ID de Prueba:	1.3.6.1.4.1.25623.1.0.65735
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDVSA-2009:259 (snort)
Resumen:	The remote host is missing an update to snort;announced via advisory MDVSA-2009:259.
Descripción:	Summary: The remote host is missing an update to snort announced via advisory MDVSA-2009:259. Vulnerability Insight: preprocessors/spp_frag3.c in Sourcefire Snort before 2.8.1 does not properly identify packet fragments that have dissimilar TTL values, which allows remote attackers to bypass detection rules by using a different TTL for each fragment. (CVE-2008-1804) The updated packages have been patched to prevent this. Affected: 2008.1 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-1804 BugTraq ID: 29327 http://www.securityfocus.com/bid/29327 https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00156.html https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00167.html https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00198.html http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=701 http://securitytracker.com/id?1020081 http://secunia.com/advisories/30348 http://secunia.com/advisories/30563 http://secunia.com/advisories/31204 http://www.vupen.com/english/advisories/2008/1602 XForce ISS Database: snort-ttl-security-bypass(42584) https://exchange.xforce.ibmcloud.com/vulnerabilities/42584
Copyright	Copyright (C) 2009 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.