Snort mailing list archives
Snort 2.20 Denial Of Service Exploit
From: "M. Shirk" <shirkdog_list () hotmail com>
Date: Thu, 23 Dec 2004 07:18:42 -0500
I have not verified this, but saw it before leaving the house this morning. This is from http://isc.incidents.org
Snort 2.20 Denial of Service exploit postedK-OTik notified us of this exploit for Snort 2.2 and earlier:http://www.k-otik.com/exploits/20041222.angelDust.c.php
It will core dump a running Snort process with a specially crafted packed. The recommended fix is to upgrade to Snort 2.3 RC1 or better which various handlers have reported is stable. This particular exploit works with Linux-based distributions, but not BSD-based. (We tried RHEL3, Debian, and OpenBSD).
Shirkdog http://www.shirkdog.us _________________________________________________________________Dont just search. Find. Check out the new MSN Search! http://search.msn.click-url.com/go/onm00200636ave/direct/01/
------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users.Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort Configuration in large network. ashish natvarlal kuvawala (Dec 23)
- Snort 2.20 Denial Of Service Exploit M. Shirk (Dec 23)
- Re: Snort 2.20 Denial Of Service Exploit Wes Young (Dec 23)
- Re: Snort 2.20 Denial Of Service Exploit Matt Kettler (Dec 23)
- Re: Snort 2.20 Denial Of Service Exploit Wes Young (Dec 23)
- Snort 2.20 Denial Of Service Exploit M. Shirk (Dec 23)