Intrusion Prevention

Snort.Packet.Fragmentation.Reassembly.DoS

Description

This indicates an attack attempt against a denial-of-service vulnerability
in Sourcefire Snort.
The vulnerability is caused by an error that occurs when the frag3 preprocessor handles malicious UDP packets. A remote attacker may exploit this to crash the host via certain fragmented UDP packets.

Affected Products

Snort Project Snort 2.6.1 .2
Snort Project Snort 2.6.1 .1
Snort Project Snort 2.7.0 beta 1

Impact

Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

We are not aware of any vendor-supplied patch for this vulnerability as of this writing.

CVE References

CVE-2007-1398