lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1MvhV7-0002oU-BC@titan.mandriva.com>
Date: Thu, 08 Oct 2009 03:09:01 +0200
From: security@...driva.com
To: full-disclosure@...ts.grok.org.uk
Subject: [ MDVSA-2009:259 ] snort


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2009:259
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : snort
 Date    : October 7, 2009
 Affected: 2008.1
 _______________________________________________________________________

 Problem Description:

 preprocessors/spp_frag3.c in Sourcefire Snort before 2.8.1 does not
 properly identify packet fragments that have dissimilar TTL values,
 which allows remote attackers to bypass detection rules by using a
 different TTL for each fragment. (CVE-2008-1804)
 
 The updated packages have been patched to prevent this.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1804
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2008.1:
 dc3906dc1d48752b0028db52dda4e9b4  2008.1/i586/snort-2.8.0.1-0.3mdv2008.1.i586.rpm
 6c34aaba7a0021ccc797674b1b80bd46  2008.1/i586/snort-bloat-2.8.0.1-0.3mdv2008.1.i586.rpm
 c95670f1057d26073663beb067704575  2008.1/i586/snort-inline-2.8.0.1-0.3mdv2008.1.i586.rpm
 f38aca6368004b309de50a9e89ae4711  2008.1/i586/snort-inline+flexresp-2.8.0.1-0.3mdv2008.1.i586.rpm
 ae5e49f3664e21fd7576f27d51f0ab16  2008.1/i586/snort-mysql-2.8.0.1-0.3mdv2008.1.i586.rpm
 72378abc8bded4a46f4a4742a76bf071  2008.1/i586/snort-mysql+flexresp-2.8.0.1-0.3mdv2008.1.i586.rpm
 9b91fb239c850094fe3d068d5e8ac4b2  2008.1/i586/snort-plain+flexresp-2.8.0.1-0.3mdv2008.1.i586.rpm
 da019e8b5e97df18c4730a539c0f9138  2008.1/i586/snort-postgresql-2.8.0.1-0.3mdv2008.1.i586.rpm
 795e63ccf0f37e51c650eec1c22f59bc  2008.1/i586/snort-postgresql+flexresp-2.8.0.1-0.3mdv2008.1.i586.rpm
 dc86b9a563093dc6e723ea7b76ea38ce  2008.1/i586/snort-prelude-2.8.0.1-0.3mdv2008.1.i586.rpm
 2a397c8290156cf78fda4bbab18677e4  2008.1/i586/snort-prelude+flexresp-2.8.0.1-0.3mdv2008.1.i586.rpm 
 745baaa0d4e9b8c8a874f05e1742a77e  2008.1/SRPMS/snort-2.8.0.1-0.3mdv2008.1.src.rpm

 Mandriva Linux 2008.1/X86_64:
 4540092c49a3dabb3401e95de9dde397  2008.1/x86_64/snort-2.8.0.1-0.3mdv2008.1.x86_64.rpm
 f62c42af2d2c39deeec921e3e04318c2  2008.1/x86_64/snort-bloat-2.8.0.1-0.3mdv2008.1.x86_64.rpm
 8a2e5997b5ddc0917f8e661bbf228ab0  2008.1/x86_64/snort-inline-2.8.0.1-0.3mdv2008.1.x86_64.rpm
 5a8e5de46c6adb8f5840ee0220a3825d  2008.1/x86_64/snort-inline+flexresp-2.8.0.1-0.3mdv2008.1.x86_64.rpm
 53e029637c4d7b54cc1dda1ca0a84f71  2008.1/x86_64/snort-mysql-2.8.0.1-0.3mdv2008.1.x86_64.rpm
 552026c7b229ec62e5c41f2034b4d18f  2008.1/x86_64/snort-mysql+flexresp-2.8.0.1-0.3mdv2008.1.x86_64.rpm
 8036750a3fc64817acf1c82ce9f588cf  2008.1/x86_64/snort-plain+flexresp-2.8.0.1-0.3mdv2008.1.x86_64.rpm
 c4c349130ffd21720bb0b59a0653cc2a  2008.1/x86_64/snort-postgresql-2.8.0.1-0.3mdv2008.1.x86_64.rpm
 3c2c7bafdc630238ce2d3a27b7dc54ab  2008.1/x86_64/snort-postgresql+flexresp-2.8.0.1-0.3mdv2008.1.x86_64.rpm
 8d6c4fdc34d23992846bc23dde64da9c  2008.1/x86_64/snort-prelude-2.8.0.1-0.3mdv2008.1.x86_64.rpm
 69e6dcc8c225e4ef231a03b24c1609bb  2008.1/x86_64/snort-prelude+flexresp-2.8.0.1-0.3mdv2008.1.x86_64.rpm 
 745baaa0d4e9b8c8a874f05e1742a77e  2008.1/SRPMS/snort-2.8.0.1-0.3mdv2008.1.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFKzRBPmqjQ0CJFipgRAtgTAJ40Hw8QpOu7G2hJshupeYo1nISexgCfSGDj
lOR8kwq98+UqPA7h/HJr22I=
=7No9
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ