[Snort-users] Alternate to Snortcenter2?
lists at ...9901...
Wed Sep 28 20:17:22 EDT 2005
I'm looking into this now. It looks like I've found a couple of other
issues like for some reason rule_combine script that I provide to pull
all the rulesets together appears to be doing something to the community
rules becasue I'm getting a major parse error on rule 100000135.
It give me this
Unknown Rule option: 43 (msg:"COMMUNITY IMAP GNU Mailutils request tag
format string vulnerability"; flow:to_server,established;
content:"|25|"; pcre:"/^\S*\x25\S*\s/sm"; reference:cve,CAN-2005-1523;
reference:bugtraq,13764; classtype:attempted-admin; sid:100000135; rev:1;
-> 43 (msg
Wes if you have time can you try to load the 2.4 rule set and see if you
get the same problem.
East, Bill wrote:
> The error was "Unknown Rule option", from parser.php
> SID is 3441
More information about the Snort-users