Snort RPC Vulnerability
From: Jason V. Miller (jmiller@securityfocus.com)
Date: 03/03/03
- Previous message: jason cheng: "some questions!"
- Next in thread: netsecurity: "Re: Snort RPC Vulnerability"
- Reply: netsecurity: "Re: Snort RPC Vulnerability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 3 Mar 2003 11:20:51 -0700 From: "Jason V. Miller" <jmiller@securityfocus.com> To: Focus-IDS <focus-ids@securityfocus.com>
Anyone using Snort might want to have a look at the latest ISS Advisory. There
is a vulnerability in Snort 1.8.0 - 1.9.0 in the RPC preprocessor, which may
ultimately allow a remote attacker to execute arbitrary code on a vulnerable
host.
Internet Security Systems Security Advisory
Snort RPC Preprocessing Vulnerability
http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21951
The Snort team has released a new version, 1.9.1, which contains fixes for this
issue. Users not wishing to upgrade may disable the RPC preprocessor in their
snort.conf configs.
Check out the Snort Web site:
http://www.snort.org/
Version 1.9.1, which contains fixes for this issue, is available here:
http://www.snort.org/dl/snort-1.9.1.tar.gz
Regards,
-- Jason V. Miller, Threat Analyst Symantec, Inc. - www.symantec.com E-Mail: jmiller@securityfocus.com ----------------------------------------------------------- <Pre>Lose another weekend managing your IDS? Take back your personal time. 15-day free trial of StillSecure Border Guard.</Pre> <A href="http://www.securityfocus.com/stillsecure"> http://www.securityfocus.com/stillsecure </A>
- Previous message: jason cheng: "some questions!"
- Next in thread: netsecurity: "Re: Snort RPC Vulnerability"
- Reply: netsecurity: "Re: Snort RPC Vulnerability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
