Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
snort snort vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-4211
The U.S. Defense Information Systems Agency (DISA) Security Readiness Review (SRR) script for the Solaris x86 platform executes files in arbitrary directories as root for filenames equal to (1) java, (2) openssl, (3) php, (4) snort, (5) tshark, (6) vncserver, or (7) wireshark, wh...
Disa Srr For Solaris
NA
CVE-2009-3641
Snort prior to 2.8.5.1, when the -v option is enabled, allows remote malicious users to cause a denial of service (application crash) via a crafted IPv6 packet that uses the (1) TCP or (2) ICMP protocol.
Snort Snort 1.8.0
Snort Snort 1.8.1
Snort Snort 1.8.4
Snort Snort 1.8.5
Snort Snort 2.0
Snort Snort 1.9.0
Snort Snort 2.8.0
Snort Snort 2.8.2.2
Snort Snort 2.8.3
Snort Snort 1.8.7
Snort Snort 1.6
Snort Snort 2.6.1.1
Snort Snort 2.6.1
Snort Snort
Snort Snort 1.8.6
Snort Snort 2.6.2
Snort Snort 2.6.1.2
Snort Snort 2.8.3.4
Snort Snort 2.8.3.4.1
Snort Snort 1.8.2
Snort Snort 1.8.3
Snort Snort 1.9.1
2 EDB exploits
NA
CVE-2008-1804
preprocessors/spp_frag3.c in Sourcefire Snort prior to 2.8.1 does not properly identify packet fragments that have dissimilar TTL values, which allows remote malicious users to bypass detection rules by using a different TTL for each fragment.
Snort Snort
NA
CVE-2007-1398
The frag3 preprocessor in Snort 2.6.1.1, 2.6.1.2, and 2.7.0 beta, when configured for inline use on Linux without the ip_conntrack module loaded, allows remote malicious users to cause a denial of service (segmentation fault and application crash) via certain UDP packets produced...
Snort Snort 2.6.1.1
Snort Snort 2.6.1.2
Snort Snort 2.7 Beta1
1 EDB exploit
NA
CVE-2006-5276
Stack-based buffer overflow in the DCE/RPC preprocessor in Snort prior to 2.6.1.3, and 2.7 before beta 2; and Sourcefire Intrusion Sensor; allows remote malicious users to execute arbitrary code via crafted SMB traffic.
Snort Snort 2.6.1
Snort Snort 2.6.1.1
Sourcefire Intrusion Sensor 4.6
Snort Snort
Sourcefire Intrusion Sensor 4.5
Snort Snort 2.7 Beta1
Sourcefire Intrusion Sensor 4.1
4 EDB exploits
NA
CVE-2006-6931
Algorithmic complexity vulnerability in Snort prior to 2.6.1, during predicate evaluation in rule matching for certain rules, allows remote malicious users to cause a denial of service (CPU consumption and detection outage) via crafted network traffic, aka a "backtracking at...
Snort Snort
NA
CVE-2007-0251
Integer underflow in the DecodeGRE function in src/decode.c in Snort 2.6.1.2 allows remote malicious users to trigger dereferencing of certain memory locations via crafted GRE packets, which may cause corruption of log files or writing of sensitive information into log files.
Snort Snort 2.6.1.2
NA
CVE-2006-2769
The HTTP Inspect preprocessor (http_inspect) in Snort 2.4.0 up to and including 2.4.4 allows remote malicious users to bypass "uricontent" rules via a carriage return (\r) after the URL and before the HTTP declaration.
Sourcefire Snort 2.4.4
Sourcefire Snort 2.4
Sourcefire Snort 2.4.1
Sourcefire Snort 2.4.2
Sourcefire Snort 2.4.3
1 EDB exploit
NA
CVE-2006-2685
PHP remote file inclusion vulnerability in Basic Analysis and Security Engine (BASE) 1.2.4 and previous versions, with register_globals enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the BASE_path parameter to (1) base_qry_common.php, (2) base_s...
Kevin Johnson Basic Analysis And Security Engine 1.2.2
Kevin Johnson Basic Analysis And Security Engine 1.2.4
Kevin Johnson Basic Analysis And Security Engine 1.2.0
Kevin Johnson Basic Analysis And Security Engine 1.2.1
3 EDB exploits
NA
CVE-2006-0839
The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote malicious users to evade detection of certain attacks, possibly related to IP option lengths.
Sourcefire Snort 2.4.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
NEXT »