The DecodeTCPOptions function in decode.c in Snort prior to 2.3.0, when printing TCP/IP options using FAST output or verbose mode, allows remote malicious users to cause a denial of service (crash) via packets with invalid TCP/IP options, which trigger a null dereference.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sourcefire snort 2.1.0 |
||
sourcefire snort 2.1.1_rc1 |
||
sourcefire snort 2.1.3 |
||
sourcefire snort 2.2 |