[29236] in bugtraq
Re: Smoothwall Firewall SNORT buffer overflow
daemon@ATHENA.MIT.EDU (William Anderson)
Sat Mar 8 12:38:31 2003
Message-ID: <098101c2e516$f7fe13e0$c802a8c0@local.zensoft.net>
From: "William Anderson" <neuro@well.com>
To: <bugtraq@securityfocus.com>
Date: Sat, 8 Mar 2003 02:03:51 -0000
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Martinez, Sylvain wrote:
> All,
>
> Please note that the Linux based firewall smoothwall
> (http://www.smoothwall.org) is using a vulnerable version of snort.
> A patch has been released for the stable GPL 1.0 version:
> http://www.smoothwall.org/home/news/item/20030305.01.html
> However, no patch has been released for the beta version GPL 2.0
> Mallard. If you are running this version you should disable snort from
> the admin configuration panel.
A patch is now available from our website:
http://smoothwall.org/beta/bugs/mallard-005.html which disables the rpc
preprocessor in SmoothWall GPL 2.0 beta4. We will include a recompiled
version of snort 1.91 in the next beta build, as was our intention.
--
_ __/| ___ ___ __ _________ "When Microsoft Office is your only hammer,
\`O_o' / _ \/ -_) // / __/ _ \ pretty much everything begins to look like
=(_ _)=/_//_/\__/\_,_/_/ \___/ a nail. Or a thumb." -- Rob Pegoraro
U - Ack! Phttpt! Thhbbt! neuro at well dot com http://neuro.me.uk/
