linux, säkerhet

93136 2003-03-07  19:36  /22 rader/ Martinez, Sylvain <Sylvain_Martinez@eu1.bp.com>
Importerad: 2003-03-07  19:36  av Brevbäraren
Extern mottagare: bugtraq@securityfocus.com
Mottagare: Bugtraq (import) <3879>
Ärende: Smoothwall Firewall SNORT buffer overflow
------------------------------------------------------------
All,

Please note that the Linux based firewall smoothwall
(http://www.smoothwall.org) is using a vulnerable version of snort.
A patch has been released for the stable GPL 1.0 version:
http://www.smoothwall.org/home/news/item/20030305.01.html However, no
patch has been released for the beta version GPL 2.0 Mallard. If you
are running this version you should disable snort from the admin
configuration panel.

I am sending an email to this list because I have contacted the snort
developers some days ago and no announcement/information has yet been
published on their website or on the 
developer mailing list.
Snort vulnerability reference: 
http://www.kb.cert.org/vuls/id/916785

- - -
Mr Sylvain Martinez
Infrastructure Security Specialist
http://www.encryptsolutions.com
(93136) /Martinez, Sylvain <Sylvain_Martinez@eu1.bp.com>/(Ombruten)
Kommentar i text 93162 av William Anderson <neuro@well.com>
93162 2003-03-08  18:30  /24 rader/ William Anderson <neuro@well.com>
Importerad: 2003-03-08  18:30  av Brevbäraren
Extern mottagare: bugtraq@securityfocus.com
Mottagare: Bugtraq (import) <3891>
Kommentar till text 93136 av Martinez, Sylvain <Sylvain_Martinez@eu1.bp.com>
Ärende: Re: Smoothwall Firewall SNORT buffer overflow
------------------------------------------------------------
Martinez, Sylvain wrote:
> All,
>
> Please note that the Linux based firewall smoothwall
> (http://www.smoothwall.org) is using a vulnerable version of snort.
> A patch has been released for the stable GPL 1.0 version:
> http://www.smoothwall.org/home/news/item/20030305.01.html
> However, no patch has been released for the beta version GPL 2.0
> Mallard. If you are running this version you should disable snort from
> the admin configuration panel.

A patch is now available from our website:
http://smoothwall.org/beta/bugs/mallard-005.html which disables the
rpc preprocessor in SmoothWall GPL 2.0 beta4.  We will include a
recompiled version of snort 1.91 in the next beta build, as was our
intention.


--
_ __/|   ___  ___ __ _________ "When Microsoft Office is your only hammer,
\`O_o'  / _ \/ -_) // / __/ _ \ pretty much everything begins to look like
=(_ _)=/_//_/\__/\_,_/_/  \___/ a nail. Or a thumb." -- Rob Pegoraro
   U - Ack! Phttpt! Thhbbt!     neuro at well dot com  http://neuro.me.uk/
(93162) /William Anderson <neuro@well.com>/(Ombruten)