Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
snort vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2005-3252
Stack-based buffer overflow in the Back Orifice (BO) preprocessor for Snort prior to 2.4.3 allows remote malicious users to execute arbitrary code via a crafted UDP packet.
Sourcefire Snort 2.4.1
Sourcefire Snort 2.4.2
Sourcefire Snort 2.4.0
5 EDB exploits
5
CVSSv2
CVE-2000-1226
Snort 1.6, when running in straight ASCII packet logging mode or IDS mode with straight decoded ASCII packet logging selected, allows remote malicious users to cause a denial of service (crash) by sending non-IP protocols that Snort does not know about, as demonstrated by an nmap...
Snort Snort 1.6
6.8
CVSSv2
CVE-2016-1417
Untrusted search path vulnerability in Snort 2.9.7.0-WIN32 allows remote malicious users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse tcapi.dll that is located in the same folder on a remote file share as a pcap file that is being processed.
Snort Snort 2.9.7.0
7.8
CVSSv2
CVE-2007-0251
Integer underflow in the DecodeGRE function in src/decode.c in Snort 2.6.1.2 allows remote malicious users to trigger dereferencing of certain memory locations via crafted GRE packets, which may cause corruption of log files or writing of sensitive information into log files.
Snort Snort 2.6.1.2
5
CVSSv2
CVE-2017-6657
Cisco Sourcefire Snort 3.0 before build 233 mishandles Ether Type Validation. Since valid ether type and IP protocol numbers do not overlap, Snort++ stores all protocol decoders in a single array. That makes it possible to craft packets that have IP protocol numbers in the ether ...
Cisco Snort\\+\\+ -
5
CVSSv2
CVE-2017-6658
Cisco Sourcefire Snort 3.0 before build 233 has a Buffer Overread related to use of a decoder array. The size was off by one making it possible to read past the end of the array with an ether type of 0xFFFF. Increasing the array size solves this problem.
Cisco Sourcefire Snort 3.0
5
CVSSv2
CVE-2006-0839
The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote malicious users to evade detection of certain attacks, possibly related to IP option lengths.
Sourcefire Snort 2.4.3
5
CVSSv2
CVE-2002-0115
Snort 1.8.3 does not properly define the minimum ICMP header size, which allows remote malicious users to cause a denial of service (crash and core dump) via a malformed ICMP packet.
Martin Roesch Snort 1.8.3
1 EDB exploit
4.3
CVSSv2
CVE-2014-4693
Multiple cross-site scripting (XSS) vulnerabilities in the Snort package prior to 3.0.13 for pfSense up to and including 2.1.4 allow remote malicious users to inject arbitrary web script or HTML via (1) the eng parameter to snort_import_aliases.php or (2) unspecified variables to...
Netgate Pfsense
Netgate Pfsense 2.1.3
Pfsense Snort Package
5.8
CVSSv2
CVE-2014-4695
Multiple open redirect vulnerabilities in the Snort package prior to 3.0.13 for pfSense up to and including 2.1.4 allow remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via (1) the referer parameter to snort_rules_flowbits.php or (2) th...
Pfsense Snort Package
Netgate Pfsense 2.1.3
Netgate Pfsense
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »