drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Fehler in den Erkennungsregeln in snort
Name: |
Fehler in den Erkennungsregeln in snort |
|
ID: |
MDVSA-2009:259 |
|
Distribution: |
Mandriva |
|
Plattformen: |
Mandriva 2008.1 |
|
Datum: |
Do, 8. Oktober 2009, 03:12 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1804 |
|
Applikationen: |
Snort |
|
Originalnachricht |
This is a multi-part message in MIME format...
------------=_1254964350-13155-2491
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2009:259 http://www.mandriva.com/security/ _______________________________________________________________________
Package : snort Date : October 7, 2009 Affected: 2008.1 _______________________________________________________________________
Problem Description:
preprocessors/spp_frag3.c in Sourcefire Snort before 2.8.1 does not properly identify packet fragments that have dissimilar TTL values, which allows remote attackers to bypass detection rules by using a different TTL for each fragment. (CVE-2008-1804) The updated packages have been patched to prevent this. _______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1804 _______________________________________________________________________
Updated Packages:
Mandriva Linux 2008.1: dc3906dc1d48752b0028db52dda4e9b4 2008.1/i586/snort-2.8.0.1-0.3mdv2008.1.i586.rpm 6c34aaba7a0021ccc797674b1b80bd46 2008.1/i586/snort-bloat-2.8.0.1-0.3mdv2008.1.i586.rpm c95670f1057d26073663beb067704575 2008.1/i586/snort-inline-2.8.0.1-0.3mdv2008.1.i586.rpm f38aca6368004b309de50a9e89ae4711 2008.1/i586/snort-inline+flexresp-2.8.0.1-0.3mdv2008.1.i586.rpm ae5e49f3664e21fd7576f27d51f0ab16 2008.1/i586/snort-mysql-2.8.0.1-0.3mdv2008.1.i586.rpm 72378abc8bded4a46f4a4742a76bf071 2008.1/i586/snort-mysql+flexresp-2.8.0.1-0.3mdv2008.1.i586.rpm 9b91fb239c850094fe3d068d5e8ac4b2 2008.1/i586/snort-plain+flexresp-2.8.0.1-0.3mdv2008.1.i586.rpm da019e8b5e97df18c4730a539c0f9138 2008.1/i586/snort-postgresql-2.8.0.1-0.3mdv2008.1.i586.rpm 795e63ccf0f37e51c650eec1c22f59bc 2008.1/i586/snort-postgresql+flexresp-2.8.0.1-0.3mdv2008.1.i586.rpm dc86b9a563093dc6e723ea7b76ea38ce 2008.1/i586/snort-prelude-2.8.0.1-0.3mdv2008.1.i586.rpm 2a397c8290156cf78fda4bbab18677e4 2008.1/i586/snort-prelude+flexresp-2.8.0.1-0.3mdv2008.1.i586.rpm 745baaa0d4e9b8c8a874f05e1742a77e 2008.1/SRPMS/snort-2.8.0.1-0.3mdv2008.1.src.rpm
Mandriva Linux 2008.1/X86_64: 4540092c49a3dabb3401e95de9dde397 2008.1/x86_64/snort-2.8.0.1-0.3mdv2008.1.x86_64.rpm f62c42af2d2c39deeec921e3e04318c2 2008.1/x86_64/snort-bloat-2.8.0.1-0.3mdv2008.1.x86_64.rpm 8a2e5997b5ddc0917f8e661bbf228ab0 2008.1/x86_64/snort-inline-2.8.0.1-0.3mdv2008.1.x86_64.rpm 5a8e5de46c6adb8f5840ee0220a3825d 2008.1/x86_64/snort-inline+flexresp-2.8.0.1-0.3mdv2008.1.x86_64.rpm 53e029637c4d7b54cc1dda1ca0a84f71 2008.1/x86_64/snort-mysql-2.8.0.1-0.3mdv2008.1.x86_64.rpm 552026c7b229ec62e5c41f2034b4d18f 2008.1/x86_64/snort-mysql+flexresp-2.8.0.1-0.3mdv2008.1.x86_64.rpm 8036750a3fc64817acf1c82ce9f588cf 2008.1/x86_64/snort-plain+flexresp-2.8.0.1-0.3mdv2008.1.x86_64.rpm c4c349130ffd21720bb0b59a0653cc2a 2008.1/x86_64/snort-postgresql-2.8.0.1-0.3mdv2008.1.x86_64.rpm 3c2c7bafdc630238ce2d3a27b7dc54ab 2008.1/x86_64/snort-postgresql+flexresp-2.8.0.1-0.3mdv2008.1.x86_64.rpm 8d6c4fdc34d23992846bc23dde64da9c 2008.1/x86_64/snort-prelude-2.8.0.1-0.3mdv2008.1.x86_64.rpm 69e6dcc8c225e4ef231a03b24c1609bb 2008.1/x86_64/snort-prelude+flexresp-2.8.0.1-0.3mdv2008.1.x86_64.rpm 745baaa0d4e9b8c8a874f05e1742a77e 2008.1/SRPMS/snort-2.8.0.1-0.3mdv2008.1.src.rpm _______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com _______________________________________________________________________
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFKzRBPmqjQ0CJFipgRAtgTAJ40Hw8QpOu7G2hJshupeYo1nISexgCfSGDj lOR8kwq98+UqPA7h/HJr22I= =7No9 -----END PGP SIGNATURE-----
------------=_1254964350-13155-2491 Content-Type: text/plain; name="message-footer.txt" Content-Disposition: inline; filename="message-footer.txt" Content-Transfer-Encoding: 8bit
To unsubscribe, send a email to sympa@mandrivalinux.org with this subject : unsubscribe security-announce _______________________________________________________ Want to buy your Pack or Services from Mandriva? Go to http://www.mandrivastore.com Join the Club : http://www.mandrivaclub.com _______________________________________________________
------------=_1254964350-13155-2491--
|
|
|
|