Bugtraq mailing list archives
Snort RPC Vulnerability (fwd)
From: Dave Ahmad <da () securityfocus com>
Date: Mon, 3 Mar 2003 13:08:57 -0700 (MST)
David Mirza Ahmad Symantec "sabbe dhamma anatta" 0x26005712 8D 9A B1 33 82 3D B3 D0 40 EB AB F0 1E 67 C6 1A 26 00 57 12
--- Begin Message --- From: "Jason V. Miller" <jmiller () securityfocus com>
Date: Mon, 3 Mar 2003 11:20:51 -0700
Anyone using Snort might want to have a look at the latest ISS Advisory. There is a vulnerability in Snort 1.8.0 - 1.9.0 in the RPC preprocessor, which may ultimately allow a remote attacker to execute arbitrary code on a vulnerable host. Internet Security Systems Security Advisory Snort RPC Preprocessing Vulnerability http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21951 The Snort team has released a new version, 1.9.1, which contains fixes for this issue. Users not wishing to upgrade may disable the RPC preprocessor in their snort.conf configs. Check out the Snort Web site: http://www.snort.org/ Version 1.9.1, which contains fixes for this issue, is available here: http://www.snort.org/dl/snort-1.9.1.tar.gz Regards, -- Jason V. Miller, Threat Analyst Symantec, Inc. - www.symantec.com E-Mail: jmiller () securityfocus com ----------------------------------------------------------- <Pre>Lose another weekend managing your IDS? Take back your personal time. 15-day free trial of StillSecure Border Guard.</Pre> <A href="http://www.securityfocus.com/stillsecure"> http://www.securityfocus.com/stillsecure </A>
--- End Message ---
Current thread:
- Snort RPC Vulnerability (fwd) Dave Ahmad (Mar 03)