lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <098101c2e516$f7fe13e0$c802a8c0@local.zensoft.net>
Date: Sat, 8 Mar 2003 02:03:51 -0000
From: "William Anderson" <neuro@...l.com>
To: <bugtraq@...urityfocus.com>
Subject: Re: Smoothwall Firewall SNORT buffer overflow


Martinez, Sylvain wrote:
> All,
>
> Please note that the Linux based firewall smoothwall
> (http://www.smoothwall.org) is using a vulnerable version of snort.
> A patch has been released for the stable GPL 1.0 version:
> http://www.smoothwall.org/home/news/item/20030305.01.html
> However, no patch has been released for the beta version GPL 2.0
> Mallard. If you are running this version you should disable snort from
> the admin configuration panel.

A patch is now available from our website:
http://smoothwall.org/beta/bugs/mallard-005.html which disables the rpc
preprocessor in SmoothWall GPL 2.0 beta4.  We will include a recompiled
version of snort 1.91 in the next beta build, as was our intention.


--
_ __/|   ___  ___ __ _________ "When Microsoft Office is your only hammer,
\`O_o'  / _ \/ -_) // / __/ _ \ pretty much everything begins to look like
=(_ _)=/_//_/\__/\_,_/_/  \___/ a nail. Or a thumb." -- Rob Pegoraro
   U - Ack! Phttpt! Thhbbt!     neuro at well dot com  http://neuro.me.uk/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ