CVE-2007-1398

Name of the Vulnerable Software and Affected Versions Snort versions 2.6.1.1 through 2.6.1.2 Snort version 2.7.0 beta

Description The issue allows remote attackers to cause a denial of service, resulting in a segmentation fault and application crash, via certain UDP packets. This occurs when the frag3 preprocessor in Snort is configured for inline use on Linux without the ip conntrack module loaded.

Recommendations For Snort versions 2.6.1.1 and 2.6.1.2, consider loading the ip conntrack module to prevent the denial of service. For Snort version 2.7.0 beta, consider loading the ip conntrack module to prevent the denial of service. As a temporary workaround, consider disabling the frag3 preprocessor until a patch is available.