CVE-2006-2769

Description

The HTTP Inspect preprocessor (http_inspect) in Snort 2.4.0 through 2.4.4 allows remote attackers to bypass "uricontent" rules via a carriage return (\r) after the URL and before the HTTP declaration.

How to fix CVE-2006-2769

To remediate CVE-2006-2769, upgrade the affected package to a fixed version below.

• Debian/snort—upgrade to 2.3.3-8 or later

Is CVE-2006-2769 being exploited?

Moderate — EPSS is 22.8%. Track this CVE but it's not at the top of the prioritisation list.

Affected packages (1)

• from 0, < 2.3.3-8

References (17)

• ADVISORYsecunia.com/advisories/20413
• ADVISORYsecunia.com/advisories/20766
• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2006-2769
• ADVISORYwww.vupen.com/english/advisories/2006/2119
• PATCHsecuritytracker.com/id?1016191