CVE-2004-2652

CVE Database · CVE-2004-2652

CVE-2004-2652

· N/AModified

CVSS v3.1

N/A

EPSS

11.19%

Published

Dec 31, 2004

Modified

Apr 15, 2026

Public PoC / Exploit (2)

All weaponized →

Exploit-DBSnort 2.1/2.2 - DecodeTCPOptions Remote Denial of Service (1)Exploit-DBSnort 2.1/2.2 - DecodeTCPOptions Remote Denial of Service (2)

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when printing TCP/IP options using FAST output or verbose mode, allows remote attackers to cause a denial of service (crash) via packets with invalid TCP/IP options, which trigger a null dereference.

Affected Products (4)

sourcefire · snortvulnerable

References (18)

http://secunia.com/advisories/13664

PatchVendor Advisory

http://securitytracker.com/id?1012656

ExploitPatch

http://taosecurity.blogspot.com/2004/12/details-on-snort-dos-condition-you-may.html

ExploitVendor Advisory

http://www.frsirt.com/exploits/20041222.angelDust.c.php

http://www.osvdb.org/12578

Exploit

http://www.securiteam.com/exploits/6X00L20C0S.html

Exploit

http://www.securityfocus.com/bid/12084

KEV Catalog EPSS Scores Vendors All CVEs