Security Basics mailing list archives
Re: bootp snort
From: Michael Weber <mweber () hitwin com>
Date: Fri, 05 Sep 2003 08:48:51 +0200
Hi, this:
#284-(2-312) [cve][icat][snort] MISC bootp invalid hardware type 2003-09-04 12:52:41 216.x.x.x:68 255.255.255.255:67 UDP=20
looks like this: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0798 (Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type.) and results in snort SID 1940 http://www.snort.org/snort-db/sid.html?sid=1940 hth, Michael Weber Berlin, Germany ---------------------------------------------------------------------------Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the world's premier technical IT security event. Modeled after the famous Black Hat event in Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors. Symantec is the Diamond sponsor. Early-bird registration ends September 6.Visit us: www.blackhat.com
----------------------------------------------------------------------------
Current thread:
- bootp snort crouth (Sep 04)
- Re: bootp snort Michael Weber (Sep 05)