The HTTP Inspect preprocessor (http_inspect) in Snort 2.4.0 up to and including 2.4.4 allows remote malicious users to bypass "uricontent" rules via a carriage return (\r) after the URL and before the HTTP declaration.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sourcefire snort 2.4.4 |
||
sourcefire snort 2.4 |
||
sourcefire snort 2.4.1 |
||
sourcefire snort 2.4.2 |
||
sourcefire snort 2.4.3 |