Pantek Library
Hosting Provided By
CybrHost
High Speed Hosting
Mailing Lists: securityfocus.com > focus-ids > 03 > 030462.html (Request Expert securityfocus.com Support)

RE: Snort RPC Vulnerability

From: Rob Shein <shoten(at)starpower.net>
Date: Mon Mar 03 2003 - 14:10:25 EST


I would say yes...in the academic sense. You can still compromise the machine, but the question becomes that of "is the machine able to call home?" If not, then you have control of a system that you cannot control, so to say, in much of a meaningful fashion.

> -----Original Message-----
> From: netsecurity [mailto:netsecurity@duracompanies.com]
> Sent: Monday, March 03, 2003 2:03 PM
> To: Jason V. Miller
> Cc: Focus-IDS
> Subject: Re: Snort RPC Vulnerability
>
>
> If you are using a receive only cable does this still
oid=2
JVM> 1951 

JVM> The Snort team has released a new version, 1.9.1, which contains 
JVM> fixes for this issue. Users not wishing to upgrade may disable the 
JVM> RPC preprocessor in their snort.conf configs.

JVM> Check out the Snort Web site:
JVM> http://www.snort.org/

JVM> Version 1.9.1, which contains fixes for this issue, is available JVM> here: http://www.snort.org/dl/snort-1.9.1.tar.gz

JVM> Regards,

(C)opyright Dura Builders, ~2003~ Indianapolis, IN, All Rights Reserved


The information contained in this e-mail message is confidential, intended only for the use of the individual or entity named above. If the reader of this e-mail is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that any review, dissemination, distribution or copying of this communication is strictly prohibited. If you have received this e-mail in error, contact netsecurity@duracompanies.com

<Pre>Lose another weekend managing your IDS? Take back your personal time.
15-day free trial of StillSecure Border Guard.</Pre> <A href="http://www.securityfocus.com/stillsecure"> http://www.securityfocus.com/stillsecure </A>

<Pre>Lose another weekend managing your IDS? Take back your personal time.
15-day free trial of StillSecure Border Guard.</Pre> <A href="http://www.securityfocus.com/stillsecure"> http://www.securityfocus.com/stillsecure </A> Received on Mon Mar 3 14:38:45 2003

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:01:10 EDT

Contact Us  Legal Notices  Order Services Online 
Pantek Home  Privacy Policy  IT news  Site Map  Pantek Library