CVE Vulnerabilities

CVE-2003-0209

Published: May 05, 2003 | Modified: Oct 18, 2016
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-based buffer overflow.

Affected Software

Name Vendor Start Version End Version
Smoothwall Smoothwall 2.0_beta_4 2.0_beta_4
Snort Sourcefire 1.8 1.8
Snort Sourcefire 1.8.1 1.8.1
Snort Sourcefire 1.8.2 1.8.2
Snort Sourcefire 1.8.3 1.8.3
Snort Sourcefire 1.8.4 1.8.4
Snort Sourcefire 1.8.5 1.8.5
Snort Sourcefire 1.8.6 1.8.6
Snort Sourcefire 1.8.7 1.8.7
Snort Sourcefire 1.9 1.9
Snort Sourcefire 1.9.1 1.9.1

References