Hosting Provided By

Snort RPC Vulnerability

From: Jason V. Miller <jmiller(at)securityfocus.com>
Date: Mon Mar 03 2003 - 13:20:51 EST

Anyone using Snort might want to have a look at the latest ISS Advisory. There is a vulnerability in Snort 1.8.0 - 1.9.0 in the RPC preprocessor, which may ultimately allow a remote attacker to execute arbitrary code on a vulnerable host.

Internet Security Systems Security Advisory Snort RPC Preprocessing Vulnerability
http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21951

The Snort team has released a new version, 1.9.1, which contains fixes for this issue. Users not wishing to upgrade may disable the RPC preprocessor in their snort.conf configs.

Check out the Snort Web site:
http://www.snort.org/

Version 1.9.1, which contains fixes for this issue, is available here: http://www.snort.org/dl/snort-1.9.1.tar.gz

Regards,

-- 
Jason V. Miller, Threat Analyst
Symantec, Inc. - www.symantec.com
E-Mail:	jmiller@securityfocus.com

-----------------------------------------------------------
Lose another weekend managing your IDS?
Take back your personal time.
15-day free trial of StillSecure Border Guard.
http://www.securityfocus.com/stillsecure"> 
http://www.securityfocus.com/stillsecure

Received on Mon Mar 3 13:36:45 2003

This message: [ Message body ]
Next message: netsecurity: "Re: Snort RPC Vulnerability"
Previous message: jason cheng: "some questions!"
Next in thread: netsecurity: "Re: Snort RPC Vulnerability"
Reply: netsecurity: "Re: Snort RPC Vulnerability"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:01:10 EDT