Vulnerability Description
The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option lengths.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sourcefire | Snort | 2.4.3 |
References
- http://secunia.com/advisories/18959
- http://www.securityfocus.com/archive/1/425290/100/0/threaded
- http://www.securityfocus.com/bid/16705
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24811
- http://secunia.com/advisories/18959
- http://www.securityfocus.com/archive/1/425290/100/0/threaded
- http://www.securityfocus.com/bid/16705
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24811
FAQ
What is CVE-2006-0839?
CVE-2006-0839 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly ...
How severe is CVE-2006-0839?
CVE-2006-0839 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-0839?
Check the references section above for vendor advisories and patch information. Affected products include: Sourcefire Snort.