CyberSec.Space Logo
返回 CVE 浏览器

CVE-2006-5276

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0290%
EPSS Percentile22.84th
Published2007年2月20日
Last Modified2026年4月23日

Vulnerability Description

Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 before beta 2; and Sourcefire Intrusion Sensor; allows remote attackers to execute arbitrary code via crafted SMB traffic.

Affected Platforms (CPE)

📦
Snort

Snort

<= 2.6.1.2
📦
Snort

Snort

= 2.6.1
📦
Snort

Snort

= 2.6.1.1
📦
Snort

Snort

= 2.7_beta1
📦
Sourcefire

Intrusion Sensor

= 4.1
📦
Sourcefire

Intrusion Sensor

= 4.1
📦
Sourcefire

Intrusion Sensor

= 4.5
📦
Sourcefire

Intrusion Sensor

= 4.5
📦
Sourcefire

Intrusion Sensor

= 4.6
📦
Sourcefire

Intrusion Sensor

= 4.6

References & Advisories

🔗 http://fedoranews.org/updates/FEDORA-2007-206.shtml
🔗 http://iss.net/threats/257.html
🔗 http://secunia.com/advisories/24190
🔗 http://secunia.com/advisories/24235
🔗 http://secunia.com/advisories/24239
🔗 http://secunia.com/advisories/24240
🔗 http://secunia.com/advisories/24272
🔗 http://secunia.com/advisories/26746

相关漏洞威胁

CVE-2003-020910.0

Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitr...

CVE-2003-003310.0

Buffer overflow in the RPC preprocessor for Snort 1.8 and 1.9.x before 1.9.1 allows remote attackers to execute arbitrary code via...

CVE-2009-42119.3

The U.S. Defense Information Systems Agency (DISA) Security Readiness Review (SRR) script for the Solaris x86 platform executes fi...

CVE-2016-14178.8

Untrusted search path vulnerability in Snort 2.9.7.0-WIN32 allows remote attackers to execute arbitrary code and conduct DLL hijac...