CVE-2006-5276

Severity

99%

Complexity

99%

Confidentiality

165%

Upgrade to the latest version of Snort (2.6.1.3 or later), available from the Snort Web site.

Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 before beta 2; and Sourcefire Intrusion Sensor; allows remote attackers to execute arbitrary code via crafted SMB traffic.

All affected Sourcefire Intrustion Sensor products are only vulnerable if they are used with SEUs prior to SEU 64.

Upgrade to the latest version of Snort (2.6.1.3 or later), available from the Snort Web site.

CVSS 2.0 Base Score 9.9. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C).

Overview

First reported 18 years ago

2007-02-20 01:28:00

Last updated 6 years ago

2018-10-17 21:41:00

Affected Software

Snort Snort 2.6.1

2.6.1

Snort Snort 2.6.1.1

2.6.1.1

Snort Snort

Snort Snort 2.7 Beta1

2.7_beta1

References

FEDORA-2007-2060

20070219 Sourcefire Snort Remote Buffer Overflow

Vendor Advisory

24190

24235

24239

24240

24272

26746

GLSA-200703-01

VU#196240

US Government Resource

32094

20070303 ERRATA: [ GLSA 200703-01 ] Snort: Remote execution of arbitrary code

22616

1017669

1017670

http://www.snort.org/docs/advisory-2007-02-19.html

Vendor Advisory

TA07-050A

Third Party Advisory, US Government Resource

ADV-2007-0656

ADV-2007-0668

http://www116.nortelnetworks.com/pub/repository/CLARIFY/DOCUMENT/2007/08/021923-01.pdf

http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=540173

https://bugzilla.redhat.com/show_bug.cgi?id=229265

smb-bo(31275)

3362

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.