Snort DecodeTCPOptions Remote Denial Of Service Vulnerability
BID:12084
Info
Snort DecodeTCPOptions Remote Denial Of Service Vulnerability
| Bugtraq ID: | 12084 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Dec 22 2004 12:00AM |
| Updated: | Dec 22 2004 12:00AM |
| Credit: | Discovery of this vulnerability is credited to Marcin Zgorecki <[email protected]> |
| Vulnerable: |
Snort Project Snort 2.2 Snort Project Snort 2.1.3 Snort Project Snort 2.1.1 RC1 Snort Project Snort 2.1 .0 |
| Not Vulnerable: | |
Discussion
Snort DecodeTCPOptions Remote Denial Of Service Vulnerability
Snort is reported prone to a remote denial of service vulnerability. The vulnerability is reported to exist in the DecodeTCPOptions() function of 'decode.c', and is as a result of a failure to sufficiently handle malicious TCP packets.
A remote attacker may trigger this vulnerability to crash a remote Snort server and in doing so may prevent subsequent malicious attacks from being detected.
Snort is reported prone to a remote denial of service vulnerability. The vulnerability is reported to exist in the DecodeTCPOptions() function of 'decode.c', and is as a result of a failure to sufficiently handle malicious TCP packets.
A remote attacker may trigger this vulnerability to crash a remote Snort server and in doing so may prevent subsequent malicious attacks from being detected.
Exploit / POC
Snort DecodeTCPOptions Remote Denial Of Service Vulnerability
The following exploits are available:
The following exploits are available:
Solution / Fix
Snort DecodeTCPOptions Remote Denial Of Service Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
Snort DecodeTCPOptions Remote Denial Of Service Vulnerability
References:
References:
- [Snort-devel] Snort >= 2.1.3 TCP/IP options bug (Marcin Zgorecki)
- Snort Homepage (Snort Project)