Unrated severityNVD Advisory· Published Jun 2, 2006· Updated Apr 16, 2026
CVE-2006-2769
CVE-2006-2769
Description
The HTTP Inspect preprocessor (http_inspect) in Snort 2.4.0 through 2.4.4 allows remote attackers to bypass "uricontent" rules via a carriage return (\r) after the URL and before the HTTP declaration.
Affected products
5cpe:2.3:a:sourcefire:snort:2.4:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:sourcefire:snort:2.4:*:*:*:*:*:*:*
- cpe:2.3:a:sourcefire:snort:2.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:sourcefire:snort:2.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:sourcefire:snort:2.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:sourcefire:snort:2.4.4:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
16- securitytracker.com/idnvdExploitPatch
- www.demarc.com/support/downloads/patch_20060531nvdExploitPatch
- www.osvdb.org/25837nvdExploitPatch
- www.securityfocus.com/bid/18200nvdExploitPatch
- secunia.com/advisories/20413nvdVendor Advisory
- secunia.com/advisories/20766nvdVendor Advisory
- www.vupen.com/english/advisories/2006/2119nvdVendor Advisory
- lists.suse.com/archive/suse-security-announce/2006-Jun/0008.htmlnvd
- marc.infonvd
- securityreason.com/securityalert/1018nvd
- www.securityfocus.com/archive/1/435600/100/0/threadednvd
- www.securityfocus.com/archive/1/435734/100/0/threadednvd
- www.securityfocus.com/archive/1/435797/100/0/threadednvd
- www.securityfocus.com/archive/1/435872/100/0/threadednvd
- www.snort.org/pub-bin/snortnews.cginvd
- exchange.xforce.ibmcloud.com/vulnerabilities/26855nvd
News mentions
0No linked articles in our index yet.