LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: September 15th, 2014
Linux Security Week: September 8th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Mandriva: Updated snort packages fix DoS vulnerability Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Mandrake Algorithmic complexity vulnerability in Snort before 2.6.1, during predicate evaluation in rule matching for certain rules, allows remote attackers to cause a denial of service (CPU consumption and detection outage) via crafted network traffic, aka a backtracking attack. Updated packages have been patched to address this issue.
 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2007:051
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : snort
 Date    : February 28, 2007
 Affected: 2006.0, 2007.0, Corporate 4.0, Multi Network Firewall 2.0
 _______________________________________________________________________
 
 Problem Description:
 
 Algorithmic complexity vulnerability in Snort before 2.6.1, during
 predicate evaluation in rule matching for certain rules, allows remote
 attackers to cause a denial of service (CPU consumption and detection
 outage) via crafted network traffic, aka a backtracking attack.
 
 Updated packages have been patched to address this issue.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6931
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2006.0:
 14acfc4ab91f55172378ee21783086d0  2006.0/i586/snort-2.3.3-2.3.20060mdk.i586.rpm
 47737c1cffe59207c0e0117a96ebbd5e  2006.0/i586/snort-bloat-2.3.3-2.3.20060mdk.i586.rpm
 94cef69c4f82524583b93b00ca1885e4  2006.0/i586/snort-inline+flexresp-2.3.3-2.3.20060mdk.i586.rpm
 5c5cb3205151f9378ff26775899cf92a  2006.0/i586/snort-inline-2.3.3-2.3.20060mdk.i586.rpm
 a81892910c6a3b0217c54295cd96f250  2006.0/i586/snort-mysql+flexresp-2.3.3-2.3.20060mdk.i586.rpm
 9fa2f3f800217ca6ee8f4a68087d653e  2006.0/i586/snort-mysql-2.3.3-2.3.20060mdk.i586.rpm
 28ccfe41c7319de41fe264d9dcab936f  2006.0/i586/snort-plain+flexresp-2.3.3-2.3.20060mdk.i586.rpm
 944a116617108b81acdcc69857ef2a72  2006.0/i586/snort-postgresql+flexresp-2.3.3-2.3.20060mdk.i586.rpm
 bc5c0ae549924afc4b764849f9ef2188  2006.0/i586/snort-postgresql-2.3.3-2.3.20060mdk.i586.rpm
 f1af2f22a2cb9842b07126e2a97c3b39  2006.0/i586/snort-snmp+flexresp-2.3.3-2.3.20060mdk.i586.rpm
 78050d7070f70f456d6813767f172a46  2006.0/i586/snort-snmp-2.3.3-2.3.20060mdk.i586.rpm 
 469ee540ffd3ddaff34d6d9e44a526bd  2006.0/SRPMS/snort-2.3.3-2.3.20060mdk.src.rpm

 Mandriva Linux 2006.0/X86_64:
 68080ccee02d86e20f249f17f7d32df1  2006.0/x86_64/snort-2.3.3-2.3.20060mdk.x86_64.rpm
 6c78769ad7344e3c5df82f705bb2c44a  2006.0/x86_64/snort-bloat-2.3.3-2.3.20060mdk.x86_64.rpm
 77d9a51dbaefc07556dfd04bcc785dcf  2006.0/x86_64/snort-inline+flexresp-2.3.3-2.3.20060mdk.x86_64.rpm
 0b072085f8558dc53f22a64933ee715f  2006.0/x86_64/snort-inline-2.3.3-2.3.20060mdk.x86_64.rpm
 6285f03ba66610c0da8eeb096c5e0e6f  2006.0/x86_64/snort-mysql+flexresp-2.3.3-2.3.20060mdk.x86_64.rpm
 07657701d906c8873c089d2714e60333  2006.0/x86_64/snort-mysql-2.3.3-2.3.20060mdk.x86_64.rpm
 950579ea3634f96a34f2df17fab8714b  2006.0/x86_64/snort-plain+flexresp-2.3.3-2.3.20060mdk.x86_64.rpm
 f20d48e02803dadea7a4c6a85917d501  2006.0/x86_64/snort-postgresql+flexresp-2.3.3-2.3.20060mdk.x86_64.rpm
 5db998f1482ec1318938f91cbb1af30f  2006.0/x86_64/snort-postgresql-2.3.3-2.3.20060mdk.x86_64.rpm
 056096e5c2e6766814f2bac64f95f596  2006.0/x86_64/snort-snmp+flexresp-2.3.3-2.3.20060mdk.x86_64.rpm
 50fcc13df4589baab5c3a92e5f8c831a  2006.0/x86_64/snort-snmp-2.3.3-2.3.20060mdk.x86_64.rpm 
 469ee540ffd3ddaff34d6d9e44a526bd  2006.0/SRPMS/snort-2.3.3-2.3.20060mdk.src.rpm

 Mandriva Linux 2007.0:
 d29012178cfaf0b37e6b7a76e0b66660  2007.0/i586/snort-2.6.0-3.1mdv2007.0.i586.rpm
 897c2c44ec92bf21f6b9726b4f938ab0  2007.0/i586/snort-bloat-2.6.0-3.1mdv2007.0.i586.rpm
 822a146097d3d78032a926005417d2eb  2007.0/i586/snort-inline+flexresp-2.6.0-3.1mdv2007.0.i586.rpm
 ec191df50521f8d93d3d033d8c3aa2d9  2007.0/i586/snort-inline-2.6.0-3.1mdv2007.0.i586.rpm
 cc7f1773fb2fb17c79ba4c0867435918  2007.0/i586/snort-mysql+flexresp-2.6.0-3.1mdv2007.0.i586.rpm
 aaa7876ca72b1effe2d0c851a28d1cc2  2007.0/i586/snort-mysql-2.6.0-3.1mdv2007.0.i586.rpm
 47f56100d7aa5d5ddcb414212711e942  2007.0/i586/snort-plain+flexresp-2.6.0-3.1mdv2007.0.i586.rpm
 3031d24bfbeb9fa5539fea8e42047c21  2007.0/i586/snort-postgresql+flexresp-2.6.0-3.1mdv2007.0.i586.rpm
 ec7cf5d51dec733e40e37accc46da547  2007.0/i586/snort-postgresql-2.6.0-3.1mdv2007.0.i586.rpm
 9d19e856ecfc5f51a40bb11214fda23d  2007.0/i586/snort-prelude+flexresp-2.6.0-3.1mdv2007.0.i586.rpm
 c63840f49d3b6a890c17bd7a6e5b45ec  2007.0/i586/snort-prelude-2.6.0-3.1mdv2007.0.i586.rpm 
 41c885cd6a29670f73505f357e7df534  2007.0/SRPMS/snort-2.6.0-3.1mdv2007.0.src.rpm

 Mandriva Linux 2007.0/X86_64:
 b608bd9b32cba92b9fc4b0df3cea10d0  2007.0/x86_64/snort-2.6.0-3.1mdv2007.0.x86_64.rpm
 477a76ade1a59db6a4e899bd1abd3219  2007.0/x86_64/snort-bloat-2.6.0-3.1mdv2007.0.x86_64.rpm
 1040562c56a5f1f651d4fcb520b71401  2007.0/x86_64/snort-inline+flexresp-2.6.0-3.1mdv2007.0.x86_64.rpm
 3c935cf98ea807fb955b4467786dc6d5  2007.0/x86_64/snort-inline-2.6.0-3.1mdv2007.0.x86_64.rpm
 a72f85b6949a00e4d0c125a57274048d  2007.0/x86_64/snort-mysql+flexresp-2.6.0-3.1mdv2007.0.x86_64.rpm
 f815afc9ce1aeb351782e615fbdf7c22  2007.0/x86_64/snort-mysql-2.6.0-3.1mdv2007.0.x86_64.rpm
 26046610206df4cff8508549be74a144  2007.0/x86_64/snort-plain+flexresp-2.6.0-3.1mdv2007.0.x86_64.rpm
 028d7074b920d331685d2599ae0d5fa7  2007.0/x86_64/snort-postgresql+flexresp-2.6.0-3.1mdv2007.0.x86_64.rpm
 7aab39105369c185c70064836b1b81fd  2007.0/x86_64/snort-postgresql-2.6.0-3.1mdv2007.0.x86_64.rpm
 98b2c4ee272001a08fbcb7b9ec6b06ac  2007.0/x86_64/snort-prelude+flexresp-2.6.0-3.1mdv2007.0.x86_64.rpm
 93fb2d5603d8b905f713057fb2f602e6  2007.0/x86_64/snort-prelude-2.6.0-3.1mdv2007.0.x86_64.rpm 
 41c885cd6a29670f73505f357e7df534  2007.0/SRPMS/snort-2.6.0-3.1mdv2007.0.src.rpm

 Corporate 4.0:
 acca1849a4344ba21bdd025b4b5df546  corporate/4.0/i586/snort-2.4.5-1.2.20060mlcs4.i586.rpm
 3f0f252ce90cb549389566b1b9fa30e5  corporate/4.0/i586/snort-bloat-2.4.5-1.2.20060mlcs4.i586.rpm
 d1332509d105dc88b52973b0bad0b39e  corporate/4.0/i586/snort-inline+flexresp-2.4.5-1.2.20060mlcs4.i586.rpm
 0ebd8d99f49c643336b27317a007f508  corporate/4.0/i586/snort-inline-2.4.5-1.2.20060mlcs4.i586.rpm
 c3780982acdf477a815653f3cd196592  corporate/4.0/i586/snort-mysql+flexresp-2.4.5-1.2.20060mlcs4.i586.rpm
 165ededf0f837a9ab8d199060ec2f419  corporate/4.0/i586/snort-mysql-2.4.5-1.2.20060mlcs4.i586.rpm
 a8c043893fddd62c031db00562913449  corporate/4.0/i586/snort-plain+flexresp-2.4.5-1.2.20060mlcs4.i586.rpm
 2576dae48c7cdcda07663d9b0076ed3a  corporate/4.0/i586/snort-postgresql+flexresp-2.4.5-1.2.20060mlcs4.i586.rpm
 f2aa1b11e34668f7ed266355e81edf61  corporate/4.0/i586/snort-postgresql-2.4.5-1.2.20060mlcs4.i586.rpm
 092bf95d2d46e7dda7129df5b35f3226  corporate/4.0/i586/snort-prelude+flexresp-2.4.5-1.2.20060mlcs4.i586.rpm
 60deea47ecbe39fa132a33895c68585b  corporate/4.0/i586/snort-prelude-2.4.5-1.2.20060mlcs4.i586.rpm
 12375f9cbbdf27bfc481dbcc05d9fde0  corporate/4.0/i586/snort-snmp+flexresp-2.4.5-1.2.20060mlcs4.i586.rpm
 e74f10ad5826db12ca0769cf9e0c44cb  corporate/4.0/i586/snort-snmp-2.4.5-1.2.20060mlcs4.i586.rpm 
 56600d329f0d35d1f168344bd35f70b5  corporate/4.0/SRPMS/snort-2.4.5-1.2.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 1cd573fdc6615ca639e38ba934922076  corporate/4.0/x86_64/snort-2.4.5-1.2.20060mlcs4.x86_64.rpm
 a5f21846da335073bc9220fc58fb1d6c  corporate/4.0/x86_64/snort-bloat-2.4.5-1.2.20060mlcs4.x86_64.rpm
 5d806ad68f4e3fd1d0e5982312a38ab3  corporate/4.0/x86_64/snort-inline+flexresp-2.4.5-1.2.20060mlcs4.x86_64.rpm
 df3a160e22d584e94a174d8770c23147  corporate/4.0/x86_64/snort-inline-2.4.5-1.2.20060mlcs4.x86_64.rpm
 d40e9420d7c66cb1fd8e249e6e0eb540  corporate/4.0/x86_64/snort-mysql+flexresp-2.4.5-1.2.20060mlcs4.x86_64.rpm
 bf85d4875568b7f0730b0a066925b722  corporate/4.0/x86_64/snort-mysql-2.4.5-1.2.20060mlcs4.x86_64.rpm
 6b067b67405af248a7bfd5e2d551f18b  corporate/4.0/x86_64/snort-plain+flexresp-2.4.5-1.2.20060mlcs4.x86_64.rpm
 2de696b63b04481d443e9a85e6d6f655  corporate/4.0/x86_64/snort-postgresql+flexresp-2.4.5-1.2.20060mlcs4.x86_64.rpm
 c10f29fa0e3077f3d89cb3d707c02a5a  corporate/4.0/x86_64/snort-postgresql-2.4.5-1.2.20060mlcs4.x86_64.rpm
 a4e6929e593ed1445b060b1f6e244ab2  corporate/4.0/x86_64/snort-prelude+flexresp-2.4.5-1.2.20060mlcs4.x86_64.rpm
 9b90c281dae9b4f14358d7c35b05c98c  corporate/4.0/x86_64/snort-prelude-2.4.5-1.2.20060mlcs4.x86_64.rpm
 75ffa4a4e0671bad4f4a6548fea5cd51  corporate/4.0/x86_64/snort-snmp+flexresp-2.4.5-1.2.20060mlcs4.x86_64.rpm
 22a7a07d459a48f4cf430bfaf96ccbd9  corporate/4.0/x86_64/snort-snmp-2.4.5-1.2.20060mlcs4.x86_64.rpm 
 56600d329f0d35d1f168344bd35f70b5  corporate/4.0/SRPMS/snort-2.4.5-1.2.20060mlcs4.src.rpm

 Multi Network Firewall 2.0:
 587839951c01cdf69b2a60ada22db0a0  mnf/2.0/i586/snort-2.1.0-3.1.M20mdk.i586.rpm
 aee651ef150ac9c9c82626c86e146e81  mnf/2.0/i586/snort-bloat-2.1.0-3.1.M20mdk.i586.rpm
 3a54884ee7391077b16e6693683433a7  mnf/2.0/i586/snort-mysql+flexresp-2.1.0-3.1.M20mdk.i586.rpm
 a6eb3b2df3e971e3d541932c151e2adc  mnf/2.0/i586/snort-mysql-2.1.0-3.1.M20mdk.i586.rpm
 d18a9444b54d7c6edc303ef63e18a9f0  mnf/2.0/i586/snort-plain+flexresp-2.1.0-3.1.M20mdk.i586.rpm
 5dba5abf07bd3e08bb53996d1de3b13e  mnf/2.0/i586/snort-postgresql+flexresp-2.1.0-3.1.M20mdk.i586.rpm
 39f461b7a95df268c4a30f47db064acb  mnf/2.0/i586/snort-postgresql-2.1.0-3.1.M20mdk.i586.rpm
 cb0bcfa2730d36e9d3d2e4af4be3ebd4  mnf/2.0/i586/snort-snmp+flexresp-2.1.0-3.1.M20mdk.i586.rpm
 c07a848d0d6f92fc978708ab8fc5a725  mnf/2.0/i586/snort-snmp-2.1.0-3.1.M20mdk.i586.rpm 
 05d54ef33e34c2a30e164fa963eec903  mnf/2.0/SRPMS/snort-2.1.0-3.1.M20mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Infosec geniuses hack a Canon PRINTER and install DOOM
How network virtualization is used as a security tool
Here's What Hackers Can Do With Your CRM Data
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.