CVE-2004-2652

The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when printing TCP/IP options using FAST output or verbose mode, allows remote attackers to cause a denial of service (crash) via packets with invalid TCP/IP options, which trigger a null dereference.

Date published : 2005-12-18

http://www.securityfocus.com/bid/12084

http://www.snort.org/arc_news/