Alerts This Week
Warning Icon 1 681
Alerts This Week
Warning Icon 1 681

Fedora 11: FEDORA-2009-10999 Important: OpenSSH Vulnerability Patch

fedora
Calendar Grey November 24, 2009
Dist Fedora Esm H88
Essential Fedora patch for snort addressing a DoS vulnerability linked to IPv6 packet processing in release 2.8.5.1.
Update to 2.8.5.1 which includes a fix for CVE-2009-3641 DoS (crash) while printing specially-crafted IPv6 packet using the -v option

Summary

Snort is a libpcap-based packet sniffer/logger which

can be used as a lightweight network intrusion detection system.

It features rules based logging and can perform protocol analysis,

content searching/matching and can be used to detect a variety of

attacks and probes, such as buffer overflows, stealth port scans,

CGI attacks, SMB probes, OS fingerprinting attempts, and much more.

Snort has a real-time alerting capabilty, with alerts being sent to syslog,

a separate "alert" file, or as a WinPopup message via Samba's smbclient

Edit /etc/snort.conf to configure snort and use snort.d to start snort

This rpm is different from previous rpms and while it will not clobber

your current snortd file, you will need to modify it.

There are 9 different packages available

All of them require the base snort rpm. Additionally, you will need

to chose a binary to install.

/usr/sbin/snort should end up being a symlink to a binary in one of

the following configurations:

plain plain+flexresp

mysql mysql+flexresp

postgresql postgresql+flexresp

snmp snmp+flexresp

bloat mysql+postgresql+flexresp+snmp

Please see the documentation in /usr/share/doc/snort-2.8.5.1

There are no rules in this package the license they are released under forbids

us from repackaging them and redistributing them.

Update Information:

Update to 2.8.5.1 which includes a fix for CVE-2009-3641 DoS (crash) while printing specially-crafted IPv6 packet using the -v option

Topics%20covered

Topics Covered

security advisory fedora critical DoS network intrusion snort

Change Log

* Sun Oct 25 2009 Dennis Gilmore - 2.8.5.1-1 - update for CVE-2009-3641 * Sun Jul 26 2009 Fedora Release Engineering - 2.8.3.2-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild * Sun Apr 19 2009 Robert Scheck - 2.8.3.2-3 - Build require package libnet10-devel rather libnet10 * Wed Feb 25 2009 Fedora Release Engineering - 2.8.3.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild * Mon Feb 16 2009 Dennis Gilmore - 2.8.3.2-1 - update to 2.8.3.2 * Fri Jan 23 2009 Dennis Gilmore - 2.8.1-6 - rebuild for new mysql

References


[ 1 ] Bug #530863 - CVE-2009-3641 Snort: DoS (crash) while printing specially-crafted IPv6 packet using the -v option https://bugzilla.redhat.com/show_bug.cgi?id=530863

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update snort' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
important
Lowest
Low
Medium
High
Critical

Name: snort
Product: Fedora 10
Version: 2.8.5.1
Release: 1.fc10
URL: https://www.snort.org/
Summary: Intrusion detection system

Topics%20covered

Topics Covered

security advisory fedora critical DoS network intrusion snort

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here