[Dshield] Infocon Yellow: Snort Vulnerability

Håkon Alstadheim hakon at alstadheim.priv.no
Wed Oct 19 14:06:15 GMT 2005


Joel Esler wrote:
>FYI.  All you have to do is either update to version 2.4.3, or  
>comment out the "bo" preprocessor in your snort.conf.
>
>If you running < 2.4.0 (first of all i suggest you upgrade to 2.4.3),  
>but you are not vulnerable.  Snort on.
>
>  
D'oh.
'# rpm -q snort' gives  'snort-2.3.2-0.2'. This is on a stock SuSE 9.3 
system. SuSE 10.0 is out, but I'll trust SuSE to keep 9.3 reasonably 
patched for some months still. Anyway, thanks, I'm back to lurking. :-)
-- 
Håkon Alstadheim 	(+47) 74 82 60 27 / 93 63 00 28
7510 Skatval
http://alstadheim.priv.no/hakon/




More information about the list mailing list