[Snort-devel] Snort 2.7 Segfaults w/bleeding-exploit
bamm.visscher at ...2499...
Wed Jul 25 19:20:50 EDT 2007
I was testing 2.7.0 (Build 35) today and ran into a couple of issues.
The first is fairly simple.
Initializing rule chains...
ERROR: /etc/snort/rules/bleeding-dos.rules (79): Invalid ICMP icode in
Fatal Error, Quitting..
The below thread on snort-sigs seems to address the issue, not sure
when the change of syntax occurred
[Snort-sigs] icode syntax (snort 2.7.0)
The next issue is a bit different.
Program received signal SIGSEGV, Segmentation fault.
0x080bc81e in Stream5GetFlowData (p=0xbfe18e90) at spp_stream5.c:1277
1277 return (StreamFlowData *)ssn->flowdata->data;
If I comment out bleeding-exploit.rules, everything works fine. Snort
doesn't complain with -T either. I am getting ready to head out, so
if anyone else can confirm the issue, that'd be great. Otherwise I'll
try to track down what rule is triggering the issue when I can get
some more time.
sguil - The Analyst Console for NSM
More information about the Snort-devel