Snort mailing list archives
Snort 1.9.1 available (please upgrade)
From: Martin Roesch <roesch () sourcefire com>
Date: Mon, 3 Mar 2003 13:00:02 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In the light of this newly discovered vulnerability in spp_rpc_decode, we have released Snort 1.9.1. Everyone should plan to upgrade or disable the rpc_decode preprocessor at the very least. Snort 2.0 beta (CVS HEAD) has been updated as well, if you're running the CVS HEAD branch you should update. -Marty - -- The Snort team announces the availability of version 1.9.1 of Snort available for download at http://www.snort.org. http://www.snort.org/dl/snort-1.9.1.tar.gz http://www.snort.org/dl/snort-1.9.1.tar.gz.asc (gpg) A list of major changes include: - - New RPC decoder options alert_fragments no_alert_multiple_requests no_alert_large_fragments no_alert_incomplete - - corrected buffer overflow in RPC fragment normalization - - distance and within fixes for rules - - UDP checksum only acts if not 0 - - ip_protos can now be stacked - - win32 service installs - - Stream4 now does not chop off last byte of stream - - syslog alert mode command line switch fixed in *NIX version Release Notes: This is a must upgrade release or must mitigate for existing snort users. There is a buffer overflow in the snort RPC decoder in versions less than snort 1.9.1 or CVS versions before 2003-02-24/1pm US/Eastern. See CAN-2003-0033 or http://www.kb.cert.org/vuls/916785 for more information.- -- Martin Roesch - Founder/CTO, Sourcefire Inc. - (410)290-1616
Sourcefire: Snort-based Enterprise Intrusion Detection Infrastructure roesch () sourcefire com - http://www.sourcefire.com Snort: Open Source Network IDS - http://www.snort.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (Darwin) iD8DBQE+Y5gjqj0FAQQ3KOARAn1eAJ42AzCrfz4QzhbQDl/LhbQlQQ5OmwCfQwOn HKs2XCABQHpAYrS+fTxvlts= =H6Cx -----END PGP SIGNATURE----- ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort 1.9.1 available (please upgrade) Martin Roesch (Mar 03)