lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1NJB2y-0003jx-Dg@titan.mandriva.com>
Date: Fri, 11 Dec 2009 20:21:00 +0100
From: security@...driva.com
To: full-disclosure@...ts.grok.org.uk
Subject: [ MDVSA-2009:259-1 ] snort


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                       MDVSA-2009:259-1
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : snort
 Date    : December 11, 2009
 Affected: 2008.0
 _______________________________________________________________________

 Problem Description:

 preprocessors/spp_frag3.c in Sourcefire Snort before 2.8.1 does not
 properly identify packet fragments that have dissimilar TTL values,
 which allows remote attackers to bypass detection rules by using a
 different TTL for each fragment. (CVE-2008-1804)
 
 The updated packages have been patched to prevent this.
 
 Additionally there were problems with two rules in the snort-rules
 package for 2008.0 that is also fixed with this update.

 Update:

 Packages for 2008.0 are being provided due to extended support for
 Corporate products.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1804
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2008.0:
 c6835024a29a5c1156ec1bcabe7a930e  2008.0/i586/snort-2.7.0.1-2.1mdv2008.0.i586.rpm
 098ce3906b38dbc27781a50b78ecbbad  2008.0/i586/snort-bloat-2.7.0.1-2.1mdv2008.0.i586.rpm
 d7657089df1764a9e39ddd2b51184a49  2008.0/i586/snort-inline-2.7.0.1-2.1mdv2008.0.i586.rpm
 f4f32580e4d373f60851e86b8f7c9bc0  2008.0/i586/snort-inline+flexresp-2.7.0.1-2.1mdv2008.0.i586.rpm
 a62fad5150fcbf898093874f98a8fd1f  2008.0/i586/snort-mysql-2.7.0.1-2.1mdv2008.0.i586.rpm
 debc1944271f72611659243643df0b37  2008.0/i586/snort-mysql+flexresp-2.7.0.1-2.1mdv2008.0.i586.rpm
 a409dad0f0fff1d22464aec4099ac9c0  2008.0/i586/snort-plain+flexresp-2.7.0.1-2.1mdv2008.0.i586.rpm
 0e23ae93be9946cbcfd4df66beac3233  2008.0/i586/snort-postgresql-2.7.0.1-2.1mdv2008.0.i586.rpm
 c52e0e33c8fc3c01037e2f552897eda0  2008.0/i586/snort-postgresql+flexresp-2.7.0.1-2.1mdv2008.0.i586.rpm
 d3122af0d714bfb08757af1dc62cfb23  2008.0/i586/snort-prelude-2.7.0.1-2.1mdv2008.0.i586.rpm
 0b887e9d0dee5fa77feae8143d134ba9  2008.0/i586/snort-prelude+flexresp-2.7.0.1-2.1mdv2008.0.i586.rpm
 a9e6bf9e1993eacd1063832575ffe977  2008.0/i586/snort-rules-2.3.3-4.1mdv2008.0.noarch.rpm 
 00f5191e8a96520bddec9103643e0749  2008.0/SRPMS/snort-2.7.0.1-2.1mdv2008.0.src.rpm
 0be9e2861d2c13d582f40e6f1bd8e658  2008.0/SRPMS/snort-rules-2.3.3-4.1mdv2008.0.src.rpm

 Mandriva Linux 2008.0/X86_64:
 d2f029f4ec84f06776fb384e56e4d721  2008.0/x86_64/snort-2.7.0.1-2.1mdv2008.0.x86_64.rpm
 6c8ec7d6879e031ced36dc513bb7fe74  2008.0/x86_64/snort-bloat-2.7.0.1-2.1mdv2008.0.x86_64.rpm
 fe4d3026e064ff96a18d3efe30d66751  2008.0/x86_64/snort-inline-2.7.0.1-2.1mdv2008.0.x86_64.rpm
 cc1a7cae0cab080fa9988f4c98e79815  2008.0/x86_64/snort-inline+flexresp-2.7.0.1-2.1mdv2008.0.x86_64.rpm
 d82f9aeb3e9830dbe800ba56174d4db8  2008.0/x86_64/snort-mysql-2.7.0.1-2.1mdv2008.0.x86_64.rpm
 a3dbf00d5ef116b42bd976ee9ade5fa3  2008.0/x86_64/snort-mysql+flexresp-2.7.0.1-2.1mdv2008.0.x86_64.rpm
 0418bd642265eceadb17fe715420df23  2008.0/x86_64/snort-plain+flexresp-2.7.0.1-2.1mdv2008.0.x86_64.rpm
 c230b6a1c20e51b2677ff1ae03cb5a15  2008.0/x86_64/snort-postgresql-2.7.0.1-2.1mdv2008.0.x86_64.rpm
 d77df31ddcf18a7a7593e5066b718b5b  2008.0/x86_64/snort-postgresql+flexresp-2.7.0.1-2.1mdv2008.0.x86_64.rpm
 7acf1860096c4e33a4f98b761238eb8c  2008.0/x86_64/snort-prelude-2.7.0.1-2.1mdv2008.0.x86_64.rpm
 1650df9efae93915a664dc8fd241e541  2008.0/x86_64/snort-prelude+flexresp-2.7.0.1-2.1mdv2008.0.x86_64.rpm
 bf0455c5009baba5e69fd36be577395f  2008.0/x86_64/snort-rules-2.3.3-4.1mdv2008.0.noarch.rpm 
 00f5191e8a96520bddec9103643e0749  2008.0/SRPMS/snort-2.7.0.1-2.1mdv2008.0.src.rpm
 0be9e2861d2c13d582f40e6f1bd8e658  2008.0/SRPMS/snort-rules-2.3.3-4.1mdv2008.0.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFLInBCmqjQ0CJFipgRAmbZAJ4qNSA8+ArtaunQm/WVInVF69aXZQCgynQX
llu8khCpY699YQhOA1z6Nog=
=pqEG
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ