Vulnerabilities > CVE-2007-1398 - Denial of Service vulnerability in Snort 2.6.1.1/2.6.1.2/2.7Beta1
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
The frag3 preprocessor in Snort 2.6.1.1, 2.6.1.2, and 2.7.0 beta, when configured for inline use on Linux without the ip_conntrack module loaded, allows remote attackers to cause a denial of service (segmentation fault and application crash) via certain UDP packets produced by send_morefrag_packet and send_overlap_packet.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 1 | |
| Application | 3 |
Exploit-Db
| description | Snort 2.6.1.1/2.6.1.2/2.7.0 (fragementation) Remote DoS Exploit. CVE-2007-1398. Dos exploits for multiple platform |
| file | exploits/multiple/dos/3434.c |
| id | EDB-ID:3434 |
| last seen | 2016-01-31 |
| modified | 2007-03-08 |
| platform | multiple |
| port | |
| published | 2007-03-08 |
| reporter | Antimatt3r |
| source | https://www.exploit-db.com/download/3434/ |
| title | Snort 2.6.1.1/2.6.1.2/2.7.0 fragementation Remote DoS Exploit |
| type | dos |