FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2006-5276

This CVE name corresponds to:

Entered Topic
2007-02-21 snort -- DCE/RPC preprocessor vulnerability

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2006-5276 at cve.mitre.org

Details

Type Candidate
Name CVE-2006-5276
Phase Assigned(20061013)

Description

Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 before beta 2; and Sourcefire Intrusion Sensor; allows remote attackers to execute arbitrary code via crafted SMB traffic.

References

Source Reference
ISS 20070219 Sourcefire Snort Remote Buffer Overflow
BUGTRAQ 20070303 ERRATA: [ GLSA 200703-01 ] Snort: Remote execution of arbitrary code
MILW0RM 3362
MISC https://bugzilla.redhat.com/show_bug.cgi?id=229265
CONFIRM http://www.snort.org/docs/advisory-2007-02-19.html
CONFIRM http://www116.nortelnetworks.com/pub/repository/CLARIFY/DOCUMENT/2007/08/021923-01.pdf
CONFIRM http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=540173
FEDORA FEDORA-2007-2060
GENTOO GLSA-200703-01
CERT TA07-050A
CERT-VN VU#196240
BID 22616
VUPEN ADV-2007-0656
VUPEN ADV-2007-0668
OSVDB 32094
SECTRACK 1017669
SECTRACK 1017670
SECUNIA 24190
SECUNIA 24235
SECUNIA 24239
SECUNIA 24240
SECUNIA 24272
SECUNIA 26746
XF smb-bo(31275)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.