Vulnerabilities > CVE-2004-2652 - Remote Denial Of Service vulnerability in Snort DecodeTCPOptions
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when printing TCP/IP options using FAST output or verbose mode, allows remote attackers to cause a denial of service (crash) via packets with invalid TCP/IP options, which trigger a null dereference.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 4 |
Exploit-Db
| description | Snort 2.1/2.2 DecodeTCPOptions Remote Denial Of Service Vulnerability (1). CVE-2004-2652. Dos exploit for linux platform |
| id | EDB-ID:25046 |
| last seen | 2016-02-03 |
| modified | 2004-12-22 |
| published | 2004-12-22 |
| reporter | Marcin Zgorecki |
| source | https://www.exploit-db.com/download/25046/ |
| title | Snort 2.1/2.2 DecodeTCPOptions Remote Denial of Service Vulnerability 1 |
References
- http://secunia.com/advisories/13664
- http://securitytracker.com/id?1012656
- http://taosecurity.blogspot.com/2004/12/details-on-snort-dos-condition-you-may.html
- http://www.frsirt.com/exploits/20041222.angelDust.c.php
- http://www.osvdb.org/12578
- http://www.securiteam.com/exploits/6X00L20C0S.html
- http://www.securityfocus.com/bid/12084
- http://www.snort.org/arc_news/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18689