Vulnerabilities > CVE-2004-2652 - Unspecified vulnerability in Sourcefire Snort
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN sourcefire
exploit available
Summary
The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when printing TCP/IP options using FAST output or verbose mode, allows remote attackers to cause a denial of service (crash) via packets with invalid TCP/IP options, which trigger a null dereference.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 4 |
Exploit-Db
| description | Snort 2.1/2.2 DecodeTCPOptions Remote Denial Of Service Vulnerability (1). CVE-2004-2652. Dos exploit for linux platform |
| id | EDB-ID:25046 |
| last seen | 2016-02-03 |
| modified | 2004-12-22 |
| published | 2004-12-22 |
| reporter | Marcin Zgorecki |
| source | https://www.exploit-db.com/download/25046/ |
| title | Snort 2.1/2.2 DecodeTCPOptions Remote Denial of Service Vulnerability 1 |
References
- http://secunia.com/advisories/13664
- http://secunia.com/advisories/13664
- http://securitytracker.com/id?1012656
- http://securitytracker.com/id?1012656
- http://taosecurity.blogspot.com/2004/12/details-on-snort-dos-condition-you-may.html
- http://taosecurity.blogspot.com/2004/12/details-on-snort-dos-condition-you-may.html
- http://www.frsirt.com/exploits/20041222.angelDust.c.php
- http://www.frsirt.com/exploits/20041222.angelDust.c.php
- http://www.osvdb.org/12578
- http://www.osvdb.org/12578
- http://www.securiteam.com/exploits/6X00L20C0S.html
- http://www.securiteam.com/exploits/6X00L20C0S.html
- http://www.securityfocus.com/bid/12084
- http://www.securityfocus.com/bid/12084
- http://www.snort.org/arc_news/
- http://www.snort.org/arc_news/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18689
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18689