RE: [Snort-2003-001] Buffer overflow in Snort RPC preprocessor

["Gregory W. Ratcliff" <gratcliff () argusnetsec com>]

Marty and all,

A SANS bulletin just hit the world about this.
I bet the number of Snort downloads will be high this week.

See you in San Diego!

Gregory W. Ratcliff
Argus Network Security Services
www.argusnetsec.com

***********************************************************
DHS/NIPC Advisory 03-003 Snort Buffer Overflow Vulnerability 

The Department of Homeland Security (DHS), National Infrastructure
Protection Center (NIPC) has been informed of a recently discovered
serious vulnerability in Snort...The vulnerability was discovered by
Internet Security Systems (ISS), and is a buffer overflow in the Snort
Remote Procedure Call, RPC, normalization routines... are described in
the Snort Vulnerability Advisory.

Due to the seriousness of this vulnerability, the DHS/NIPC strongly
recommends that system administrators or security managers who employ
Snort take this opportunity to review their security procedures and
patch or upgrade software with known vulnerabilities.

Sourcefire has acquired additional bandwidth and hosting to aid users
wishing to upgrade their Snort implementation. Future information can be
found at: http://www.sourcefire.com/





-------------------------------------------------------
This SF.net email is sponsored by: Etnus, makers of TotalView, The debugger 
for complex code. Debugging C/C++ programs can leave you feeling lost and 
disoriented. TotalView can help you find your way. Available on major UNIX 
and Linux platforms. Try it free. www.etnus.com
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users