CVE-2008-1804

Name of the Vulnerable Software and Affected Versions Snort versions prior to 2.8.1

Description The issue arises from improper identification of packet fragments with dissimilar TTL values in the preprocessors/spp frag3.c component. This allows remote attackers to bypass detection rules by using a different TTL for each fragment.

Recommendations For versions prior to 2.8.1, update to version 2.8.1 or later to resolve the issue.