Snort Information for VU#175500

Snort Back Orifice preprocessor buffer overflow

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

Please see http://www.snort.org/pub-bin/snortnews.cgi#99

In addition, the following is from the Snort version 2.4.3 Release notes:

    2005-10-17 - Snort 2.4.3 Released
    [*] Improvements
       * Fixed possible buffer overflow in  back orifice preprocessor.
       * Added snort.conf options to bo preprocessor for finer control of
         alerting and dropping of bo traffic.
       * Added alert to detect the bo buffer overflow attack against snort.

    If you have feedback, comments, or additional information about this vulnerability, please send us email.