CVE-2009-3641

NameCVE-2009-3641
SourceCVE (at NVD; RH)
DescriptionSnort before 2.8.5.1, when the -v option is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted IPv6 packet that uses the (1) TCP or (2) ICMP protocol.
NVD severitymedium
Debian Bugs553584
Debian/oldstablenot known to be vulnerable
Debian/stablenot known to be vulnerable
Debian/testingnot known to be vulnerable
Debian/unstablenot known to be vulnerable.

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
snort (PTS)etch2.3.3-11vulnerable
lenny (security)2.7.0-19+lenny1vulnerable
lenny2.7.0-20.4vulnerable
squeeze, sid2.8.5.2-2fixed

The next table lists affected binary packages.

Binary PackageReleaseVersionStatusArchitecures
snort, snort-common-libraries, snort-mysql, snort-pgsqllenny (security)2.7.0-19+lenny1vulnerablealpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc
lenny2.7.0-20.4vulnerablealpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc
sid2.8.5.2-2fixedalpha, amd64, armel, hppa, i386, ia64, kfreebsd-amd64, kfreebsd-i386, mips, mipsel, powerpc, s390, sparc
squeeze2.8.5.2-2fixedamd64, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc
snort, snort-mysql, snort-pgsqletch2.3.3-11vulnerablealpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc
snort-common, snort-doc, snort-rules-defaultetch2.3.3-11vulnerableall
lenny (security)2.7.0-19+lenny1vulnerableall
lenny2.7.0-20.4vulnerableall
squeeze2.8.4.1-4vulnerableall
sid, squeeze2.8.5.2-2fixedall

The information above is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
snortsource(unstable)2.8.5.2-1unimportant553584

Notes

current debian packages are not compiled with support for ipv6
Search for package or bug name: Reporting problems

Home - Testing Security Team - Debian Security - Imprint