← volver
CVE-2004-2652

CVE-2004-2652

EPSS 11.2%
The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when printing TCP/IP options using FAST output or verbose mode, allows remote attackers to cause a denial of service (crash) via packets with invalid TCP/IP options, which trigger a null dereference.
Productos afectados
n/a · n/a
PoCs públicas encontradas2
exploitdbwww.exploit-db.com/exploits/25046no verificadoexploitdbwww.exploit-db.com/exploits/25047no verificado
⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://secunia.com/advisories/13664http://securitytracker.com/id?1012656https://exchange.xforce.ibmcloud.com/vulnerabilities/18689http://taosecurity.blogspot.com/2004/12/details-on-snort-dos-condition-you-may.htmlhttp://www.frsirt.com/exploits/20041222.angelDust.c.phphttp://www.osvdb.org/12578http://www.securiteam.com/exploits/6X00L20C0S.htmlhttp://www.securityfocus.com/bid/12084http://www.snort.org/arc_news/