Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:96FC14A67D03E6B5D7CBDCE0D945D14B
HistoryAug 28, 2007 - 12:00 a.m.

Snort Back Orifice Pre-Processor buffer overflow

2007-08-2800:00:00
SAINT Corporation
download.saintcorporation.com
11

0.948 High

EPSS

Percentile

99.3%

JSON

Added: 08/28/2007
CVE: CVE-2005-3252
BID: 15131
OSVDB: 20034

Background

Back Orifice is a remote system administration program for Windows. It is commonly installed by attackers or Trojan Horse programs for use as a backdoor.

Snort is an open-source intrusion detection system. It includes a Back Orifice pre-processor, which handles Back Orifice traffic before it is passed to the intrusion detection engine.

Problem

A buffer overflow vulnerability in the Back Orifice pre-processor in Snort could allow remote attackers to execute arbitrary commands by sending a specially crafted Back Orifice ping to a host on a network monitored by Snort.

Resolution

Upgrade to Snort 2.4.3 or higher.

References

<http://www.kb.cert.org/vuls/id/175500&gt;

Limitations

Exploit works on Snort 2.4.2 on Windows and Red Hat 8.

Platforms

Windows 2000
Windows XP SP0 / Windows XP SP1
Windows XP SP2 / Windows XP
Windows Server 2003 SP0
Windows Server 2003 SP1
Windows Server 2003 SP2 / Windows Server 2003
Linux

Related

openvas 4
checkpoint_advisories 1
saint 3
cert 1
packetstorm 1
canvas 2
ubuntucve 1
cve 1
nvd 1
cvelist 1
debiancve 1
openvas
openvas
FreeBSD Ports: snort
2008-09-04 00:00:00
SLES9: Security update for snort
2009-10-10 00:00:00
SLES9: Security update for snort
2009-10-10 00:00:00
checkpoint_advisories
checkpoint_advisories
Snort Back Orifice Pre-Processor Buffer Overflow - Improved Performance (CVE-2005-3252)
2013-04-04 00:00:00
saint
saint
Snort Back Orifice Pre-Processor buffer overflow
2007-08-28 00:00:00
Snort Back Orifice Pre-Processor buffer overflow
2007-08-28 00:00:00
Snort Back Orifice Pre-Processor buffer overflow
2007-08-28 00:00:00
cert
cert
Snort Back Orifice preprocessor buffer overflow
2005-10-18 00:00:00
packetstorm
packetstorm
Snort Back Orifice Stack Overflow
2009-10-27 00:00:00
canvas
canvas
Immunity Canvas: STINKY
2005-10-18 21:02:00
Immunity Canvas: STINKY_DEBUG
2005-10-18 17:02:00
ubuntucve
ubuntucve
CVE-2005-3252
2005-10-18 00:00:00
cve
cve
CVE-2005-3252
2005-10-18 21:02:00
nvd
nvd
CVE-2005-3252
2005-10-18 21:02:00
cvelist
cvelist
CVE-2005-3252
2005-10-18 04:00:00
debiancve
debiancve
CVE-2005-3252
2005-10-18 21:02:00

0.948 High

EPSS

Percentile

99.3%

JSON
Related for SAINT:96FC14A67D03E6B5D7CBDCE0D945D14B
openvas4checkpoint_advisories1saint3cert1packetstorm1canvas2ubuntucve1cve1nvd1cvelist1debiancve1