NVD

Id
85975  
Name
CVE-2017-6657  
Description
Cisco Sourcefire Snort 3.0 before build 233 mishandles Ether Type Validation. Since valid ether type and IP protocol numbers do not overlap, Snort++ stores all protocol decoders in a single array. That makes it possible to craft packets that have IP protocol numbers in the ether type field which will confuse the Snort++ decoder. For example, an eth:llc:snap:icmp6 packet will cause a crash because there is no ip6 header with which to calculate the icmp6 checksum. Affected decoders include gre, llc, trans_bridge, ciscometadata, linux_sll, and token_ring. The fix adds a check in the packet manager to validate the ether type before indexing the decoder array. An out of range ether type will raise 116:473.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:N/I:N/A:P)  
Pub Date
2017-07-18  
Published
2017-05-16  
Modified Date
2017-07-07  
Seq
2017-6657  

Actions

Related NVD References

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
67825 JVNDB-2017-004114 Cisco Sourcefire Snort におけるリソース管理に関する脆弱性 Cisco Sourcefire Snort には、リソース管理に関する脆弱性が存在します。 CVE-2017-6657 0 CVE-2017-6657 85975 5 7.5 http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-004114.html 2017-05-15 2017-06-16 View