header-logo
Suggest Exploit
vendor:
Snort
by:
Pablo
7.5
CVSS
HIGH
Logging Alert Evasion, Logfile Corruption/Alert Falsify
20
CWE
Product Name: Snort
Affected Version From: snort-2.8.1
Affected Version To: snort-2.8.4
Patch Exists: YES
Related CWE: N/A
CPE: a:snort:snort
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

Snort unified 1 IDS Logging Alert Evasion, Logfile Corruption/Alert Falsify

A vulnerability was discovered in Snort versions 2.8.1 to 2.8.4, which allowed an attacker to evade logging and falsify alerts. The vulnerability was fixed in version 2.8.5.

Mitigation:

Upgrade to version 2.8.5 or later
Source

Exploit-DB raw data:

Advisory:
=========
Snort unified 1 IDS Logging Alert Evasion, Logfile Corruption/Alert Falsify


Log:
====
30/06/2009 Bug detected.
20/07/2009 First mail with snort team.
20/07/2009 Snort team answer they will fix it in the next release (2.8.5).
16/09/2009 Snort release, bug fixed.


Affected Versions:
==================
snort-2.8.1
snort-2.8.2
snort-2.8.3
snort-2.8.4
snort-2.8.5.beta*

link: http://pablo-secdev.blogspot.com/2009/09/snort-28-285stable-unified1-output-bug.html
poc: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/2009-snort-unified1_bug.tar.gz
# milw0rm.com [2009-09-21]

Navigation

Suggest Exploit

Services By CQR