CVE-2007-0251 Information

Description

Integer underflow in the DecodeGRE function in src/decode.c in Snort 2.6.1.2 allows remote attackers to trigger dereferencing of certain memory locations via crafted GRE packets which may cause corruption of log files or writing of sensitive information into log files.

Reference

http://labs.calyptix.com/advisories/CX-2007-01.txt http://osvdb.org/32095 http://osvdb.org/33464 http://securityreason.com/securityalert/2165 http://securitytracker.com/id?1017507 http://www.securityfocus.com/archive/1/456598/100/0/threaded http://www.securityfocus.com/bid/22004 http://www.snort.org/got_source/source.html http://www.vupen.com/english/advisories/2007/0152