[Snort-devel] [Snort-users] Snort 2.20 Denial Of Service Exploit

M. Shirk shirkdog_list at ...445...
Thu Dec 23 04:20:12 EST 2004


I have not verified this, but saw it before leaving the house this morning. 
This is from http://isc.incidents.org

Snort 2.20 Denial of Service exploit posted

K-OTik notified us of this exploit for Snort 2.2 and 
earlier:http://www.k-otik.com/exploits/20041222.angelDust.c.php

It will core dump a running Snort process with a specially crafted packed. 
The recommended fix is to upgrade to Snort 2.3 RC1 or better which various 
handlers have reported is stable. This particular exploit works with 
Linux-based distributions, but not BSD-based. (We tried RHEL3, Debian, and 
OpenBSD).

Shirkdog
http://www.shirkdog.us

_________________________________________________________________
Don�t just search. Find. Check out the new MSN Search! 
http://search.msn.click-url.com/go/onm00200636ave/direct/01/





More information about the Snort-devel mailing list