Sourcefire » Snort : Security Vulnerabilities, CVEs, CVSS score >= 6
CVE-2005-3252
Public exploit
Stack-based buffer overflow in the Back Orifice (BO) preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code via a crafted UDP packet.
Max CVSS
7.5
EPSS Score
94.82%
Published
2005-10-18
Updated
2011-03-08
The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when printing TCP/IP options using FAST output or verbose mode, allows remote attackers to cause a denial of service (crash) via packets with invalid TCP/IP options, which trigger a null dereference.
Max CVSS
7.8
EPSS Score
6.12%
Published
2004-12-31
Updated
2017-07-20
Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-based buffer overflow.
Max CVSS
10.0
EPSS Score
16.77%
Published
2003-05-05
Updated
2016-10-18
3 vulnerabilities found