Snort RPC Vulnerability (fwd)

From: Dave Ahmad (daat_private)
Date: Mon Mar 03 2003 - 12:08:57 PST

Next message: l33t guy: "[blaqhatz] - Pastel Accounting application security issues"

Previous message: Mandrake Linux Security Team: "MDKSA-2003:027 - Updated tcpdump packages fix denial of service vulnerabilities"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

David Mirza Ahmad
Symantec

"sabbe dhamma anatta"

0x26005712
8D 9A B1 33 82 3D B3 D0 40 EB  AB F0 1E 67 C6 1A 26 00 57 12

attached mail follows:

Anyone using Snort might want to have a look at the latest ISS Advisory. There is a vulnerability in Snort 1.8.0 - 1.9.0 in the RPC preprocessor, which may ultimately allow a remote attacker to execute arbitrary code on a vulnerable host. Internet Security Systems Security Advisory Snort RPC Preprocessing Vulnerability http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21951 The Snort team has released a new version, 1.9.1, which contains fixes for this issue. Users not wishing to upgrade may disable the RPC preprocessor in their snort.conf configs. Check out the Snort Web site: http://www.snort.org/ Version 1.9.1, which contains fixes for this issue, is available here: http://www.snort.org/dl/snort-1.9.1.tar.gz Regards, -- Jason V. Miller, Threat Analyst Symantec, Inc. - www.symantec.com E-Mail: jmillerat_private ----------------------------------------------------------- <Pre>Lose another weekend managing your IDS? Take back your personal time. 15-day free trial of StillSecure Border Guard.</Pre> <A href="http://www.securityfocus.com/stillsecure"> http://www.securityfocus.com/stillsecure </A>

Next message: l33t guy: "[blaqhatz] - Pastel Accounting application security issues"
Previous message: Mandrake Linux Security Team: "MDKSA-2003:027 - Updated tcpdump packages fix denial of service vulnerabilities"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Mar 03 2003 - 12:21:24 PST