Snort mailing list archives
Re: report a small bug
From: Russ Combs <rcombs () sourcefire com>
Date: Fri, 9 Jul 2010 10:31:11 -0400
Thanks to the original reporter of this bug. We'll see that it is fixed in the next release. SF did not call it "small" but it is not what I'd call dangerous. Apart from annoying printf()s there really is no ill effect. The free count in question is essentially redundant, because the free list it is counting is properly initialized and the pointer is checked before use. Thanks for checking. Russ On Fri, Jul 9, 2010 at 9:24 AM, L0rd Ch0de1m0rt <l0rdch0de1m0rt () gmail com>wrote:
Hello. I am not intimate with Snort code so pardon if this is a stupid question but how serious is this bug? You call it "small" but can there be DoS, code execution, etc.? We have seen security vulnerabilities in the past in Snort and I need to know if I need to prioritise my snort patches so I don't get 0wn3d. Thanks! -L0rd Ch0de1m0rt ------------------------------------------------------------------------------ This SF.net email is sponsored by Sprint What will you do first with EVO, the first 4G phone? Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first _______________________________________________ Snort-devel mailing list Snort-devel () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-devel
------------------------------------------------------------------------------ This SF.net email is sponsored by Sprint What will you do first with EVO, the first 4G phone? Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first
_______________________________________________ Snort-devel mailing list Snort-devel () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-devel
Current thread:
- report a small bug 张峥 (Jul 08)
- <Possible follow-ups>
- Re: report a small bug L0rd Ch0de1m0rt (Jul 09)
- Re: report a small bug Russ Combs (Jul 09)