CVE-2006-6931
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
16/01/2007
Last modified:
09/04/2025
Description
Algorithmic complexity vulnerability in Snort before 2.6.1, during predicate evaluation in rule matching for certain rules, allows remote attackers to cause a denial of service (CPU consumption and detection outage) via crafted network traffic, aka a "backtracking attack."
Impact
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:snort:snort:*:*:*:*:*:*:*:* | 2.6.2 (including) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://lists.immunitysec.com/pipermail/dailydave/2007-January/003954.html
- http://secunia.com/advisories/23716
- http://secunia.com/advisories/24164
- http://secunia.com/advisories/24338
- http://security.gentoo.org/glsa/glsa-200702-03.xml
- http://securitytracker.com/id?1017508=
- http://www.acsac.org/2006/abstracts/54.html
- http://www.acsac.org/2006/advance_program.html
- http://www.acsac.org/2006/papers/54.pdf
- http://www.cs.wisc.edu/~smithr/pubs/acsac2006.pdf
- http://www.cs.wisc.edu/~smithr/pubs/randy_smith_acsac2006.zip
- http://www.mandriva.com/security/advisories?name=MDKSA-2007%3A051
- http://www.osvdb.org/32096
- http://www.securityfocus.com/bid/21991
- http://www.snort.org/pub-bin/snortnews.cgi
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31430
- http://lists.immunitysec.com/pipermail/dailydave/2007-January/003954.html
- http://secunia.com/advisories/23716
- http://secunia.com/advisories/24164
- http://secunia.com/advisories/24338
- http://security.gentoo.org/glsa/glsa-200702-03.xml
- http://securitytracker.com/id?1017508=
- http://www.acsac.org/2006/abstracts/54.html
- http://www.acsac.org/2006/advance_program.html
- http://www.acsac.org/2006/papers/54.pdf
- http://www.cs.wisc.edu/~smithr/pubs/acsac2006.pdf
- http://www.cs.wisc.edu/~smithr/pubs/randy_smith_acsac2006.zip
- http://www.mandriva.com/security/advisories?name=MDKSA-2007%3A051
- http://www.osvdb.org/32096
- http://www.securityfocus.com/bid/21991
- http://www.snort.org/pub-bin/snortnews.cgi
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31430