[29225] in bugtraq
Smoothwall Firewall SNORT buffer overflow
daemon@ATHENA.MIT.EDU (Martinez, Sylvain)
Fri Mar 7 13:43:06 2003
Message-ID: <FE851D61C46DD311BC1700508B085E961816B114@eumorx6.bp.com>
From: "Martinez, Sylvain" <Sylvain_Martinez@eu1.bp.com>
To: bugtraq@securityfocus.com
Date: Fri, 7 Mar 2003 09:27:40 -0000
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
All,
Please note that the Linux based firewall smoothwall
(http://www.smoothwall.org) is using a vulnerable version of snort.
A patch has been released for the stable GPL 1.0 version:
http://www.smoothwall.org/home/news/item/20030305.01.html
However, no patch has been released for the beta version GPL 2.0 Mallard. If
you are running this version you should disable snort from the admin
configuration panel.
I am sending an email to this list because I have contacted the snort
developers some days ago and no announcement/information has yet been
published on their website or on the
developer mailing list.
Snort vulnerability reference:
http://www.kb.cert.org/vuls/id/916785
- - -
Mr Sylvain Martinez
Infrastructure Security Specialist
http://www.encryptsolutions.com
