trigger dereferencing of certain memory locations via crafted GRE packets, which may cause corruption of log files or writing of sensitive information into log files.","Type":"Description","Title":"CVE-2007-0251"},{"CveYear":"2007","CveId":"251","Ordinal":"2","NoteData":"2007-01-16","Type":"Other","Title":"Published"},{"CveYear":"2007","CveId":"251","Ordinal":"3","NoteData":"2018-10-16","Type":"Other","Title":"Modified"}]}}}