New Snort Signatures/ TESO Telnetd Overflow

From: Alfred Huger (ahat_private)
Date: Tue Jul 24 2001 - 21:30:00 PDT

  • Next message: sleonard: "Re: New version of Code Red?"

    Heya all,
    
    For those of you Snort users out there (a rather large number, I know)
    Marty Roesch and Brian Caswell have made signatures available for BID
    3064, Multiple Vendor Telnetd Buffer Overflow Vulnerability. This
    vulnerability looks to be making the rounds as we speak.
    
    Since no other IDS (that I know of) detects this vulnerability an update
    of your ruleset is most likely in order:
    
    http://snort.sourceforge.net/snortrules.tar.gz
    
    or simply
    
    http://www.snort.org
    
    
    Cheers,
    -al
    
    
    VP Engineering
    SecurityFocus.com
    "Vae Victis"
    
    
    ----------------------------------------------------------------------------
    This list is provided by the SecurityFocus ARIS analyzer service.
    For more information on this free incident handling, management 
    and tracking system please see: http://aris.securityfocus.com
    



    This archive was generated by hypermail 2b30 : Tue Jul 24 2001 - 21:31:12 PDT