The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when printing TCP/IP options using FAST output or verbose mode, allows remote attackers to cause a denial of service (crash) via packets with invalid TCP/IP options, which trigger a null dereference.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Snort | Sourcefire | 2.1.0 (including) | 2.1.0 (including) |
Snort | Sourcefire | 2.1.1_rc1 (including) | 2.1.1_rc1 (including) |
Snort | Sourcefire | 2.1.3 (including) | 2.1.3 (including) |
Snort | Sourcefire | 2.2 (including) | 2.2 (including) |