The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Snort

Snort: data transit via TFO Policy Bypass
An attacker can bypass filtering rules via TFO Policy Bypass of Snort, in order to transmit malicious data...
cisco-sa-snort-tfo-bypass-MmzZrtes, CSCvt43136, CSCvu88532, CVE-2021-1224, VIGILANCE-VUL-34314
Snort: denial of service via Ethernet Frame Decoder
An attacker can trigger a fatal error via Ethernet Frame Decoder of Snort, in order to trigger a denial of service...
CERTFR-2021-AVI-166, cisco-sa-snort-ethernet-dos-HGXgJH8n, CSCvu88170, CVE-2021-1285, VIGILANCE-VUL-34752
Snort: data transit via HTTP Detection Bypass
An attacker can bypass filtering rules via HTTP Detection Bypass of Snort, in order to transmit malicious data...
CERTFR-2020-AVI-671, cisco-sa-ftd-bypass-3eCfd24j, CSCvm69545, CSCvq96573, CVE-2020-3299, VIGILANCE-VUL-33661
Snort: denial of service via SMB
An attacker can send malicious SMB packets to Snort, in order to trigger a denial of service...
cisco-sa-20190501-frpwr-smb-snort, CVE-2019-1696, CVE-2019-1704, VIGILANCE-VUL-29400
Snort: executing DLL code via tcapi.dll
An attacker can create a malicious tcapi.dll DLL, and then put it in the current directory of Snort, in order to execute code...
CVE-2016-1417, VIGILANCE-VUL-20752
Snort: buffer overflow of Sourcefire VRT Rules
When the administrator installed Sourcefire VRT Rules, and enabled the rule "3:20275", an attacker can use the DCE RPC EnumeratePrintShares function, in order to trigger an overflow in Snort, which may lead to code execution...
BID-57476, CERTA-2013-AVI-056, VIGILANCE-VUL-12343
IDS, IPS: Advanced Evasion Techniques
Twenty three cases of standard techniques of packets variations are not detected by most IDS/IPS...
CVE-2010-0102, SBP-2010-31, SBP-2010-32, SBP-2010-33, SBP-2010-34, SBP-2010-35, VIGILANCE-VUL-10227
Snort: denials of service of IPv6
When IPv6 is enabled, an attacker can send malformed packets in order to stop Snort...
BID-36795, CVE-2009-3641, FEDORA-2009-10751, FEDORA-2009-10783, VIGILANCE-VUL-9117
Snort: corruption of unified logs
When the unified logging is enabled, an attacker can send special packets in order to corrupt the log file of Snort...
BID-36473, VIGILANCE-VUL-9036
Snort: bypassing with fragments
An attacker can fragment his IP packets in order to bypass all Snort rules...
BID-29327, CERTA-2008-AVI-261, CVE-2008-1804, FEDORA-2008-4986, FEDORA-2008-5001, FEDORA-2008-5045, MDVSA-2009:259, MDVSA-2009:259-1, VIGILANCE-VUL-7846
Our database contains other pages. You can request a free trial to read them.

Display information about Snort: