Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

Mageia: 2023-0117 Critical: Snort Remote Exploits and Bypass Threats

mageia
Calendar Grey March 31, 2023
Dist Mageia Esm H88
Enhanced Mageia Snort updates resolve vulnerabilities that enable remote attacks and possible information leakage.
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured File Policy for HT...

Summary

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured File Policy for HTTP. The vulnerability is due to incorrect detection of modified HTTP packets used in chunked responses. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass a configured File Policy for HTTP packets and deliver a malicious payload. (CVE-2020-3299)
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors in how the Snort detection engine handles specific HTTP responses. An attacker could exploit this vulnerability by sending crafted HTTP packets that would flow through an affected system. A successful exploit could allow the ...

Read the Full Advisory

References

- https://bugs.mageia.org/show_bug.cgi?id=27741

- https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html

- https://www.cve.org/CVERecord?id=CVE-2020-3299

- https://www.cve.org/CVERecord?id=CVE-2020-3315

- https://www.cve.org/CVERecord?id=CVE-2021-1223

- https://www.cve.org/CVERecord?id=CVE-2021-1224

- https://www.cve.org/CVERecord?id=CVE-2021-1236

- https://www.cve.org/CVERecord?id=CVE-2021-1494

- https://www.cve.org/CVERecord?id=CVE-2021-1495

- https://www.cve.org/CVERecord?id=CVE-2021-34749

- https://www.cve.org/CVERecord?id=CVE-2021-40114

Topics%20covered

Topics Covered

security advisory network security remote exploit critical Mageia HTTP policy bypass Snort engine

Resolution

SRPMS

- 8/core/snort-2.9.20-1.mga8

Severity
critical
Lowest
Low
Medium
High
Critical

Publication date: 31 Mar 2023
URL: https://advisories.mageia.org/MGASA-2023-0117.html
Type: security
CVE: CVE-2020-3299, CVE-2020-3315, CVE-2021-1223, CVE-2021-1224, CVE-2021-1236, CVE-2021-1494, CVE-2021-1495, CVE-2021-34749, CVE-2021-40114

Topics%20covered

Topics Covered

security advisory network security remote exploit critical Mageia HTTP policy bypass Snort engine

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here