Published: 05/05/2003 Updated: 18/10/2016

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and previous versions allows remote malicious users to execute arbitrary code via large sequence numbers in packets, which enable a heap-based buffer overflow.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sourcefire snort 1.8.5
sourcefire snort 1.8.6
smoothwall smoothwall 2.0_beta_4
sourcefire snort 1.8
sourcefire snort 1.8.7
sourcefire snort 1.9
sourcefire snort 1.8.1
sourcefire snort 1.8.2
sourcefire snort 1.9.1
sourcefire snort 1.8.3
sourcefire snort 1.8.4

Two vulnerabilities have been discovered in Snort, a popular network intrusion detection system Snort comes with modules and plugins that perform a variety of functions such as protocol analysis The following issues have been identified: Heap overflow in Snort "stream4" preprocessor (VU#139129, CAN-2003-0209, Bugtraq Id 7178) Researchers at C ...

#!/bin/sh ########################################################## # p7snort191sh by truff (truff@projet7org) # # Snort 191 and below remote exploit # # # # Tested on Slackware 80 with Snort 191 from sources # # ...

NVD-CWE-Other http://www.kb.cert.org/vuls/id/139129 http://www.securityfocus.com/bid/7178 http://www.debian.org/security/2003/dsa-297 http://www.cert.org/advisories/CA-2003-13.html http://www.coresecurity.com/common/showdoc.php?idx=313&idxseccion=10 http://www.mandriva.com/security/advisories?name=MDKSA-2003:052 http://marc.info/?l=bugtraq&m=105154530427824&w=2 http://marc.info/?l=bugtraq&m=105043563016235&w=2 http://marc.info/?l=bugtraq&m=105111217731583&w=2 http://marc.info/?l=bugtraq&m=105172790914107&w=2 http://marc.info/?l=bugtraq&m=105103586927007&w=2 https://www.debian.org/security/./dsa-297 https://nvd.nist.gov https://www.exploit-db.com/exploits/18/https://www.kb.cert.org/vuls/id/139129

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2003-0209

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect