[Snort-users] BASE 1.2.1 (kris) released (Security Fix included!)

Kevin Johnson kjohnson at ...12400...
Sun Oct 30 17:00:18 EST 2005


Hi all-

The BASE project team is happy to announce the immediate availability of
the 1.2.1 (kris) release of BASE.  This release has a fix for the SQL
injection problem that has haunted ACID and BASE since their inception.
This fix does not address every type of attack vector that exists but
does remove the bulk of the problem.  We are currently working on the
next major version of BASE.  The 2.0 code base is being completely
rewritten and as such, should not have the issues that plague the
existing versions.  

The BASE team would like to remind everyone that this project is a
security tool and as such, remember to use some form of authentication
before allowing people into the system.  Either the built in
authentication or a .htaccess file are recommended.  Allowing people to
browse your security alerts with out authentication is asking for
problems.

If you have any questions or comments please feel free to write us,

Thanks for all of your support!
Kevin Johnson and the BASE project team
---------------------
BASE Project Lead
http://sourceforge.net/projects/secureideas
http://base.secureideas.net
The next step in IDS analysis!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20051030/6acefd4b/attachment.sig>


More information about the Snort-users mailing list