Snort mailing list archives

Re: Is Snort affected ? (CVE-2019-1696, CVE-2019-1704)

From: "Joel Esler \(jesler\) via Snort-devel" <snort-devel () lists snort org>
Date: Tue, 21 May 2019 15:41:29 +0000

That detail has not been provided to me.  I simply want to bring awareness that the fact that this exists, and only 
affects a minor subset of users.

From: Snort User <snort.user () gmail com>
Date: Tuesday, May 21, 2019 at 11:31 AM
To: "Joel Esler (jesler)" <jesler () cisco com>
Cc: snort-devel <snort-devel () lists snort org>
Subject: Re: [Snort-devel] Is Snort affected ? (CVE-2019-1696, CVE-2019-1704)

Will the blog detail on the scenario that causes the issue and the risk etc?

Thanks

On Tue, May 21, 2019 at 10:06 AM Joel Esler (jesler) <jesler () cisco com<mailto:jesler () cisco com>> wrote:
I have verified that these vulnerabilities were corrected with 2.9.13.0.  We recommend all users not using 2.9.13.0 to 
upgrade to 2.9.13.0 as soon as you can.

We’ll put out a blog post soon.

--
Joel Esler
Manager, Communities Division
Cisco Talos Intelligence Group
http://www.talosintelligence.com

From: Snort-devel <snort-devel-bounces () lists snort org<mailto:snort-devel-bounces () lists snort org>> on behalf of 
"Joel Esler (jesler) via Snort-devel" <snort-devel () lists snort org<mailto:snort-devel () lists snort org>>
Reply-To: "Joel Esler (jesler)" <jesler () cisco com<mailto:jesler () cisco com>>
Date: Monday, May 20, 2019 at 5:18 PM
To: Snort User <snort.user () gmail com<mailto:snort.user () gmail com>>, snort-devel <snort-devel () lists snort 
org<mailto:snort-devel () lists snort org>>
Subject: Re: [Snort-devel] Is Snort affected ? (CVE-2019-1696, CVE-2019-1704)

Thanks,

I am in touch with the product team now to clarify and if action is needed, to take action.

--
Joel Esler
Manager, Communities Division
Cisco Talos Intelligence Group
http://www.talosintelligence.com

From: Snort-devel <snort-devel-bounces () lists snort org<mailto:snort-devel-bounces () lists snort org>> on behalf of 
Snort User via Snort-devel <snort-devel () lists snort org<mailto:snort-devel () lists snort org>>
Reply-To: Snort User <snort.user () gmail com<mailto:snort.user () gmail com>>
Date: Monday, May 20, 2019 at 10:40 AM
To: snort-devel <snort-devel () lists snort org<mailto:snort-devel () lists snort org>>
Subject: [Snort-devel] Is Snort affected ? (CVE-2019-1696, CVE-2019-1704)

Hi

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-smb-snort

In the above report, I saw -

"These vulnerabilities may also affect the open-source Snort project. For more information, see the Snort 
website<https://www.snort.org/>."
However, I did not see any information on the website (or I missed it)

I could not find any relevant info in the ChangeLog of the most recent release.

Can anyone provide any details or info on this?

- Is Snort affected? How?
- Which versions? Is a patch available? etc

_______________________________________________
Snort-devel mailing list
Snort-devel () lists snort org
https://lists.snort.org/mailman/listinfo/snort-devel

Please visit http://blog.snort.org for the latest news about Snort!

Current thread:

Is Snort affected ? (CVE-2019-1696, CVE-2019-1704) Snort User via Snort-devel (May 20)
- Re: Is Snort affected ? (CVE-2019-1696, CVE-2019-1704) Joel Esler (jesler) via Snort-devel (May 20)
  - Re: Is Snort affected ? (CVE-2019-1696, CVE-2019-1704) Joel Esler (jesler) via Snort-devel (May 23)
    - Re: Is Snort affected ? (CVE-2019-1696, CVE-2019-1704) Snort User via Snort-devel (May 23)
    - Re: Is Snort affected ? (CVE-2019-1696, CVE-2019-1704) Joel Esler (jesler) via Snort-devel (May 23)
  - Re: Is Snort affected ? (CVE-2019-1696, CVE-2019-1704) Vladimir Kunschikov via Snort-devel (May 23)
    - Re: Is Snort affected ? (CVE-2019-1696, CVE-2019-1704) Joel Esler (jesler) via Snort-devel (May 23)
    - Re: Is Snort affected ? (CVE-2019-1696, CVE-2019-1704) Vladimir Kunschikov via Snort-devel (May 24)