Smoothwall Firewall SNORT buffer overflow
From: Martinez, Sylvain (Sylvain_Martinez@eu1.bp.com)
Date: 03/07/03
- Previous message: Steven Leikeim: "Re: xscreensaver exploit for Redhat 7.3"
- Next in thread: William Anderson: "Re: Smoothwall Firewall SNORT buffer overflow"
- Reply: William Anderson: "Re: Smoothwall Firewall SNORT buffer overflow"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Martinez, Sylvain" <Sylvain_Martinez@eu1.bp.com> To: bugtraq@securityfocus.com Date: Fri, 7 Mar 2003 09:27:40 -0000
All,
Please note that the Linux based firewall smoothwall
(http://www.smoothwall.org) is using a vulnerable version of snort.
A patch has been released for the stable GPL 1.0 version:
http://www.smoothwall.org/home/news/item/20030305.01.html
However, no patch has been released for the beta version GPL 2.0 Mallard. If
you are running this version you should disable snort from the admin
configuration panel.
I am sending an email to this list because I have contacted the snort
developers some days ago and no announcement/information has yet been
published on their website or on the
developer mailing list.
Snort vulnerability reference:
http://www.kb.cert.org/vuls/id/916785
- - -
Mr Sylvain Martinez
Infrastructure Security Specialist
http://www.encryptsolutions.com
- Previous message: Steven Leikeim: "Re: xscreensaver exploit for Redhat 7.3"
- Next in thread: William Anderson: "Re: Smoothwall Firewall SNORT buffer overflow"
- Reply: William Anderson: "Re: Smoothwall Firewall SNORT buffer overflow"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
- [UNIX] Snort Core Dump Vulnerability
... It is possible to cause <http://www.snort.org/> Snort, ... Snort version
1.8 and prior (without the patch) ... The information in this bulletin is provided
"AS IS" without warranty of any kind. ... In no event shall we be liable for any damages whatsoever
including direct, indirect, incidental, consequential, loss of business profits or special damages. ...
(Securiteam) - Re: need your help,thanks
... On Sun, 2004-08-29 at 18:57, Jose Maria Lopez wrote: ... > Snort used
to have a patch that was an anormality detector that could ... The patch is called
SPADE/SPICE and was written by SiliconDefense, ... (Focus-IDS) - [UNIX] Snort Back Orifice Preprocessor Buffer Overflow Vulnerability
... The following security advisory is sent to the securiteam mailing list, and can be
found at the SecuriTeam web site: http://www.securiteam.com ... Snort is a widely-deployed,
open-source network ... The vulnerable code will process any UDP packet that is not destined
to or ... The Snort Back Orifice preprocessor vulnerability can be triggered with a ...
(Securiteam) - Fwd: CERT Advisory CA-2003-13 Multiple Vulnerabilities in Snort Preprocessors
... CERT Advisory CA-2003-13 Multiple Vulnerabilities in Snort Preprocessors ...
each in a separate preprocessor module. ... exploitable heap overflow in the Snort "stream4"
preprocessor module. ... To exploit this vulnerability, an attacker must disrupt
the state ... (Bugtraq) - GLSA: snort (200304-06)
... "The Sourcefire Vulnerability Research Team has learned of an integer overflow ...
in the Snort stream4 preprocessor used by the Sourcefire Network Sensor ... This attack
can be launched ... (Bugtraq)
