Smoothwall Firewall SNORT buffer overflow

From: Martinez, Sylvain (Sylvain_Martinezat_private)
Date: Fri Mar 07 2003 - 01:27:40 PST

Next message: Matti Haack: "Re[2]: Siemens *35 and 45 series phones SMS Danial of Service"

Previous message: Michael Walton: "[sorcerer-spells] SNORT-SORCERER2003-03-06-1"
Next in thread: William Anderson: "Re: Smoothwall Firewall SNORT buffer overflow"
Reply: William Anderson: "Re: Smoothwall Firewall SNORT buffer overflow"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

All,

Please note that the Linux based firewall smoothwall
(http://www.smoothwall.org) is using a vulnerable version of snort.
A patch has been released for the stable GPL 1.0 version: 
http://www.smoothwall.org/home/news/item/20030305.01.html
However, no patch has been released for the beta version GPL 2.0 Mallard. If
you are running this version you should disable snort from the admin
configuration panel.

I am sending an email to this list because I have contacted the snort
developers some days ago and no announcement/information has yet been
published on their website or on the 
developer mailing list.
Snort vulnerability reference: 
http://www.kb.cert.org/vuls/id/916785

- - -
Mr Sylvain Martinez
Infrastructure Security Specialist
http://www.encryptsolutions.com

Next message: Matti Haack: "Re[2]: Siemens *35 and 45 series phones SMS Danial of Service"
Previous message: Michael Walton: "[sorcerer-spells] SNORT-SORCERER2003-03-06-1"
Next in thread: William Anderson: "Re: Smoothwall Firewall SNORT buffer overflow"
Reply: William Anderson: "Re: Smoothwall Firewall SNORT buffer overflow"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Mar 07 2003 - 10:36:51 PST