Two vulnerabilities in the protocol decoders of Snort++ (Snort 3) could allow an unauthenticated, remote malicious user to create a Denial of Service (DoS) condition. The vulnerabilities are due to lack of validation in the protocol decoders. An attacker could exploit these vulnerabilities by crafting a malicious packet and sending it through the targeted device. A successful exploit could allow the malicious user to cause a DoS condition if the Snort process restarts and traffic inspection is bypassed or traffic is dropped. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170515-snort
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco snort\\+\\+ - |