Mandrake Local Security Checks : Mandriva Security Advisory MDVSA-2009:259-1 (snort)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.66495

Kategorie: Mandrake Local Security Checks

Titel: Mandriva Security Advisory MDVSA-2009:259-1 (snort)

Zusammenfassung: The remote host is missing an update to snort;announced via advisory MDVSA-2009:259-1.

Beschreibung: Summary:
The remote host is missing an update to snort
announced via advisory MDVSA-2009:259-1.

Vulnerability Insight:
preprocessors/spp_frag3.c in Sourcefire Snort before 2.8.1 does not
properly identify packet fragments that have dissimilar TTL values,
which allows remote attackers to bypass detection rules by using a
different TTL for each fragment. (CVE-2008-1804)

The updated packages have been patched to prevent this.

Additionally there were problems with two rules in the snort-rules
package for 2008.0 that is also fixed with this update.

Update:

Packages for 2008.0 are being provided due to extended support for
Corporate products.

Affected: 2008.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2008-1804
BugTraq ID: 29327
http://www.securityfocus.com/bid/29327
https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00156.html
https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00167.html
https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00198.html
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=701
http://securitytracker.com/id?1020081
http://secunia.com/advisories/30348
http://secunia.com/advisories/30563
http://secunia.com/advisories/31204
http://www.vupen.com/english/advisories/2008/1602
XForce ISS Database: snort-ttl-security-bypass(42584)
https://exchange.xforce.ibmcloud.com/vulnerabilities/42584

Copyright Copyright (C) 2009 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.66495
Kategorie:	Mandrake Local Security Checks
Titel:	Mandriva Security Advisory MDVSA-2009:259-1 (snort)
Zusammenfassung:	The remote host is missing an update to snort;announced via advisory MDVSA-2009:259-1.
Beschreibung:	Summary: The remote host is missing an update to snort announced via advisory MDVSA-2009:259-1. Vulnerability Insight: preprocessors/spp_frag3.c in Sourcefire Snort before 2.8.1 does not properly identify packet fragments that have dissimilar TTL values, which allows remote attackers to bypass detection rules by using a different TTL for each fragment. (CVE-2008-1804) The updated packages have been patched to prevent this. Additionally there were problems with two rules in the snort-rules package for 2008.0 that is also fixed with this update. Update: Packages for 2008.0 are being provided due to extended support for Corporate products. Affected: 2008.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2008-1804 BugTraq ID: 29327 http://www.securityfocus.com/bid/29327 https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00156.html https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00167.html https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00198.html http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=701 http://securitytracker.com/id?1020081 http://secunia.com/advisories/30348 http://secunia.com/advisories/30563 http://secunia.com/advisories/31204 http://www.vupen.com/english/advisories/2008/1602 XForce ISS Database: snort-ttl-security-bypass(42584) https://exchange.xforce.ibmcloud.com/vulnerabilities/42584
Copyright	Copyright (C) 2009 E-Soft Inc.