On Fri, Apr 25, 2003 at 10:44:49PM +0100, Nick Boyce wrote:
> The general consensus of opinion (including the Debian packager) was
> that *nobody* should even consider using the V1.8.4 Snort package in
> Woody - it's much too old, and has a number of security issues.
It's not really that it has a
On Fri, 25 Apr 2003 10:19:59 +0100, David Ramsden wrote:
>Noticed on vil.mcafee.com that a proof of concept exploit for Snort to
>exploit the vuln. found in v1.8 through to 1.9.1.
[...]
>What's the status of a patch from Debian Security? No DSA yet either.
>I know this has been brought up a few ti
- Forwarded message from Marcel Weber <[EMAIL PROTECTED]> -
From: Marcel Weber <[EMAIL PROTECTED]>
To: David Ramsden <[EMAIL PROTECTED]>
Cc: debian-security@lists.debian.org
Subject: Re: Snort exploit in wild.
X-Virus-Scanned: by AMaViS and OpenAntivirus ScannerDaemon
Il ven, 2003-04-25 alle 11:19, David Ramsden ha scritto:
> Noticed on vil.mcafee.com that a proof of concept exploit for Snort to
> exploit the vuln. found in v1.8 through to 1.9.1.
up to 2.0rc1 as reported by cert
> What's the status of a patch from Debian Security? No DSA yet either.
> I know
On Fri, Apr 25, 2003 at 12:13:38PM +0200, Marcel Weber wrote:
> David Ramsden wrote:
>
[snip]
>
> Following the advice from heise.de [1] it should be enough to comment
> out the line:
>
> preprocessor stream4_reassemble
>
> in your /etc/snort/snort.conf
>
> as the vulnerability is in this mod
David Ramsden wrote:
Hi,
Noticed on vil.mcafee.com that a proof of concept exploit for Snort to
exploit the vuln. found in v1.8 through to 1.9.1.
Packet Storm Security have this proof of concept on their site (local
exploit at the moment).
It uses a call-back technique to spawn a shell on the
Hi,
Noticed on vil.mcafee.com that a proof of concept exploit for Snort to
exploit the vuln. found in v1.8 through to 1.9.1.
Packet Storm Security have this proof of concept on their site (local
exploit at the moment).
It uses a call-back technique to spawn a shell on the attackers machine,
via a
7 matches
Mail list logo
