VDB
CVE-2009-3641
CVE-2009-3641
PUBLISHED
CVSS 4.300000190734863 MEDIUM
Snort before 2.8.5.1, when the -v option is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted IPv6 packet that uses the (1) TCP or (2) ICMP protocol.
EPSS 33.24% · 97.0th percentile
Risk Scores
CVSS 2.0
4.300000190734863
EPSS Score
33.24%
97.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | * |
| snort | snort | 0, 1.6, 1.8.0 |
Timeline
- Oct 22, 2009 PoC Published
- Oct 23, 2009 PoC Published
- Oct 28, 2009 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 2, 2022 CVE Updated
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
References
- 59159 vdb
- 36795 vdb
- 1023076 vdb
- http://dl.snort.org/snort-current/release_notes_2851.txt url
- 37135 third-party-advisory
- [oss-security] 20091025 CVE Request -- Snort - 2.8.5.1 mailing-list
- http://vrt-sourcefire.blogspot.com/2009/10/snort-2851-release.html url
- ADV-2009-3014 vdb
- snort-ipv6-dos(53912) vdb
- [oss-security] 20091025 SANS: Security Thought LeadersRe: CVE Request -- Snort - 2.8.5.1 mailing-list
- 20091022 Snort <= 2.8.5 IPV6 Remote DoS mailing-list
- https://bugzilla.redhat.com/show_bug.cgi?id=530863 url
- https://nvd.nist.gov/vuln/detail/CVE-2009-3641 advisory