← back
CVE-2007-1398

CVE-2007-1398

EPSS 5.6%
The frag3 preprocessor in Snort 2.6.1.1, 2.6.1.2, and 2.7.0 beta, when configured for inline use on Linux without the ip_conntrack module loaded, allows remote attackers to cause a denial of service (segmentation fault and application crash) via certain UDP packets produced by send_morefrag_packet and send_overlap_packet.
Affected products
n/a · n/a
public PoCs found1
cve_referencewww.exploit-db.com/exploits/3434unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.exploit-db.com/exploits/3434http://www.osvdb.org/33024http://www.securityfocus.com/bid/22872http://www.snort.org/docs/release_notes/release_notes_2613.txt