What is CVE-2006-5276?

CVE-2006-5276 is a vulnerability in N/a. Published 2007-02-20.

Is CVE-2006-5276 known to be exploited?

3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2006-5276

Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 before beta 2; and Sourcefire Intrusion Sensor; allows remote attackers to execute arbitrary code via crafted SMB traffic.

EPSS: 0.882 (99.5th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

References

TA07-050A (x_refsource_CERT, third-party-advisory)
VU#196240 (x_refsource_CERT-VN, third-party-advisory)
www116.nortelnetworks.com/pub/repository/CLARIFY/DOCUMENT/2007/08/021923-01.pdf (x_refsource_CONFIRM)
GLSA-200703-01 (vendor-advisory, x_refsource_GENTOO)
26746 (x_refsource_SECUNIA, third-party-advisory)
20070303 ERRATA: [ GLSA 200703-01 ] Snort: Remote execution of arbitrary code (mailing-list, x_refsource_BUGTRAQ)
24190 (x_refsource_SECUNIA, third-party-advisory)
www.snort.org/docs/advisory-2007-02-19.html (x_refsource_CONFIRM)
24239 (x_refsource_SECUNIA, third-party-advisory)
24272 (x_refsource_SECUNIA, third-party-advisory)

Frequently asked questions

What is CVE-2006-5276?: CVE-2006-5276 is a vulnerability in N/a. Published 2007-02-20.
Is CVE-2006-5276 known to be exploited?: 3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.