Vulnerability Details : CVE-2005-3252
Public exploit exists!
Stack-based buffer overflow in the Back Orifice (BO) preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code via a crafted UDP packet.
Vulnerability category: OverflowExecute code
Products affected by CVE-2005-3252
- cpe:2.3:a:sourcefire:snort:2.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:sourcefire:snort:2.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:sourcefire:snort:2.4.0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2005-3252
94.67%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2005-3252
-
Snort Back Orifice Pre-Preprocessor Buffer Overflow
Disclosure Date: 2005-10-18First seen: 2020-04-26exploit/linux/ids/snortbopreThis module exploits a stack buffer overflow in the Back Orifice pre-processor module included with Snort versions 2.4.0, 2.4.1, 2.4.2, and 2.4.3. This vulnerability could be used to completely compromise a Snort sensor, and would typically gain an attacker full ro
CVSS scores for CVE-2005-3252
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2005-3252
-
http://www.snort.org/docs/change_logs/2.4.3/Changelog.txt
-
http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0505.html
-
http://www.securityfocus.com/bid/15131
Snort Back Orifice Preprocessor Remote Stack Buffer Overflow Vulnerability
-
http://www.us-cert.gov/cas/techalerts/TA05-291A.html
Patch;Third Party Advisory;US Government Resource
-
http://www.vupen.com/english/advisories/2005/2138
-
http://securitytracker.com/id?1015070
-
http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL&DocumentOID=362187&RenditionID=
-
http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL&DocumentOID=363396&RenditionID=
-
http://xforce.iss.net/xforce/alerts/id/207
Vendor Advisory
-
http://www.kb.cert.org/vuls/id/175500
Patch;Third Party Advisory;US Government Resource
-
http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0010.html
Jump to