Snort TCP Packet Reassembly Integer Overflow Vulnerability

A vulnerability has been discovered in Snort. The problem occurs during the reassembly of TCP packets by the stream4 preprocesser. By sending specially crafted fragmented packets across a network monitored by Snort, it may be possible to trigger an integer overflow. As a result, a buffer overflow may occur, effectively allowing a remote attacker to corrupt heap memory.

Successful exploitation of this issue could allow a remote attacker to execute arbitrary code on a target system.

This issue effects Snort releases prior to Snort 2.0 RC1.


Privacy Statement
Copyright 2010, SecurityFocus