Red Hat Bugzilla – Bug 229265
CVE-2006-5276 Vulnerability in Snort DCE/RPC Preprocessor
Last modified: 2007-11-30 17:11:57 EST
Description of problem:
Sourcefire has learned of a remotely exploitable vulnerability in the Snort
DCE/RPC preprocessor. This preprocessor is vulnerable to a stack-based buffer
overflow that could potentially allow attackers to execute code with the same
privileges as the Snort binary. Sourcefire has prepared updates for Snort
open-source software to address this issue.
Version-Release number of selected component (if applicable):
Snort Versions Affected:
* Snort 2.6.1, 220.127.116.11, and 18.104.22.168
* Snort 2.7.0 beta 1
Steps to Reproduce:
snort-22.214.171.124-3.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.