CVE-2004-2652

Snort <2.3.0 - DoS

Title source: llm

Description

The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when printing TCP/IP options using FAST output or verbose mode, allows remote attackers to cause a denial of service (crash) via packets with invalid TCP/IP options, which trigger a null dereference.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Antimatt3r · cdoslinux

https://www.exploit-db.com/exploits/25047

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Marcin Zgorecki · cdoslinux

https://www.exploit-db.com/exploits/25046

View Code ZIP pw:eip

References (9)

[Patch, Vendor Advisory] http://secunia.com/advisories/13664

[Exploit, Patch] http://securitytracker.com/id?1012656

[Various Sources] http://www.frsirt.com/exploits/20041222.angelDust.c.php

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/18689

[Exploit] http://www.securityfocus.com/bid/12084

[Exploit] http://www.securiteam.com/exploits/6X00L20C0S.html

[Exploit] http://www.osvdb.org/12578

[Various Sources] http://www.snort.org/arc_news/

[Exploit, Vendor Advisory] http://taosecurity.blogspot.com/2004/12/details-on-snort-dos-condition-you-may.html

Scores

EPSS 0.2266

EPSS Percentile 95.9%

Details

Status published

Products (4)

sourcefire/snort 2.1.0

sourcefire/snort 2.1.1_rc1

sourcefire/snort 2.1.3

sourcefire/snort 2.2

Published Dec 31, 2004

Tracked Since Feb 18, 2026