Snort RPC Preprocessor Fragment Reassembly Buffer Overflow Vulnerability

Bugtraq ID:	6963
Class:	Boundary Condition Error
CVE:	CAN-2003-0033
Remote:	Yes
Local:	No
Published:	Mar 03 2003 12:00AM
Updated:	Mar 03 2003 12:00AM
Credit:	Discovered by ISS X-Force.
Vulnerable:	Snort Project Snort 1.9 + Gentoo Linux 1.4 _rc3 + Gentoo Linux 1.4 _rc2 Snort Project Snort 1.8.7 Snort Project Snort 1.8.6 Snort Project Snort 1.8.5 Snort Project Snort 1.8.4 beta1 + Debian Linux 3.0 sparc + Debian Linux 3.0 s/390 + Debian Linux 3.0 ppc + Debian Linux 3.0 mipsel + Debian Linux 3.0 mips + Debian Linux 3.0 m68k + Debian Linux 3.0 ia-64 + Debian Linux 3.0 ia-32 + Debian Linux 3.0 hppa + Debian Linux 3.0 arm + Debian Linux 3.0 alpha + Debian Linux 3.0 Snort Project Snort 1.8.4 Snort Project Snort 1.8.3 Snort Project Snort 1.8.2 Snort Project Snort 1.8.1 Snort Project Snort 1.8 + Conectiva Linux 8.0 SmoothWall SmoothWall 2.0 beta 4 SmoothWall SmoothWall 1.0

Not Vulnerable:	Snort Project Snort 1.9.1 + MandrakeSoft Corporate Server 2.1 + MandrakeSoft Linux Mandrake 9.1 ppc + MandrakeSoft Linux Mandrake 9.1 + MandrakeSoft Linux Mandrake 9.0 + MandrakeSoft Linux Mandrake 8.2 ppc + MandrakeSoft Linux Mandrake 8.2 + MandrakeSoft Multi Network Firewall 2.0