Published: 20/02/2007 Updated: 17/10/2018

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Stack-based buffer overflow in the DCE/RPC preprocessor in Snort prior to 2.6.1.3, and 2.7 before beta 2; and Sourcefire Intrusion Sensor; allows remote malicious users to execute arbitrary code via crafted SMB traffic.

Vulnerable Product	Search on Vulmon	Subscribe to Product
snort snort 2.6.1
snort snort 2.6.1.1
sourcefire intrusion sensor 4.6
snort snort
sourcefire intrusion sensor 4.5
snort snort 2.7_beta1
sourcefire intrusion sensor 4.1

#!/usr/bin/python # # Remote exploit for Snort DCE/RPC preprocessor vulnerability as described in # CVE-2006-5276 The exploit binds a shell to TCP port 4444 and connects to it # This code was tested against snort-261 running on Red Hat Linux 8 # # Author shall bear no responsibility for any screw ups caused by using this code # Winny Thomas :-) ...

#!/usr/bin/python # # Snort DCE/RPC Preprocessor Buffer Overflow (DoS) # # Author: Trirat Puttaraksa <trir00t [at] gmailcom> # # sf-freedomblogspotcom # ###################################################### # For educational purpose only # # This exploit just crash Snort 261 on Fedora Core 4 However, Code Execution # may be pos ...

#!/usr/bin/python # # Snort DCE/RPC Preprocessor Buffer Overflow (Command Execution Version) # # Author: Trirat Puttaraksa <trir00t [at] gmailcom> # # sf-freedomblogspotcom # ###################################################### # For educational purpose only # # This exploit call calcexe on Windows XP SP2 + Snort 261 # # Note: ...

## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # web site for more information on licensing and terms of use # metasploitcom/ ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = GoodRanking include Msf::Exploit::Cap ...

NVD-CWE-Other http://iss.net/threats/257.html http://www.snort.org/docs/advisory-2007-02-19.html http://www.us-cert.gov/cas/techalerts/TA07-050A.html http://www116.nortelnetworks.com/pub/repository/CLARIFY/DOCUMENT/2007/08/021923-01.pdf http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=540173 http://security.gentoo.org/glsa/glsa-200703-01.xml http://www.osvdb.org/32094 http://www.securitytracker.com/id?1017669 http://www.securitytracker.com/id?1017670 http://secunia.com/advisories/24190 http://secunia.com/advisories/24235 http://secunia.com/advisories/24239 http://secunia.com/advisories/24240 http://secunia.com/advisories/24272 https://bugzilla.redhat.com/show_bug.cgi?id=229265 http://fedoranews.org/updates/FEDORA-2007-206.shtml http://www.kb.cert.org/vuls/id/196240 http://www.securityfocus.com/bid/22616 http://secunia.com/advisories/26746 http://www.vupen.com/english/advisories/2007/0668 http://www.vupen.com/english/advisories/2007/0656 https://exchange.xforce.ibmcloud.com/vulnerabilities/31275 https://www.exploit-db.com/exploits/3362 http://www.securityfocus.com/archive/1/461810/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/3609/https://www.kb.cert.org/vuls/id/196240

CVE-2006-5276

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect