Lucene search

[email protected]CVE-2007-0251

HistoryJan 16, 2007 - 11:28 p.m.

CVE-2007-0251

2007-01-1623:28:00

[email protected]

web.nvd.nist.gov

cve-2007-0251

snort

integer underflow

decodegre

memory corruption

gre packets

security vulnerability

nvd

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.4 Medium

AI Score

Confidence

High

0.05 Low

EPSS

Percentile

92.9%

JSON

Integer underflow in the DecodeGRE function in src/decode.c in Snort 2.6.1.2 allows remote attackers to trigger dereferencing of certain memory locations via crafted GRE packets, which may cause corruption of log files or writing of sensitive information into log files.

Affected configurations

NVD

Node

snortsnortMatch2.6.1.2

CPENameOperatorVersion
snort:snortsnorteq2.6.1.2

CPE	Name	Operator	Version
snort:snort	snort	eq	2.6.1.2

References

labs.calyptix.com/advisories/CX-2007-01.txt

osvdb.org/32095

osvdb.org/33464

securityreason.com/securityalert/2165

securitytracker.com/id?1017507

www.securityfocus.com/archive/1/456598/100/0/threaded

www.securityfocus.com/bid/22004

www.snort.org/got_source/source.html

www.vupen.com/english/advisories/2007/0152

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.4 Medium

AI Score

Confidence

High

0.05 Low

EPSS

Percentile

92.9%

JSON

Related for CVE-2007-0251

ubuntucve1 debiancve1 prion1 securityvulns1 cvelist1 nvd1