CVE-2007-1398 in Snortinfo

Summary

The frag3 preprocessor in Snort 2.6.1.1, 2.6.1.2, and 2.7.0 beta, when configured for inline use on Linux without the ip_conntrack module loaded, allows remote attackers to cause a denial of service (segmentation fault and application crash) via certain UDP packets produced by send_morefrag_packet and send_overlap_packet.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

03/10/2007

Disclosure

03/10/2007

Moderation

VulDB entry created

Entries

1: VDB-35551

CPE

ready

CWE

CWE-404 (Confirmed)

Exploit

Download

CVSS

7.5

EPSS

0.05741

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2007-1398
NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-1398
CVE Details	https://www.cvedetails.com/cve/CVE-2007-1398/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!