Vulnerabilities > CVE-2005-3252 - Unspecified vulnerability in Sourcefire Snort 2.4.0/2.4.1/2.4.2

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
sourcefire
exploit available
metasploit
NVD
Published: 2005-10-18
Updated: 2024-11-21

Summary

Stack-based buffer overflow in the Back Orifice (BO) preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code via a crafted UDP packet.

Vulnerable Configurations

Part Description Count
Application
Sourcefire
3

Exploit-Db

  • descriptionSnort 2.4.0 - 2.4.3 Back Orifice Pre-Preprocessor Remote Exploit. CVE-2005-3252. Remote exploit for linux platform
    idEDB-ID:10026
    last seen2016-02-01
    modified2005-10-18
    published2005-10-18
    reporterKaiJern Lau
    sourcehttps://www.exploit-db.com/download/10026/
    titleSnort 2.4.0 - 2.4.3 - Back Orifice Pre-Preprocessor Remote Exploit
  • descriptionSnort <= 2.4.2 Back Orifice Pre-Preprocessor Remote Exploit (3). CVE-2005-3252. Remote exploit for windows platform
    idEDB-ID:1313
    last seen2016-01-31
    modified2005-11-11
    published2005-11-11
    reporterxort
    sourcehttps://www.exploit-db.com/download/1313/
    titleSnort <= 2.4.2 Back Orifice Pre-Preprocessor Remote Exploit 3
  • descriptionSnort <= 2.4.2 Back Orifice Parsing Remote Buffer Overflow Exploit. CVE-2005-3252. Remote exploit for linux platform
    idEDB-ID:1272
    last seen2016-01-31
    modified2005-10-25
    published2005-10-25
    reporterrd
    sourcehttps://www.exploit-db.com/download/1272/
    titleSnort <= 2.4.2 Back Orifice Parsing Remote Buffer Overflow Exploit
  • descriptionSnort Back Orifice Pre-Preprocessor Remote Exploit. CVE-2005-3252. Remote exploit for linux platform
    idEDB-ID:16834
    last seen2016-02-02
    modified2010-07-03
    published2010-07-03
    reportermetasploit
    sourcehttps://www.exploit-db.com/download/16834/
    titleSnort Back Orifice Pre-Preprocessor Remote Exploit

Metasploit

descriptionThis module exploits a stack buffer overflow in the Back Orifice pre-processor module included with Snort versions 2.4.0, 2.4.1, 2.4.2, and 2.4.3. This vulnerability could be used to completely compromise a Snort sensor, and would typically gain an attacker full root or administrative privileges.
idMSF:EXPLOIT/LINUX/IDS/SNORTBOPRE
last seen2020-03-10
modified2017-07-24
published2005-12-18
referenceshttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3252
reporterRapid7
sourcehttps://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/linux/ids/snortbopre.rb
titleSnort Back Orifice Pre-Preprocessor Buffer Overflow

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/82239/snortbopre.rb.txt
idPACKETSTORM:82239
last seen2016-12-05
published2009-10-27
reporterLau KaiJern
sourcehttps://packetstormsecurity.com/files/82239/Snort-Back-Orifice-Stack-Overflow.html
titleSnort Back Orifice Stack Overflow

Saint

bid15131
descriptionSnort Back Orifice Pre-Processor buffer overflow
idmisc_snort
osvdb20034
titlesnort_back_orifice
typeremote

References