Nom du paquet
snort
Date
2007-02-28
Advisory ID
MDKSA-2007:051
Affected versions
MNF2.0 i586 , 2006.0 i586 , 2007.0 x86_64 , 2007.0 i586 , CS4.0 i586 , CS4.0 x86_64 , 2006.0 x86_64

Problem description

Algorithmic complexity vulnerability in Snort before 2.6.1, during
predicate evaluation in rule matching for certain rules, allows remote
attackers to cause a denial of service (CPU consumption and detection
outage) via crafted network traffic, aka a backtracking attack.

Updated packages have been patched to address this issue.

Updated packages

MNF2.0 i586

 587839951c01cdf69b2a60ada22db0a0  mnf/2.0/i586/snort-2.1.0-3.1.M20mdk.i586.rpm
 aee651ef150ac9c9c82626c86e146e81  mnf/2.0/i586/snort-bloat-2.1.0-3.1.M20mdk.i586.rpm
 3a54884ee7391077b16e6693683433a7  mnf/2.0/i586/snort-mysql+flexresp-2.1.0-3.1.M20mdk.i586.rpm
 a6eb3b2df3e971e3d541932c151e2adc  mnf/2.0/i586/snort-mysql-2.1.0-3.1.M20mdk.i586.rpm
 d18a9444b54d7c6edc303ef63e18a9f0  mnf/2.0/i586/snort-plain+flexresp-2.1.0-3.1.M20mdk.i586.rpm
 5dba5abf07bd3e08bb53996d1de3b13e  mnf/2.0/i586/snort-postgresql+flexresp-2.1.0-3.1.M20mdk.i586.rpm
 39f461b7a95df268c4a30f47db064acb  mnf/2.0/i586/snort-postgresql-2.1.0-3.1.M20mdk.i586.rpm
 cb0bcfa2730d36e9d3d2e4af4be3ebd4  mnf/2.0/i586/snort-snmp+flexresp-2.1.0-3.1.M20mdk.i586.rpm
 c07a848d0d6f92fc978708ab8fc5a725  mnf/2.0/i586/snort-snmp-2.1.0-3.1.M20mdk.i586.rpm 
 05d54ef33e34c2a30e164fa963eec903  mnf/2.0/SRPMS/snort-2.1.0-3.1.M20mdk.src.rpm

2006.0 i586

 14acfc4ab91f55172378ee21783086d0  2006.0/i586/snort-2.3.3-2.3.20060mdk.i586.rpm
 47737c1cffe59207c0e0117a96ebbd5e  2006.0/i586/snort-bloat-2.3.3-2.3.20060mdk.i586.rpm
 94cef69c4f82524583b93b00ca1885e4  2006.0/i586/snort-inline+flexresp-2.3.3-2.3.20060mdk.i586.rpm
 5c5cb3205151f9378ff26775899cf92a  2006.0/i586/snort-inline-2.3.3-2.3.20060mdk.i586.rpm
 a81892910c6a3b0217c54295cd96f250  2006.0/i586/snort-mysql+flexresp-2.3.3-2.3.20060mdk.i586.rpm
 9fa2f3f800217ca6ee8f4a68087d653e  2006.0/i586/snort-mysql-2.3.3-2.3.20060mdk.i586.rpm
 28ccfe41c7319de41fe264d9dcab936f  2006.0/i586/snort-plain+flexresp-2.3.3-2.3.20060mdk.i586.rpm
 944a116617108b81acdcc69857ef2a72  2006.0/i586/snort-postgresql+flexresp-2.3.3-2.3.20060mdk.i586.rpm
 bc5c0ae549924afc4b764849f9ef2188  2006.0/i586/snort-postgresql-2.3.3-2.3.20060mdk.i586.rpm
 f1af2f22a2cb9842b07126e2a97c3b39  2006.0/i586/snort-snmp+flexresp-2.3.3-2.3.20060mdk.i586.rpm
 78050d7070f70f456d6813767f172a46  2006.0/i586/snort-snmp-2.3.3-2.3.20060mdk.i586.rpm 
 469ee540ffd3ddaff34d6d9e44a526bd  2006.0/SRPMS/snort-2.3.3-2.3.20060mdk.src.rpm

2007.0 x86_64

 b608bd9b32cba92b9fc4b0df3cea10d0  2007.0/x86_64/snort-2.6.0-3.1mdv2007.0.x86_64.rpm
 477a76ade1a59db6a4e899bd1abd3219  2007.0/x86_64/snort-bloat-2.6.0-3.1mdv2007.0.x86_64.rpm
 1040562c56a5f1f651d4fcb520b71401  2007.0/x86_64/snort-inline+flexresp-2.6.0-3.1mdv2007.0.x86_64.rpm
 3c935cf98ea807fb955b4467786dc6d5  2007.0/x86_64/snort-inline-2.6.0-3.1mdv2007.0.x86_64.rpm
 a72f85b6949a00e4d0c125a57274048d  2007.0/x86_64/snort-mysql+flexresp-2.6.0-3.1mdv2007.0.x86_64.rpm
 f815afc9ce1aeb351782e615fbdf7c22  2007.0/x86_64/snort-mysql-2.6.0-3.1mdv2007.0.x86_64.rpm
 26046610206df4cff8508549be74a144  2007.0/x86_64/snort-plain+flexresp-2.6.0-3.1mdv2007.0.x86_64.rpm
 028d7074b920d331685d2599ae0d5fa7  2007.0/x86_64/snort-postgresql+flexresp-2.6.0-3.1mdv2007.0.x86_64.rpm
 7aab39105369c185c70064836b1b81fd  2007.0/x86_64/snort-postgresql-2.6.0-3.1mdv2007.0.x86_64.rpm
 98b2c4ee272001a08fbcb7b9ec6b06ac  2007.0/x86_64/snort-prelude+flexresp-2.6.0-3.1mdv2007.0.x86_64.rpm
 93fb2d5603d8b905f713057fb2f602e6  2007.0/x86_64/snort-prelude-2.6.0-3.1mdv2007.0.x86_64.rpm 
 41c885cd6a29670f73505f357e7df534  2007.0/SRPMS/snort-2.6.0-3.1mdv2007.0.src.rpm

2007.0 i586

 d29012178cfaf0b37e6b7a76e0b66660  2007.0/i586/snort-2.6.0-3.1mdv2007.0.i586.rpm
 897c2c44ec92bf21f6b9726b4f938ab0  2007.0/i586/snort-bloat-2.6.0-3.1mdv2007.0.i586.rpm
 822a146097d3d78032a926005417d2eb  2007.0/i586/snort-inline+flexresp-2.6.0-3.1mdv2007.0.i586.rpm
 ec191df50521f8d93d3d033d8c3aa2d9  2007.0/i586/snort-inline-2.6.0-3.1mdv2007.0.i586.rpm
 cc7f1773fb2fb17c79ba4c0867435918  2007.0/i586/snort-mysql+flexresp-2.6.0-3.1mdv2007.0.i586.rpm
 aaa7876ca72b1effe2d0c851a28d1cc2  2007.0/i586/snort-mysql-2.6.0-3.1mdv2007.0.i586.rpm
 47f56100d7aa5d5ddcb414212711e942  2007.0/i586/snort-plain+flexresp-2.6.0-3.1mdv2007.0.i586.rpm
 3031d24bfbeb9fa5539fea8e42047c21  2007.0/i586/snort-postgresql+flexresp-2.6.0-3.1mdv2007.0.i586.rpm
 ec7cf5d51dec733e40e37accc46da547  2007.0/i586/snort-postgresql-2.6.0-3.1mdv2007.0.i586.rpm
 9d19e856ecfc5f51a40bb11214fda23d  2007.0/i586/snort-prelude+flexresp-2.6.0-3.1mdv2007.0.i586.rpm
 c63840f49d3b6a890c17bd7a6e5b45ec  2007.0/i586/snort-prelude-2.6.0-3.1mdv2007.0.i586.rpm 
 41c885cd6a29670f73505f357e7df534  2007.0/SRPMS/snort-2.6.0-3.1mdv2007.0.src.rpm

CS4.0 i586

 acca1849a4344ba21bdd025b4b5df546  corporate/4.0/i586/snort-2.4.5-1.2.20060mlcs4.i586.rpm
 3f0f252ce90cb549389566b1b9fa30e5  corporate/4.0/i586/snort-bloat-2.4.5-1.2.20060mlcs4.i586.rpm
 d1332509d105dc88b52973b0bad0b39e  corporate/4.0/i586/snort-inline+flexresp-2.4.5-1.2.20060mlcs4.i586.rpm
 0ebd8d99f49c643336b27317a007f508  corporate/4.0/i586/snort-inline-2.4.5-1.2.20060mlcs4.i586.rpm
 c3780982acdf477a815653f3cd196592  corporate/4.0/i586/snort-mysql+flexresp-2.4.5-1.2.20060mlcs4.i586.rpm
 165ededf0f837a9ab8d199060ec2f419  corporate/4.0/i586/snort-mysql-2.4.5-1.2.20060mlcs4.i586.rpm
 a8c043893fddd62c031db00562913449  corporate/4.0/i586/snort-plain+flexresp-2.4.5-1.2.20060mlcs4.i586.rpm
 2576dae48c7cdcda07663d9b0076ed3a  corporate/4.0/i586/snort-postgresql+flexresp-2.4.5-1.2.20060mlcs4.i586.rpm
 f2aa1b11e34668f7ed266355e81edf61  corporate/4.0/i586/snort-postgresql-2.4.5-1.2.20060mlcs4.i586.rpm
 092bf95d2d46e7dda7129df5b35f3226  corporate/4.0/i586/snort-prelude+flexresp-2.4.5-1.2.20060mlcs4.i586.rpm
 60deea47ecbe39fa132a33895c68585b  corporate/4.0/i586/snort-prelude-2.4.5-1.2.20060mlcs4.i586.rpm
 12375f9cbbdf27bfc481dbcc05d9fde0  corporate/4.0/i586/snort-snmp+flexresp-2.4.5-1.2.20060mlcs4.i586.rpm
 e74f10ad5826db12ca0769cf9e0c44cb  corporate/4.0/i586/snort-snmp-2.4.5-1.2.20060mlcs4.i586.rpm 
 56600d329f0d35d1f168344bd35f70b5  corporate/4.0/SRPMS/snort-2.4.5-1.2.20060mlcs4.src.rpm

CS4.0 x86_64

 1cd573fdc6615ca639e38ba934922076  corporate/4.0/x86_64/snort-2.4.5-1.2.20060mlcs4.x86_64.rpm
 a5f21846da335073bc9220fc58fb1d6c  corporate/4.0/x86_64/snort-bloat-2.4.5-1.2.20060mlcs4.x86_64.rpm
 5d806ad68f4e3fd1d0e5982312a38ab3  corporate/4.0/x86_64/snort-inline+flexresp-2.4.5-1.2.20060mlcs4.x86_64.rpm
 df3a160e22d584e94a174d8770c23147  corporate/4.0/x86_64/snort-inline-2.4.5-1.2.20060mlcs4.x86_64.rpm
 d40e9420d7c66cb1fd8e249e6e0eb540  corporate/4.0/x86_64/snort-mysql+flexresp-2.4.5-1.2.20060mlcs4.x86_64.rpm
 bf85d4875568b7f0730b0a066925b722  corporate/4.0/x86_64/snort-mysql-2.4.5-1.2.20060mlcs4.x86_64.rpm
 6b067b67405af248a7bfd5e2d551f18b  corporate/4.0/x86_64/snort-plain+flexresp-2.4.5-1.2.20060mlcs4.x86_64.rpm
 2de696b63b04481d443e9a85e6d6f655  corporate/4.0/x86_64/snort-postgresql+flexresp-2.4.5-1.2.20060mlcs4.x86_64.rpm
 c10f29fa0e3077f3d89cb3d707c02a5a  corporate/4.0/x86_64/snort-postgresql-2.4.5-1.2.20060mlcs4.x86_64.rpm
 a4e6929e593ed1445b060b1f6e244ab2  corporate/4.0/x86_64/snort-prelude+flexresp-2.4.5-1.2.20060mlcs4.x86_64.rpm
 9b90c281dae9b4f14358d7c35b05c98c  corporate/4.0/x86_64/snort-prelude-2.4.5-1.2.20060mlcs4.x86_64.rpm
 75ffa4a4e0671bad4f4a6548fea5cd51  corporate/4.0/x86_64/snort-snmp+flexresp-2.4.5-1.2.20060mlcs4.x86_64.rpm
 22a7a07d459a48f4cf430bfaf96ccbd9  corporate/4.0/x86_64/snort-snmp-2.4.5-1.2.20060mlcs4.x86_64.rpm 
 56600d329f0d35d1f168344bd35f70b5  corporate/4.0/SRPMS/snort-2.4.5-1.2.20060mlcs4.src.rpm

2006.0 x86_64

 68080ccee02d86e20f249f17f7d32df1  2006.0/x86_64/snort-2.3.3-2.3.20060mdk.x86_64.rpm
 6c78769ad7344e3c5df82f705bb2c44a  2006.0/x86_64/snort-bloat-2.3.3-2.3.20060mdk.x86_64.rpm
 77d9a51dbaefc07556dfd04bcc785dcf  2006.0/x86_64/snort-inline+flexresp-2.3.3-2.3.20060mdk.x86_64.rpm
 0b072085f8558dc53f22a64933ee715f  2006.0/x86_64/snort-inline-2.3.3-2.3.20060mdk.x86_64.rpm
 6285f03ba66610c0da8eeb096c5e0e6f  2006.0/x86_64/snort-mysql+flexresp-2.3.3-2.3.20060mdk.x86_64.rpm
 07657701d906c8873c089d2714e60333  2006.0/x86_64/snort-mysql-2.3.3-2.3.20060mdk.x86_64.rpm
 950579ea3634f96a34f2df17fab8714b  2006.0/x86_64/snort-plain+flexresp-2.3.3-2.3.20060mdk.x86_64.rpm
 f20d48e02803dadea7a4c6a85917d501  2006.0/x86_64/snort-postgresql+flexresp-2.3.3-2.3.20060mdk.x86_64.rpm
 5db998f1482ec1318938f91cbb1af30f  2006.0/x86_64/snort-postgresql-2.3.3-2.3.20060mdk.x86_64.rpm
 056096e5c2e6766814f2bac64f95f596  2006.0/x86_64/snort-snmp+flexresp-2.3.3-2.3.20060mdk.x86_64.rpm
 50fcc13df4589baab5c3a92e5f8c831a  2006.0/x86_64/snort-snmp-2.3.3-2.3.20060mdk.x86_64.rpm 
 469ee540ffd3ddaff34d6d9e44a526bd  2006.0/SRPMS/snort-2.3.3-2.3.20060mdk.src.rpm

References