{"id":"CVE-2006-6931","details":"Algorithmic complexity vulnerability in Snort before 2.6.1, during predicate evaluation in rule matching for certain rules, allows remote attackers to cause a denial of service (CPU consumption and detection outage) via crafted network traffic, aka a \"backtracking attack.\"","modified":"2024-06-30T12:01:22Z","published":"2007-01-16T23:28:00Z","withdrawn":"2024-08-08T09:48:42.691342Z","references":[{"type":"ADVISORY","url":"http://secunia.com/advisories/23716"},{"type":"ADVISORY","url":"http://secunia.com/advisories/24164"},{"type":"ADVISORY","url":"http://secunia.com/advisories/24338"},{"type":"ADVISORY","url":"http://security.gentoo.org/glsa/glsa-200702-03.xml"},{"type":"ADVISORY","url":"http://www.acsac.org/2006/papers/54.pdf"},{"type":"ADVISORY","url":"http://www.cs.wisc.edu/~smithr/pubs/acsac2006.pdf"},{"type":"ADVISORY","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:051"},{"type":"WEB","url":"http://lists.immunitysec.com/pipermail/dailydave/2007-January/003954.html"},{"type":"WEB","url":"http://securitytracker.com/id?1017508"},{"type":"WEB","url":"http://www.acsac.org/2006/abstracts/54.html"},{"type":"WEB","url":"http://www.acsac.org/2006/advance_program.html"},{"type":"WEB","url":"http://www.cs.wisc.edu/~smithr/pubs/randy_smith_acsac2006.zip"},{"type":"WEB","url":"http://www.osvdb.org/32096"},{"type":"WEB","url":"http://www.securityfocus.com/bid/21991"},{"type":"WEB","url":"http://www.snort.org/pub-bin/snortnews.cgi"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/31430"},{"type":"ADVISORY","url":"https://security-tracker.debian.org/tracker/CVE-2006-6931"}],"affected":[{"package":{"name":"snort","ecosystem":"Debian:11","purl":"pkg:deb/debian/snort?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.7.0-1"}]}],"ecosystem_specific":{"urgency":"low"},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2006-6931.json"}}],"schema_version":"1.7.3"}