[Snort-users] Update on The Rule Matching Vulnerability published today

Mike Guiterman mike.guiterman at ...1935...
Thu Jan 11 17:28:13 EST 2007


Hi everyone,

Thanks to Randy Smith, Christian Estan, and Somesh Jha of the University 
of Wisconsin-Madison for reporting the Rule Matching Backtrack Denial of 
Service Vulnerability.   This issue was fixed in v2.6.1.  We recommend 
users update to the current release 2.6.1.2

There seems to be some confusion over whether or not the current release 
is vulnerable.  Some users reported seeing published information where 
v2.6.1 appeared vulnerable.   We looked into the reports and found that 
it is simply an unusual way that Security Focus displays version 
numbers. In the 4 digit format they use a space in place of a 0, ie. 
where it the entry lists " 2.6. 1" the version number should read 2.6.0.1. 

Bugtraq information is located at:  http://www.securityfocus.com/bid/21991
-- 

Mike Guiterman

Snort Community Manager

Sourcefire, Inc.

mguiterman at ...1935...

(410)423-1930





More information about the Snort-users mailing list