{ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2008-1804", "STATE" : "PUBLIC" }, "affects" : { "vendor" : { "vendor_data" : [ { "product" : { "product_data" : [ { "product_name" : "n/a", "version" : { "version_data" : [ { "version_value" : "n/a" } ] } } ] }, "vendor_name" : "n/a" } ] } }, "data_format" : "MITRE", "data_type" : "CVE", "data_version" : "4.0", "description" : { "description_data" : [ { "lang" : "eng", "value" : "preprocessors/spp_frag3.c in Sourcefire Snort before 2.8.1 does not properly identify packet fragments that have dissimilar TTL values, which allows remote attackers to bypass detection rules by using a different TTL for each fragment." } ] }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "eng", "value" : "n/a" } ] } ] }, "references" : { "reference_data" : [ { "name" : "20080521 Multiple Vendor Snort IP Fragment TTL Evasion Vulnerability", "refsource" : "IDEFENSE", "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=701" }, { "name" : "http://cvs.snort.org/viewcvs.cgi/snort/ChangeLog?rev=1.534.2.11", "refsource" : "CONFIRM", "url" : "http://cvs.snort.org/viewcvs.cgi/snort/ChangeLog?rev=1.534.2.11" }, { "name" : "http://cvs.snort.org/viewcvs.cgi/snort/src/preprocessors/spp_frag3.c.diff?r1=text&tr1=1.46.2.4&r2=text&tr2=1.46.2.5&diff_format=h", "refsource" : "CONFIRM", "url" : "http://cvs.snort.org/viewcvs.cgi/snort/src/preprocessors/spp_frag3.c.diff?r1=text&tr1=1.46.2.4&r2=text&tr2=1.46.2.5&diff_format=h" }, { "name" : "http://www.ipcop.org/index.php?name=News&file=article&sid=40", "refsource" : "CONFIRM", "url" : "http://www.ipcop.org/index.php?name=News&file=article&sid=40" }, { "name" : "FEDORA-2008-4986", "refsource" : "FEDORA", "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00156.html" }, { "name" : "FEDORA-2008-5001", "refsource" : "FEDORA", "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00167.html" }, { "name" : "FEDORA-2008-5045", "refsource" : "FEDORA", "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00198.html" }, { "name" : "29327", "refsource" : "BID", "url" : "http://www.securityfocus.com/bid/29327" }, { "name" : "ADV-2008-1602", "refsource" : "VUPEN", "url" : "http://www.vupen.com/english/advisories/2008/1602" }, { "name" : "1020081", "refsource" : "SECTRACK", "url" : "http://securitytracker.com/id?1020081" }, { "name" : "30348", "refsource" : "SECUNIA", "url" : "http://secunia.com/advisories/30348" }, { "name" : "31204", "refsource" : "SECUNIA", "url" : "http://secunia.com/advisories/31204" }, { "name" : "30563", "refsource" : "SECUNIA", "url" : "http://secunia.com/advisories/30563" }, { "name" : "snort-ttl-security-bypass(42584)", "refsource" : "XF", "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42584" } ] } }