Hi,
Noticed on vil.mcafee.com that a proof of concept exploit for Snort to
exploit the vuln. found in v1.8 through to 1.9.1.
Packet Storm Security have this proof of concept on their site (local
exploit at the moment).
It uses a call-back technique to spawn a shell on the attackers machine,
via
David Ramsden wrote:
Hi,
Noticed on vil.mcafee.com that a proof of concept exploit for Snort to
exploit the vuln. found in v1.8 through to 1.9.1.
Packet Storm Security have this proof of concept on their site (local
exploit at the moment).
It uses a call-back technique to spawn a shell on the
Il ven, 2003-04-25 alle 11:19, David Ramsden ha scritto:
Noticed on vil.mcafee.com that a proof of concept exploit for Snort to
exploit the vuln. found in v1.8 through to 1.9.1.
up to 2.0rc1 as reported by cert
What's the status of a patch from Debian Security? No DSA yet either.
I know
On Fri, Apr 25, 2003 at 12:13:38PM +0200, Marcel Weber wrote:
David Ramsden wrote:
[snip]
Following the advice from heise.de [1] it should be enough to comment
out the line:
preprocessor stream4_reassemble
in your /etc/snort/snort.conf
as the vulnerability is in this module. Of
- Forwarded message from Marcel Weber [EMAIL PROTECTED] -
From: Marcel Weber [EMAIL PROTECTED]
To: David Ramsden [EMAIL PROTECTED]
Cc: debian-security@lists.debian.org
Subject: Re: Snort exploit in wild.
X-Virus-Scanned: by AMaViS and OpenAntivirus ScannerDaemon
X-Spam-Status: No, hits
On Fri, 25 Apr 2003 10:19:59 +0100, David Ramsden wrote:
Noticed on vil.mcafee.com that a proof of concept exploit for Snort to
exploit the vuln. found in v1.8 through to 1.9.1.
[...]
What's the status of a patch from Debian Security? No DSA yet either.
I know this has been brought up a few times
On Fri, Apr 25, 2003 at 10:44:49PM +0100, Nick Boyce wrote:
The general consensus of opinion (including the Debian packager) was
that *nobody* should even consider using the V1.8.4 Snort package in
Woody - it's much too old, and has a number of security issues.
It's not really that it has a
7 matches
Mail list logo