VYPR
Unrated severityNVD Advisory· Published Dec 31, 2004· Updated Jun 16, 2026

CVE-2004-2652

CVE-2004-2652

Description

The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when printing TCP/IP options using FAST output or verbose mode, allows remote attackers to cause a denial of service (crash) via packets with invalid TCP/IP options, which trigger a null dereference.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • Sourcefire/Snort4 versions
    cpe:2.3:a:sourcefire:snort:2.1.0:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:sourcefire:snort:2.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:sourcefire:snort:2.1.1_rc1:*:*:*:*:*:*:*
    • cpe:2.3:a:sourcefire:snort:2.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:sourcefire:snort:2.2:*:*:*:*:*:*:*
  • Snort/Snortllm-fuzzy
    Range: <2.3.0

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.