5

CVE-2006-2769

Exploit
The HTTP Inspect preprocessor (http_inspect) in Snort 2.4.0 through 2.4.4 allows remote attackers to bypass "uricontent" rules via a carriage return (\r) after the URL and before the HTTP declaration.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SourcefireSnort Version2.4
SourcefireSnort Version2.4.1
SourcefireSnort Version2.4.2
SourcefireSnort Version2.4.3
SourcefireSnort Version2.4.4
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 10.81% 0.953
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.suse.com/archive/suse-security-announce/2006-Jun/0008.html
http://secunia.com/advisories/20766
Vendor Advisory
http://marc.info/?l=snort-devel&m=114909074311462&w=2
http://secunia.com/advisories/20413
Vendor Advisory
http://securityreason.com/securityalert/1018
http://securitytracker.com/id?1016191
Patch
Exploit
http://www.demarc.com/support/downloads/patch_20060531
Patch
Exploit
http://www.osvdb.org/25837
Patch
Exploit
http://www.securityfocus.com/archive/1/435600/100/0/threaded
http://www.securityfocus.com/archive/1/435734/100/0/threaded
http://www.securityfocus.com/archive/1/435797/100/0/threaded
http://www.securityfocus.com/archive/1/435872/100/0/threaded
http://www.securityfocus.com/bid/18200
Patch
Exploit
http://www.snort.org/pub-bin/snortnews.cgi#431
http://www.vupen.com/english/advisories/2006/2119
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/26855