Snort mailing list archives
RE: BO preproc exploit published
From: "Paul Melson" <pmelson () gmail com>
Date: Wed, 26 Oct 2005 11:22:40 -0400
-----Original Message----- Subject: Re: [Snort-users] BO preproc exploit published
Just an FYI in snort 2.4.3 we added detection to the BO preprocessor to
detect attempts to
exploit this vulnerability (gid:sid) 105:4 105 || 4 || spp_bo: Back Orifice Snort Buffer Attack
I saw that in the release notes. To date, my sensors have not detected any attempts to exploit the bo preproc. I suppose that now that there's publicly available code that I ought to test it. ;) PaulM ------------------------------------------------------- This SF.Net email is sponsored by the JBoss Inc. Get Certified Today * Register for a JBoss Training Course Free Certification Exam for All Training Attendees Through End of 2005 Visit http://www.jboss.com/services/certification for more information _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- BO preproc exploit published Paul Melson (Oct 25)
- Re: BO preproc exploit published Matthew Watchinski (Oct 26)
- RE: BO preproc exploit published Paul Melson (Oct 26)
- Re: BO preproc exploit published byte_jump (Oct 26)
- Re: BO preproc exploit published Murali Raju (Oct 27)
- RE: BO preproc exploit published Paul Melson (Oct 26)
- Re: BO preproc exploit published Matthew Watchinski (Oct 26)
- <Possible follow-ups>
- Re: BO preproc exploit published byte_jump (Oct 26)
- Re: BO preproc exploit published Richard Harman (Oct 26)
- RE: BO preproc exploit published Ron Jenkins (Oct 26)
- BO preproc exploit published Paul . Melson (Nov 01)