CVE-2004-2652

High

7.8/10

Summary

The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when printing TCP/IP options using FAST output or verbose mode, allows remote attackers to cause a denial of service (crash) via packets with invalid TCP/IP options, which trigger a null dereference.

Access Complexity: LOW
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: NONE
Confidentiality Impact: NONE
Availability Impact: COMPLETE

References

Advisory Timeline

Published Dec 31, 2004

CVE-2004-2652

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS