Vulnerability Name:

CVE-2007-0251 (CCN-31487)

Assigned:2007-01-11
Published:2007-01-11
Updated:2018-10-16
Summary:Integer underflow in the DecodeGRE function in src/decode.c in Snort 2.6.1.2 allows remote attackers to trigger dereferencing of certain memory locations via crafted GRE packets, which may cause corruption of log files or writing of sensitive information into log files.
CVSS v3 Severity:5.6 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.8 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)
5.8 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
5.1 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
3.8 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: CCN
Type: BugTraq Mailing List, Thu Jan 11 2007 - 11:04:46 CST
Calyptix Security Advisory CX-2007-001 - Snort 2.6.1.2 Integer Underflow Vulnerability

Source: MITRE
Type: CNA
CVE-2007-0251

Source: MISC
Type: UNKNOWN
http://labs.calyptix.com/advisories/CX-2007-01.txt

Source: OSVDB
Type: UNKNOWN
32095

Source: OSVDB
Type: UNKNOWN
33464

Source: SREASON
Type: UNKNOWN
2165

Source: CCN
Type: SECTRACK ID: 1017507
Snort Integer Underflow in Processing the GRE Protocol May Let Remote Users Corrupt Log Files

Source: SECTRACK
Type: UNKNOWN
1017507

Source: CCN
Type: OSVDB ID: 32095
Snort DecodeGre() Integer Underflow

Source: CCN
Type: OSVDB ID: 33464
Snort DecodeGRE Function Crafted Packet Underflow Log Corruption

Source: BUGTRAQ
Type: UNKNOWN
20070111 Calyptix Security Advisory CX-2007-001 - Snort 2.6.1.2 Integer Underflow Vulnerability

Source: BID
Type: UNKNOWN
22004

Source: CCN
Type: BID-22004
Snort GRE Packet Decoding Integer Underflow Vulnerability

Source: CCN
Type: Snort Web site
Snort - the de facto standard for intrusion detection/prevention

Source: CONFIRM
Type: UNKNOWN
http://www.snort.org/got_source/source.html

Source: VUPEN
Type: UNKNOWN
ADV-2007-0152

Source: XF
Type: UNKNOWN
snort-gre-code-execution(31487)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:snort:snort:2.6.1.2:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:snort:snort:2.6.1.2:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    snort snort 2.6.1.2
    snort snort 2.6.1.2