Check Point Reference: | CPAI-2007-038 |
Date Published: | 29 Mar 2007 |
Severity: | Medium |
Last Updated: | Wednesday 25 April, 2007 |
Source: | |
Industry Reference: | CVE-2007-1398 |
Protection Provided by: | |
Who is Vulnerable? | Project Snort 2.6.1.1 Project Snort 2.6.1.2 Project Snort 2.7.0 beta |
Vulnerability Description | Snort is an open source network intrusion prevention and detection system. The frag3 preprocessor in Snort when configured for inline use on Linux is prone to a denial of service vulnerability. A remote attacker could exploit this issue to cause the application to crash on a target system. |
Vulnerability Details | The vulnerability is due to an error in Snort Intrusion Detection System when it reassembles fragmented packets. The system fails to properly handle overlapping IP fragments. An attacker can trigger this flaw by sending a crafted packet followed by a malformed overlap packet. Successful exploitation of this flaw will cause the Snort Intrusion Detection System to crash. |