Details of VAR-201705-3675

ID

VAR-201705-3675

CVE

CVE-2017-6658

TITLE

Cisco Sourcefire Snort Buffer error vulnerability

Trust: 1.4

sources: JVNDB: JVNDB-2017-004115 // CNNVD: CNNVD-201705-763

DESCRIPTION

Cisco Sourcefire Snort 3.0 before build 233 has a Buffer Overread related to use of a decoder array. The size was off by one making it possible to read past the end of the array with an ether type of 0xFFFF. Increasing the array size solves this problem. Cisco Sourcefire Snort Contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Cisco Snort++ is prone to multiple remote denial-of-service vulnerabilities. An attacker can exploit these issues to restart the affected process, denying service to legitimate users. These issues fixed in: Cisco Snort++ BUILD_233. Cisco Sourcefire Snort is a set of network intrusion prevention software and network intrusion detection software from Cisco (formerly Snort team). The software provides functions such as packet sniffing, packet analysis, and packet inspection

Trust: 1.98

sources: NVD: CVE-2017-6658 // JVNDB: JVNDB-2017-004115 // BID: 98465 // VULHUB: VHN-114861

AFFECTED PRODUCTS

vendor:	cisco	model:	sourcefire snort	scope:	eq	version:	3.0	Trust: 1.6
vendor:	cisco	model:	snort++	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	snort++	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	snort++ build 233	scope:	ne	version:	-	Trust: 0.3

sources: BID: 98465 // JVNDB: JVNDB-2017-004115 // CNNVD: CNNVD-201705-763 // NVD: CVE-2017-6658

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-6658
value:	HIGH
Trust: 1.0
NVD:	CVE-2017-6658
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201705-763
value:	HIGH
Trust: 0.6
VULHUB:	VHN-114861
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2017-6658
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-114861
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-6658
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-114861 // JVNDB: JVNDB-2017-004115 // CNNVD: CNNVD-201705-763 // NVD: CVE-2017-6658

PROBLEMTYPE DATA

problemtype:	CWE-125	Trust: 1.1
problemtype:	CWE-119	Trust: 0.9

sources: VULHUB: VHN-114861 // JVNDB: JVNDB-2017-004115 // NVD: CVE-2017-6658

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201705-763

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201705-763

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-004115

PATCH

title:	cisco-sa-20170515-snort	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170515-snort	Trust: 0.8
title:	Cisco Sourcefire Snort Buffer error vulnerability fix	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=70335	Trust: 0.6

sources: JVNDB: JVNDB-2017-004115 // CNNVD: CNNVD-201705-763

EXTERNAL IDS

db:	NVD	id:	CVE-2017-6658	Trust: 2.8
db:	SECTRACK	id:	1038483	Trust: 1.7
db:	JVNDB	id:	JVNDB-2017-004115	Trust: 0.8
db:	CNNVD	id:	CNNVD-201705-763	Trust: 0.7
db:	BID	id:	98465	Trust: 0.3
db:	VULHUB	id:	VHN-114861	Trust: 0.1

sources: VULHUB: VHN-114861 // BID: 98465 // JVNDB: JVNDB-2017-004115 // CNNVD: CNNVD-201705-763 // NVD: CVE-2017-6658

REFERENCES

url:	http://blog.snort.org/2017/05/snort-vulnerabilities-found.html	Trust: 2.8
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170515-snort	Trust: 1.9
url:	http://www.securitytracker.com/id/1038483	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6658	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-6658	Trust: 0.8
url:	https://github.com/snortadmin/snort3/commit/7ae50f4be245efd469dee2ce2855b6235b07aa42	Trust: 0.3
url:	http://www.cisco.com/	Trust: 0.3

sources: VULHUB: VHN-114861 // BID: 98465 // JVNDB: JVNDB-2017-004115 // CNNVD: CNNVD-201705-763 // NVD: CVE-2017-6658

CREDITS

Bhargava Shastry

Trust: 0.3

sources: BID: 98465

SOURCES

db:	VULHUB	id:	VHN-114861
db:	BID	id:	98465
db:	JVNDB	id:	JVNDB-2017-004115
db:	CNNVD	id:	CNNVD-201705-763
db:	NVD	id:	CVE-2017-6658

LAST UPDATE DATE

2025-04-20T23:16:09.436000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-114861	date:	2019-10-03T00:00:00
db:	BID	id:	98465	date:	2017-05-15T00:00:00
db:	JVNDB	id:	JVNDB-2017-004115	date:	2017-06-16T00:00:00
db:	CNNVD	id:	CNNVD-201705-763	date:	2019-10-23T00:00:00
db:	NVD	id:	CVE-2017-6658	date:	2025-04-20T01:37:25.860

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-114861	date:	2017-05-16T00:00:00
db:	BID	id:	98465	date:	2017-05-15T00:00:00
db:	JVNDB	id:	JVNDB-2017-004115	date:	2017-06-16T00:00:00
db:	CNNVD	id:	CNNVD-201705-763	date:	2017-05-17T00:00:00
db:	NVD	id:	CVE-2017-6658	date:	2017-05-16T17:29:00.417