CVE-2003-0209: Buffer Overflow
First published: Wed Apr 16 2003(Updated: )
Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-based buffer overflow.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sourcefire Snort | =1.8.6 | |
| Sourcefire Snort | =1.9.1 | |
| Sourcefire Snort | =1.8.5 | |
| Sourcefire Snort | =1.9 | |
| Sourcefire Snort | =1.8.3 | |
| Sourcefire Snort | =1.8.2 | |
| Sourcefire Snort | =1.8 | |
| Sourcefire Snort | =1.8.4 | |
| Sourcefire Snort | =1.8.7 | |
| Smoothwall Smoothwall | =2.0_beta_4 | |
| Sourcefire Snort | =1.8.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.kb.cert.org/vuls/id/139129
- http://www.securityfocus.com/bid/7178
- http://www.debian.org/security/2003/dsa-297
- http://www.cert.org/advisories/CA-2003-13.html
- http://www.coresecurity.com/common/showdoc.php?idx=313&idxseccion=10
- http://www.mandriva.com/security/advisories?name=MDKSA-2003:052
- http://marc.info/?l=bugtraq&m=105154530427824&w=2
- http://marc.info/?l=bugtraq&m=105043563016235&w=2
- http://marc.info/?l=bugtraq&m=105111217731583&w=2
- http://marc.info/?l=bugtraq&m=105172790914107&w=2
- http://marc.info/?l=bugtraq&m=105103586927007&w=2
Frequently Asked Questions
What is the severity of CVE-2003-0209?
CVE-2003-0209 has a high severity rating due to its potential to allow remote code execution through a heap-based buffer overflow.
How do I fix CVE-2003-0209?
To fix CVE-2003-0209, update Snort to a version later than 2.0 that has addressed this vulnerability.
Which versions of Snort are affected by CVE-2003-0209?
CVE-2003-0209 affects Snort versions 1.8.x and 1.9.x.
Can CVE-2003-0209 be exploited remotely?
Yes, CVE-2003-0209 can be exploited remotely by sending specially crafted packets containing large sequence numbers.
What types of attacks are possible due to CVE-2003-0209?
Exploitation of CVE-2003-0209 could lead to arbitrary code execution, allowing attackers to gain control of the affected system.
- collector/nvd-historical
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/weakness
- agent/last-modified-date
- agent/remedy
- agent/severity
- agent/author
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- vendor/sourcefire
- canonical/sourcefire snort
- version/sourcefire snort/1.8.6
- version/sourcefire snort/1.9.1
- version/sourcefire snort/1.8.5
- version/sourcefire snort/1.9
- version/sourcefire snort/1.8.3
- version/sourcefire snort/1.8.2
- version/sourcefire snort/1.8
- version/sourcefire snort/1.8.4
- version/sourcefire snort/1.8.7
- vendor/smoothwall
- canonical/smoothwall smoothwall
- version/smoothwall smoothwall/2.0_beta_4
- version/sourcefire snort/1.8.1