CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
98.1%
Added: 07/09/2007
CVE: CVE-2006-5276
BID: 22616
OSVDB: 32094
Snort is an open-source intrusion detection system. It includes a DCE/RPC preprocessor, which reassembles DCE/RPC traffic before it is passed to the intrusion detection engine.
A buffer overflow vulnerability in the DCE/RPC preprocessor allows remote attackers to execute arbitrary commands by chaining together multiple **WriteAndX**
requests in the same TCP segment.
Upgrade to Snort 2.6.1.3 or higher.
<http://www.us-cert.gov/cas/techalerts/TA07-050A.html>
<http://www.snort.org/docs/advisory-2007-02-19.html>
Exploit works on Snort 2.6.1.1 on Windows and Snort 2.6.1.2 on Red Hat 8, and requires port 445/TCP to be open on the target.
Windows 2000
Windows XP SP0 / Windows XP SP1
Windows XP SP2 / Windows XP
Linux