Re: Smoothwall Firewall SNORT buffer overflow

From: William Anderson (neuroat_private)
Date: Fri Mar 07 2003 - 18:03:51 PST

Next message: Claes Nyberg: "OpenBSD lprm(1) exploit"

Previous message: Network Intelligence India Pvt. Ltd.: "NII Advisory - Buffer Overflow in SQLBase (Revised)"
In reply to: Martinez, Sylvain: "Smoothwall Firewall SNORT buffer overflow"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Martinez, Sylvain wrote:
> All,
>
> Please note that the Linux based firewall smoothwall
> (http://www.smoothwall.org) is using a vulnerable version of snort.
> A patch has been released for the stable GPL 1.0 version:
> http://www.smoothwall.org/home/news/item/20030305.01.html
> However, no patch has been released for the beta version GPL 2.0
> Mallard. If you are running this version you should disable snort from
> the admin configuration panel.

A patch is now available from our website:
http://smoothwall.org/beta/bugs/mallard-005.html which disables the rpc
preprocessor in SmoothWall GPL 2.0 beta4.  We will include a recompiled
version of snort 1.91 in the next beta build, as was our intention.


--
_ __/|   ___  ___ __ _________ "When Microsoft Office is your only hammer,
\`O_o'  / _ \/ -_) // / __/ _ \ pretty much everything begins to look like
=(_ _)=/_//_/\__/\_,_/_/  \___/ a nail. Or a thumb." -- Rob Pegoraro
   U - Ack! Phttpt! Thhbbt!     neuro at well dot com  http://neuro.me.uk/

Next message: Claes Nyberg: "OpenBSD lprm(1) exploit"
Previous message: Network Intelligence India Pvt. Ltd.: "NII Advisory - Buffer Overflow in SQLBase (Revised)"
In reply to: Martinez, Sylvain: "Smoothwall Firewall SNORT buffer overflow"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sat Mar 08 2003 - 09:30:47 PST