Vulnerability: System compromise in Snort
Number of vulnerabilities: 1
Vector operation: Local Network
Impact: System Compromise
Affected products: Snort 2.9.x
Affected versions: Snort 220.127.116.11, possibly other versions.
The vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability is caused due to a boundary error in the function ‘rule20275eval ()’ in the file netbios_kb961501-smb-printss-reponse.c processing DCE / RPC responses. This can be exploited to cause a buffer overflow on the stack.
Successful exploitation allows execution of arbitrary code, but requires that praavilo ‘3-20275′ was included.
Manufacturer URL: http://www.snort.org/
Solution: Install the update from the manufacturer.