CVE-2003-0209

Smoothwall - Buffer Overflow

Title source: rule

Exploitation Summary

EIP tracks 1 public exploit for CVE-2003-0209. PoCs published by truff.

AI-analyzed exploit summary This exploit targets a remote buffer overflow in Snort 1.9.1 and below by sending maliciously crafted packets via hping2. It includes a connect-back shellcode to establish a reverse shell to the attacker's specified IP and port.

Description

Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-based buffer overflow.

Exploits (1)

exploitdb WORKING POC VERIFIED

by truff · bashremotelinux

https://www.exploit-db.com/exploits/18

View Code ZIP pw:eip

This exploit targets a remote buffer overflow in Snort 1.9.1 and below by sending maliciously crafted packets via hping2. It includes a connect-back shellcode to establish a reverse shell to the attacker's specified IP and port.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Snort 1.9.1 and below

No auth needed

Prerequisites: hping2 installed · network access to target · listener set up on attacker's machine

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (11)

Core 11

Core References

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=105103586927007&w=2

Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/7178

US Government Resource third-party-advisory x_refsource_cert

http://www.cert.org/advisories/CA-2003-13.html

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=105043563016235&w=2

Mailing List vendor-advisory x_refsource_engarde

http://marc.info/?l=bugtraq&m=105172790914107&w=2

Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/139129

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2003/dsa-297

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=105111217731583&w=2

Vendor Advisory vendor-advisory x_refsource_mandrake

http://www.mandriva.com/security/advisories?name=MDKSA-2003:052

Various Sources x_refsource_misc

http://www.coresecurity.com/common/showdoc.php?idx=313&idxseccion=10

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=105154530427824&w=2

Scores

EPSS 0.3803

EPSS Percentile 98.4%

Details

Status published

Products (11)

smoothwall/smoothwall 2.0_beta_4

sourcefire/snort 1.8

sourcefire/snort 1.8.1

sourcefire/snort 1.8.2

sourcefire/snort 1.8.3

sourcefire/snort 1.8.4

sourcefire/snort 1.8.5

sourcefire/snort 1.8.6

sourcefire/snort 1.8.7

sourcefire/snort 1.9

... and 1 more

Published May 05, 2003

Tracked Since Feb 18, 2026