Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-based buffer overflow.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Smoothwall | Smoothwall | 2.0_beta_4 (including) | 2.0_beta_4 (including) |
| Snort | Sourcefire | 1.8 (including) | 1.8 (including) |
| Snort | Sourcefire | 1.8.1 (including) | 1.8.1 (including) |
| Snort | Sourcefire | 1.8.2 (including) | 1.8.2 (including) |
| Snort | Sourcefire | 1.8.3 (including) | 1.8.3 (including) |
| Snort | Sourcefire | 1.8.4 (including) | 1.8.4 (including) |
| Snort | Sourcefire | 1.8.5 (including) | 1.8.5 (including) |
| Snort | Sourcefire | 1.8.6 (including) | 1.8.6 (including) |
| Snort | Sourcefire | 1.8.7 (including) | 1.8.7 (including) |
| Snort | Sourcefire | 1.9 (including) | 1.9 (including) |
| Snort | Sourcefire | 1.9.1 (including) | 1.9.1 (including) |
References
- http://marc.info/?l=bugtraq\u0026m=105043563016235\u0026w=2
- http://marc.info/?l=bugtraq\u0026m=105103586927007\u0026w=2
- http://marc.info/?l=bugtraq\u0026m=105111217731583\u0026w=2
- http://marc.info/?l=bugtraq\u0026m=105154530427824\u0026w=2
- http://marc.info/?l=bugtraq\u0026m=105172790914107\u0026w=2
- http://www.cert.org/advisories/CA-2003-13.html
- http://www.coresecurity.com/common/showdoc.php?idx=313\u0026idxseccion=10
- http://www.debian.org/security/2003/dsa-297
- http://www.kb.cert.org/vuls/id/139129
- http://www.mandriva.com/security/advisories?name=MDKSA-2003:052
- http://www.securityfocus.com/bid/7178
- http://marc.info/?l=bugtraq\u0026m=105043563016235\u0026w=2
- http://marc.info/?l=bugtraq\u0026m=105103586927007\u0026w=2
- http://marc.info/?l=bugtraq\u0026m=105111217731583\u0026w=2
- http://marc.info/?l=bugtraq\u0026m=105154530427824\u0026w=2
- http://marc.info/?l=bugtraq\u0026m=105172790914107\u0026w=2
- http://www.cert.org/advisories/CA-2003-13.html
- http://www.coresecurity.com/common/showdoc.php?idx=313\u0026idxseccion=10
- http://www.debian.org/security/2003/dsa-297
- http://www.kb.cert.org/vuls/id/139129
- http://www.mandriva.com/security/advisories?name=MDKSA-2003:052
- http://www.securityfocus.com/bid/7178