System compromise in Snort

Posted: January 23, 2013 in Vulnerabilities
Tags: ,


System compromise in Snort

Vulnerability: System compromise in Snort

Danger: Average
Patch: Yes
Number of vulnerabilities: 1

Vector operation: Local Network
Impact: System Compromise

Affected products: Snort 2.9.x

Affected versions: Snort, possibly other versions.


The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability is caused due to a boundary error in the function ‘rule20275eval ()’ in the file netbios_kb961501-smb-printss-reponse.c processing DCE / RPC responses. This can be exploited to cause a buffer overflow on the stack.

Successful exploitation allows execution of arbitrary code, but requires that praavilo ‘3-20275’ was included.

Manufacturer URL:

Solution: Install the update from the manufacturer.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s