CVE Details for CVE: CVE-2003-0033
Summary
Buffer overflow in the RPC preprocessor for Snort 1.8 and 1.9.x before 1.9.1 allows remote attackers to execute arbitrary code via fragmented RPC packets.
| Timestamps | |
|---|---|
| Last major update | 18-10-2016 - 02:28 |
| Published | 07-03-2003 - 05:00 |
| Last modified | 18-10-2016 - 02:28 |
References
- http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21951
- http://www.iss.net/security_center/static/10956.php
- http://www.securityfocus.com/bid/6963
- http://www.kb.cert.org/vuls/id/916785
- http://www.debian.org/security/2003/dsa-297
- http://www.linuxsecurity.com/advisories/engarde_advisory-2944.html
- http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:029
- http://www.cert.org/advisories/CA-2003-13.html
- http://www.osvdb.org/4418
- http://marc.info/?l=bugtraq&m=105154530427824&w=2
- http://marc.info/?l=bugtraq&m=104673386226064&w=2
- http://marc.info/?l=bugtraq&m=104716001503409&w=2
Vulnerable Configurations
-
cpe:2.3:a:snort:snort:1.8.0:*:*:*:*:*:*:*
cpe:2.3:a:snort:snort:1.8.0:*:*:*:*:*:*:*
-
cpe:2.3:a:snort:snort:1.8.7:*:*:*:*:*:*:*
cpe:2.3:a:snort:snort:1.8.7:*:*:*:*:*:*:*
-
cpe:2.3:a:snort:snort:1.9.0:*:*:*:*:*:*:*
cpe:2.3:a:snort:snort:1.9.0:*:*:*:*:*:*:*
-
cpe:2.3:a:snort:snort:1.8.5:*:*:*:*:*:*:*
cpe:2.3:a:snort:snort:1.8.5:*:*:*:*:*:*:*
-
cpe:2.3:a:snort:snort:1.8.6:*:*:*:*:*:*:*
cpe:2.3:a:snort:snort:1.8.6:*:*:*:*:*:*:*
-
cpe:2.3:a:snort:snort:1.8.1:*:*:*:*:*:*:*
cpe:2.3:a:snort:snort:1.8.1:*:*:*:*:*:*:*
-
cpe:2.3:a:snort:snort:1.8.2:*:*:*:*:*:*:*
cpe:2.3:a:snort:snort:1.8.2:*:*:*:*:*:*:*
-
cpe:2.3:a:snort:snort:1.8.3:*:*:*:*:*:*:*
cpe:2.3:a:snort:snort:1.8.3:*:*:*:*:*:*:*
-
cpe:2.3:a:snort:snort:1.8.4:*:*:*:*:*:*:*
cpe:2.3:a:snort:snort:1.8.4:*:*:*:*:*:*:*
CWE
CVSS
Base
10.0
Impact
10.0
Exploitability
10.0
Access
| Vector | Complexity | Authentication |
|---|---|---|
| NETWORK | LOW | NONE |
Impact
| Confidentiality | Integrity | Availability |
|---|---|---|
| COMPLETE | COMPLETE | COMPLETE |
CVSS3
None