[Snort-devel] [Snort-users] Snort 2.20 Denial Of Service Exploit

M. Shirk shirkdog_list at ...445...
Thu Dec 23 04:20:12 EST 2004

I have not verified this, but saw it before leaving the house this morning. 
This is from http://isc.incidents.org

Snort 2.20 Denial of Service exploit posted

K-OTik notified us of this exploit for Snort 2.2 and 

It will core dump a running Snort process with a specially crafted packed. 
The recommended fix is to upgrade to Snort 2.3 RC1 or better which various 
handlers have reported is stable. This particular exploit works with 
Linux-based distributions, but not BSD-based. (We tried RHEL3, Debian, and 


Don�t just search. Find. Check out the new MSN Search! 

More information about the Snort-devel mailing list