Vulnerabilities > CVE-2007-1398 - Unspecified vulnerability in Snort 2.6.1.1/2.6.1.2/2.7Beta1

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
snort
exploit available
NVD
Published: 2007-03-10
Updated: 2024-11-21

Summary

The frag3 preprocessor in Snort 2.6.1.1, 2.6.1.2, and 2.7.0 beta, when configured for inline use on Linux without the ip_conntrack module loaded, allows remote attackers to cause a denial of service (segmentation fault and application crash) via certain UDP packets produced by send_morefrag_packet and send_overlap_packet.

Vulnerable Configurations

Part Description Count
OS
Linux
1
Application
Snort
3

Exploit-Db

descriptionSnort 2.6.1.1/2.6.1.2/2.7.0 (fragementation) Remote DoS Exploit. CVE-2007-1398. Dos exploits for multiple platform
fileexploits/multiple/dos/3434.c
idEDB-ID:3434
last seen2016-01-31
modified2007-03-08
platformmultiple
port
published2007-03-08
reporterAntimatt3r
sourcehttps://www.exploit-db.com/download/3434/
titleSnort 2.6.1.1/2.6.1.2/2.7.0 fragementation Remote DoS Exploit
typedos

References