NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2008-1804

Summary	preprocessors/spp_frag3.c in Sourcefire Snort before 2.8.1 does not properly identify packet fragments that have dissimilar TTL values, which allows remote attackers to bypass detection rules by using a different TTL for each fragment.
Publication Date	May 22, 2008, 10:09 p.m.
Registration Date	Jan. 29, 2021, 1:35 p.m.
Last Update	Aug. 8, 2017, 10:30 a.m.

CVSS2.0 : MEDIUM
Score	6.8
Vector	AV:N/AC:M/Au:N/C:P/I:P/A:P
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	中
攻撃前の認証要否(Au)	不要
機密性への影響(C)	低
完全性への影響(I)	低
可用性への影響(A)	低
Get all privileges.	いいえ
Get user privileges	いいえ
Get other privileges	はい
User operation required	いいえ

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:a:snort:snort::::::::			2.8.0

Related information, measures and tools

No	URL	refsource	タグ
1	http://cvs.snort.org/viewcvs.cgi/snort/ChangeLog?rev=1.534.2.11	CONFIRM
2	http://cvs.snort.org/viewcvs.cgi/snort/src/preprocessors/spp_frag3.c.diff?r1=text&tr1=1.46.2.4&r2=text&tr2=1.46.2.5&diff_format=h	CONFIRM
3	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=701	IDEFENSE
4	http://secunia.com/advisories/30348	SECUNIA
5	http://secunia.com/advisories/30563	SECUNIA
6	http://secunia.com/advisories/31204	SECUNIA
7	http://securitytracker.com/id?1020081	SECTRACK
8	http://www.ipcop.org/index.php?name=News&file=article&sid=40	CONFIRM
9	http://www.securityfocus.com/bid/29327	BID
10	http://www.vupen.com/english/advisories/2008/1602	VUPEN
11	https://exchange.xforce.ibmcloud.com/vulnerabilities/42584	XF
12	https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00156.html	FEDORA
13	https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00167.html	FEDORA
14	https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00198.html	FEDORA

Common Vulnerabilities List