Mandrake Local Security Checks : Mandrake Security Advisory MDKSA-2007:051 (snort)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.58093

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDKSA-2007:051 (snort)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to snort
announced via advisory MDKSA-2007:051.

Algorithmic complexity vulnerability in Snort before 2.6.1, during
predicate evaluation in rule matching for certain rules, allows remote
attackers to cause a denial of service (CPU consumption and detection
outage) via crafted network traffic, aka a backtracking attack.

Updated packages have been patched to address this issue.

Affected: 2006.0, 2007.0, Corporate 4.0, Multi Network Firewall 2.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2007:051

Risk factor : Medium

CVSS Score:
5.0

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2006-6931
BugTraq ID: 21991
http://www.securityfocus.com/bid/21991
http://security.gentoo.org/glsa/glsa-200702-03.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:051
http://www.acsac.org/2006/abstracts/54.html
http://www.acsac.org/2006/advance_program.html
http://www.acsac.org/2006/papers/54.pdf
http://www.cs.wisc.edu/~smithr/pubs/acsac2006.pdf
http://www.cs.wisc.edu/~smithr/pubs/randy_smith_acsac2006.zip
http://lists.immunitysec.com/pipermail/dailydave/2007-January/003954.html
http://www.osvdb.org/32096
http://securitytracker.com/id?1017508
http://secunia.com/advisories/23716
http://secunia.com/advisories/24164
http://secunia.com/advisories/24338
XForce ISS Database: snort-rule-matching-dos(31430)
https://exchange.xforce.ibmcloud.com/vulnerabilities/31430

Copyright Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.58093
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2007:051 (snort)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to snort announced via advisory MDKSA-2007:051. Algorithmic complexity vulnerability in Snort before 2.6.1, during predicate evaluation in rule matching for certain rules, allows remote attackers to cause a denial of service (CPU consumption and detection outage) via crafted network traffic, aka a backtracking attack. Updated packages have been patched to address this issue. Affected: 2006.0, 2007.0, Corporate 4.0, Multi Network Firewall 2.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2007:051 Risk factor : Medium CVSS Score: 5.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-6931 BugTraq ID: 21991 http://www.securityfocus.com/bid/21991 http://security.gentoo.org/glsa/glsa-200702-03.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:051 http://www.acsac.org/2006/abstracts/54.html http://www.acsac.org/2006/advance_program.html http://www.acsac.org/2006/papers/54.pdf http://www.cs.wisc.edu/~smithr/pubs/acsac2006.pdf http://www.cs.wisc.edu/~smithr/pubs/randy_smith_acsac2006.zip http://lists.immunitysec.com/pipermail/dailydave/2007-January/003954.html http://www.osvdb.org/32096 http://securitytracker.com/id?1017508 http://secunia.com/advisories/23716 http://secunia.com/advisories/24164 http://secunia.com/advisories/24338 XForce ISS Database: snort-rule-matching-dos(31430) https://exchange.xforce.ibmcloud.com/vulnerabilities/31430
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com