CVE-2003-0209

Description

Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-based buffer overflow.

Reserved 2003-04-15 | Published 2003-04-16 | Updated 2024-08-08 | Assigner mitre

References

marc.info/?l=bugtraq&m=105103586927007&w=2 (20030422 GLSA: snort (200304-05)) mailing-list

www.securityfocus.com/bid/7178 (7178) vdb-entry

www.cert.org/advisories/CA-2003-13.html (CA-2003-13) third-party-advisory

marc.info/?l=bugtraq&m=105043563016235&w=2 (20030415 CORE-2003-0307: Snort TCP Stream Reassembly Integer Overflow Vulnerability) mailing-list

marc.info/?l=bugtraq&m=105172790914107&w=2 (ESA-20030430-013) vendor-advisory

www.kb.cert.org/vuls/id/139129 (VU#139129) third-party-advisory

www.debian.org/security/2003/dsa-297 (DSA-297) vendor-advisory

marc.info/?l=bugtraq&m=105111217731583&w=2 (20030423 Snort <=1.9.1 exploit) mailing-list

www.mandriva.com/security/advisories?name=MDKSA-2003:052 (MDKSA-2003:052) vendor-advisory

www.coresecurity.com/...on/showdoc.php?idx=313&idxseccion=10

marc.info/?l=bugtraq&m=105154530427824&w=2 (20030428 GLSA: snort (200304-06)) mailing-list

cve.org (CVE-2003-0209)

nvd.nist.gov (CVE-2003-0209)

Download JSON