[Snort-users] FW: ISS Alert: Remote Denial of ServiceVulnerability in Snort ID S

Yom, Francis fyom at ...2367...
Mon Jan 28 18:39:03 EST 2002


Hmm...

This greatly explains 2 things to me:

Why I have been catch all kinds of strange ICMP packets lately and
Why I haven't been affected - not using the ASCII payload dump.

;-)

-----Original Message-----
From: Martin Roesch [mailto:roesch at ...1935...] 
Sent: Monday, January 28, 2002 9:21 PM
To: Ryan Russell; Ryan Hill
Cc: snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] FW: ISS Alert: Remote Denial of
ServiceVulnerability in Snort ID S


And it only applied when you had the ASCII payload dump enabled.  I
think someone at ISS is putting together some marketing fu...

     -Marty

On 1/28/02 7:39 PM, "Ryan Russell" <ryan at ...35...> wrote:

> On Mon, 28 Jan 2002, Ryan Hill wrote:
> 
>> Marty, et. al. - Have anyone else seen this and/or confirmed its 
>> validity?
>> 
>> Regards,
>> 
> 
> Yes, it was discussed here weeks ago when it was new.  Marty patched 
> it the same day..
> 
> Ryan
> 
> 
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe: 
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive: 
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
> 

-- 
Martin Roesch - Founder/CEO Sourcefire Inc. - (410) 552-6999
Sourcefire: Professional Snort Sensor and Management Console appliances
roesch at ...1935... - http://www.sourcefire.com
Snort: Open Source Network IDS - http://www.snort.org


_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users




More information about the Snort-users mailing list