Vulnerability Details : CVE-2009-3641
Potential exploit
Snort before 2.8.5.1, when the -v option is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted IPv6 packet that uses the (1) TCP or (2) ICMP protocol.
Vulnerability category: Denial of service
Products affected by CVE-2009-3641
- cpe:2.3:a:snort:snort:*:*:*:*:*:*:*:*
- cpe:2.3:a:snort:snort:1.6:*:*:*:*:*:*:*
- cpe:2.3:a:snort:snort:1.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:snort:snort:1.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:snort:snort:1.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:snort:snort:1.8.7:*:*:*:*:*:*:*
- cpe:2.3:a:snort:snort:1.9.0:*:*:*:*:*:*:*
- cpe:2.3:a:snort:snort:1.8.5:*:*:*:*:*:*:*
- cpe:2.3:a:snort:snort:1.8.6:*:*:*:*:*:*:*
- cpe:2.3:a:snort:snort:1.8.3:*:*:*:*:*:*:*
- cpe:2.3:a:snort:snort:1.8.4:*:*:*:*:*:*:*
- cpe:2.3:a:snort:snort:2.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:snort:snort:2.6.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:snort:snort:2.7_beta1:*:*:*:*:*:*:*
- cpe:2.3:a:snort:snort:2.6.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:snort:snort:2.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:snort:snort:2.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:snort:snort:2.8.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:snort:snort:2.8.3:*:*:*:*:*:*:*
- cpe:2.3:a:snort:snort:2.0:beta:*:*:*:*:*:*
- cpe:2.3:a:snort:snort:2.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:snort:snort:2.8.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:snort:snort:2.8.3.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:snort:snort:1.9.1:*:*:*:*:*:*:*
- cpe:2.3:a:snort:snort:2.8.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:snort:snort:2.8.3.2:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2009-3641
7.97%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 94 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2009-3641
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:N/A:P |
8.6
|
2.9
|
NIST |
References for CVE-2009-3641
-
https://bugzilla.redhat.com/show_bug.cgi?id=530863
530863 – (CVE-2009-3641) CVE-2009-3641 Snort: DoS (crash) while printing specially-crafted IPv6 packet using the -v optionExploit
-
http://dl.snort.org/snort-current/release_notes_2851.txt
dl.snort.org | 525: SSL handshake failedVendor Advisory
-
http://vrt-sourcefire.blogspot.com/2009/10/snort-2851-release.html
RedirectingPatch
-
http://seclists.org/fulldisclosure/2009/Oct/299
Full Disclosure: Snort <= 2.8.5 IPV6 Remote DoSExploit;Patch
-
http://www.vupen.com/english/advisories/2009/3014
Site en constructionVendor Advisory
-
http://www.openwall.com/lists/oss-security/2009/10/25/5
oss-security - SANS: Security Thought LeadersRe: CVE Request -- Snort - 2.8.5.1
-
http://www.securityfocus.com/bid/36795
Exploit;Patch
-
http://securitytracker.com/id?1023076
Access Denied
-
http://marc.info/?l=oss-security&m=125649553414700&w=2
'[oss-security] CVE Request -- Snort - 2.8.5.1' - MARC
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/53912
Snort IPv6 denial of service CVE-2009-3641 Vulnerability Report
Jump to