Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2009-3641

Published: 28/10/2009 Updated: 17/08/2017
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 440
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Subscribe to Snort

Vulnerability Summary

Snort prior to 2.8.5.1, when the -v option is enabled, allows remote malicious users to cause a denial of service (application crash) via a crafted IPv6 packet that uses the (1) TCP or (2) ICMP protocol.

Vulnerable Product Search on Vulmon Subscribe to Product

snort snort 1.8.0

snort snort 1.8.1

snort snort 1.8.4

snort snort 1.8.5

snort snort 2.0

snort snort 1.9.0

snort snort 2.8.0

snort snort 2.8.2.2

snort snort 2.8.3

snort snort 1.8.7

snort snort 1.6

snort snort 2.6.1.1

snort snort 2.6.1

snort snort

snort snort 1.8.6

snort snort 2.6.2

snort snort 2.6.1.2

snort snort 2.8.3.4

snort snort 2.8.3.4.1

snort snort 1.8.2

snort snort 1.8.3

snort snort 1.9.1

snort snort 2.7_beta1

snort snort 2.8.3.1

snort snort 2.8.3.2

Vendor Advisories

Debian CVElist Bug Report Logs: CVE-2009-3641: DoS while printing specially-crafted IPv6 packet using the -v option
Debian Bug report logs - #553584 CVE-2009-3641: DoS while printing specially-crafted IPv6 packet using the -v option Package: snort; Maintainer for snort is Javier Fernández-Sanguino Peña <jfs@debianorg>; Source for snort is src:snort (PTS, buildd, popcon) Reported by: Giuseppe Iuculano <iuculano@debianorg> Date: ...

Exploits

Exploit DB: Snort 2.8.5 - IPv6 Denial of Service
============================================= - Date: October 22th, 2009 - Discovered by: Laurent Gaffi� - Severity: Low ============================================= I VULNERABILITY ------------------------- Snort <= 285 IPV6 Remote DoS II DESCRIPTION ------------------------- A remote DoS was present in Snort 285 when parsi ...
Exploit DB: Snort 2.8.5 - Multiple Denial of Service Vulnerabilities
source: wwwsecurityfocuscom/bid/36795/info Snort is prone to multiple denial-of-service vulnerabilities because the application fails to properly process specially crafted IPv6 packets Attackers can exploit these issues to crash the affected application, causing denial-of-service conditions These issues affect Snort 285; other versi ...

References

NVD-CWE-Otherhttp://secunia.com/advisories/37135http://dl.snort.org/snort-current/release_notes_2851.txthttp://securitytracker.com/id?1023076https://bugzilla.redhat.com/show_bug.cgi?id=530863http://www.vupen.com/english/advisories/2009/3014http://www.securityfocus.com/bid/36795http://vrt-sourcefire.blogspot.com/2009/10/snort-2851-release.htmlhttp://www.openwall.com/lists/oss-security/2009/10/25/5http://marc.info/?l=oss-security&m=125649553414700&w=2http://seclists.org/fulldisclosure/2009/Oct/299http://www.osvdb.org/59159https://exchange.xforce.ibmcloud.com/vulnerabilities/53912https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=553584https://nvd.nist.govhttps://www.exploit-db.com/exploits/9969/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028memory leaklog injectionCVE-2024-3400CVE-2022-48695CVE-2022-48675CVE-2024-34487CVE-2024-33792spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook