{"id":"CVE-2006-2769","details":"The HTTP Inspect preprocessor (http_inspect) in Snort 2.4.0 through 2.4.4 allows remote attackers to bypass \"uricontent\" rules via a carriage return (\\r) after the URL and before the HTTP declaration.","modified":"2024-06-30T12:01:22Z","published":"2006-06-02T10:18:00Z","withdrawn":"2024-08-08T09:48:41.817917Z","references":[{"type":"ADVISORY","url":"http://secunia.com/advisories/20413"},{"type":"ADVISORY","url":"http://secunia.com/advisories/20766"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2006/2119"},{"type":"FIX","url":"http://securitytracker.com/id?1016191"},{"type":"FIX","url":"http://www.demarc.com/support/downloads/patch_20060531"},{"type":"FIX","url":"http://www.osvdb.org/25837"},{"type":"FIX","url":"http://www.securityfocus.com/bid/18200"},{"type":"WEB","url":"http://lists.suse.com/archive/suse-security-announce/2006-Jun/0008.html"},{"type":"WEB","url":"http://marc.info/?l=snort-devel&m=114909074311462&w=2"},{"type":"WEB","url":"http://securityreason.com/securityalert/1018"},{"type":"WEB","url":"http://www.securityfocus.com/archive/1/435600/100/0/threaded"},{"type":"WEB","url":"http://www.securityfocus.com/archive/1/435734/100/0/threaded"},{"type":"WEB","url":"http://www.securityfocus.com/archive/1/435797/100/0/threaded"},{"type":"WEB","url":"http://www.securityfocus.com/archive/1/435872/100/0/threaded"},{"type":"WEB","url":"http://www.snort.org/pub-bin/snortnews.cgi#431"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/26855"},{"type":"ADVISORY","url":"https://security-tracker.debian.org/tracker/CVE-2006-2769"}],"affected":[{"package":{"name":"snort","ecosystem":"Debian:11","purl":"pkg:deb/debian/snort?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.3.3-8"}]}],"ecosystem_specific":{"urgency":"low"},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2006-2769.json"}}],"schema_version":"1.7.3"}