Nom du paquet
snort
Date
2003-04-28
Advisory ID
MDKSA-2003:052
Affected versions
9.1 i586 , CS2.1 i586 , 9.0 i586 , 8.2 i586 , MNF8.2 i586 , 9.1 i586 , 8.2 i586

Problem description

An integer overflow was discovered in the Snort stream4 preprocessor by the Sourcefire Vulnerability Research Team. This preprocessor (spp_stream4) incorrectly calculates segment size parameters during stream reassembly for certainm sequence number ranges. This can lead to an integer overflow that can in turn lead to a heap overflow that can be exploited to perform a denial of service (DoS) or even remote command excution on the host running Snort. Disabling the stream4 preprocessor will make Snort invulnerable to this attack, and the flaw has been fixed upstream in Snort version 2.0. Snort versions 1.8 through 1.9.1 are vulnerable.

Updated packages

9.1 i586

 3436f5a3ec275a9e8d38b32a3e885b20  9.1/RPMS/snort-2.0.0-2.1mdk.i586.rpm
c63d4e80b2b69dc8469a401d62e65de2  9.1/RPMS/snort-bloat-2.0.0-2.1mdk.i586.rpm
0e12b7b79706198f6351c1d55d6c29a6  9.1/RPMS/snort-mysql+flexresp-2.0.0-2.1mdk.i586.rpm
501bbbcfb86e0dbc5a1450f97d5df972  9.1/RPMS/snort-mysql-2.0.0-2.1mdk.i586.rpm
b4151478633c30590a605e8fe110852e  9.1/RPMS/snort-plain+flexresp-2.0.0-2.1mdk.i586.rpm
7f58e498e92d7b32bfa6c4b7a85c36c1  9.1/RPMS/snort-postgresql+flexresp-2.0.0-2.1mdk.i586.rpm
b576a20571664d450504b3a51aae0417  9.1/RPMS/snort-postgresql-2.0.0-2.1mdk.i586.rpm
76cb1fc010b384ef5ba0c236d85ce6e5  9.1/RPMS/snort-snmp+flexresp-2.0.0-2.1mdk.i586.rpm
fca545c28a94eaabc6f10d7528d0e82c  9.1/RPMS/snort-snmp-2.0.0-2.1mdk.i586.rpm
2efb9950c70248f94b561f76bef88181  9.1/SRPMS/snort-2.0.0-2.1mdk.src.rpm

CS2.1 i586

 97c817bc7ddb5e1a89f4479668cf59f0  corporate/2.1/RPMS/snort-2.0.0-2.1mdk.i586.rpm
ca9dec4bc5ba46f80a0724f6e0f5a138  corporate/2.1/RPMS/snort-bloat-2.0.0-2.1mdk.i586.rpm
0262bcb71eea556cbee8c421e4ad1511  corporate/2.1/RPMS/snort-mysql+flexresp-2.0.0-2.1mdk.i586.rpm
8dd41f46553707dc3adc6a82855df2ba  corporate/2.1/RPMS/snort-mysql-2.0.0-2.1mdk.i586.rpm
46ad883dad9f77ce6d978171eb03de67  corporate/2.1/RPMS/snort-plain+flexresp-2.0.0-2.1mdk.i586.rpm
3dd354f0c849c9765451b51fa93a0b4e  corporate/2.1/RPMS/snort-postgresql+flexresp-2.0.0-2.1mdk.i586.rpm
8735c537e40937a7b3ae3f3c38d55162  corporate/2.1/RPMS/snort-postgresql-2.0.0-2.1mdk.i586.rpm
73a866acec5d6e1abdde902d0d893968  corporate/2.1/RPMS/snort-snmp+flexresp-2.0.0-2.1mdk.i586.rpm
cc0a606a5409213934b0c06fe2d44433  corporate/2.1/RPMS/snort-snmp-2.0.0-2.1mdk.i586.rpm
2efb9950c70248f94b561f76bef88181  corporate/2.1/SRPMS/snort-2.0.0-2.1mdk.src.rpm

9.0 i586

 97c817bc7ddb5e1a89f4479668cf59f0  9.0/RPMS/snort-2.0.0-2.1mdk.i586.rpm
ca9dec4bc5ba46f80a0724f6e0f5a138  9.0/RPMS/snort-bloat-2.0.0-2.1mdk.i586.rpm
0262bcb71eea556cbee8c421e4ad1511  9.0/RPMS/snort-mysql+flexresp-2.0.0-2.1mdk.i586.rpm
8dd41f46553707dc3adc6a82855df2ba  9.0/RPMS/snort-mysql-2.0.0-2.1mdk.i586.rpm
46ad883dad9f77ce6d978171eb03de67  9.0/RPMS/snort-plain+flexresp-2.0.0-2.1mdk.i586.rpm
3dd354f0c849c9765451b51fa93a0b4e  9.0/RPMS/snort-postgresql+flexresp-2.0.0-2.1mdk.i586.rpm
8735c537e40937a7b3ae3f3c38d55162  9.0/RPMS/snort-postgresql-2.0.0-2.1mdk.i586.rpm
73a866acec5d6e1abdde902d0d893968  9.0/RPMS/snort-snmp+flexresp-2.0.0-2.1mdk.i586.rpm
cc0a606a5409213934b0c06fe2d44433  9.0/RPMS/snort-snmp-2.0.0-2.1mdk.i586.rpm
2efb9950c70248f94b561f76bef88181  9.0/SRPMS/snort-2.0.0-2.1mdk.src.rpm

8.2 i586

 a4514c067f2409606fe7706a35d8f3f7  8.2/RPMS/snort-2.0.0-2.1mdk.i586.rpm
5c2f61da6ce991e630a23dffbeee2814  8.2/RPMS/snort-bloat-2.0.0-2.1mdk.i586.rpm
242237fafcc77f29b9b6cdc71db27cdc  8.2/RPMS/snort-mysql+flexresp-2.0.0-2.1mdk.i586.rpm
75a9dc76a726e93e1876c35d7eafa543  8.2/RPMS/snort-mysql-2.0.0-2.1mdk.i586.rpm
9230a8bf2966eda057b4903edb2e6e8c  8.2/RPMS/snort-plain+flexresp-2.0.0-2.1mdk.i586.rpm
08efb60f8fa7f117903f3267e92c1937  8.2/RPMS/snort-postgresql+flexresp-2.0.0-2.1mdk.i586.rpm
a993826c9b4a74cfde1a36f3b209c3a9  8.2/RPMS/snort-postgresql-2.0.0-2.1mdk.i586.rpm
9700de212e797fb49d59859bd0faeef8  8.2/RPMS/snort-snmp+flexresp-2.0.0-2.1mdk.i586.rpm
781cafab6d9ca1e7de0d53a9f0a6ad20  8.2/RPMS/snort-snmp-2.0.0-2.1mdk.i586.rpm
2efb9950c70248f94b561f76bef88181  8.2/SRPMS/snort-2.0.0-2.1mdk.src.rpm

MNF8.2 i586

 a4514c067f2409606fe7706a35d8f3f7  mnf8.2/RPMS/snort-2.0.0-2.1mdk.i586.rpm
2efb9950c70248f94b561f76bef88181  mnf8.2/SRPMS/snort-2.0.0-2.1mdk.src.rpm

9.1 i586

 6fedffede24c0334a8eeb858a826482f  ppc/9.1/RPMS/snort-2.0.0-2.1mdk.ppc.rpm
753051524999ae9f082e124bfc949ec2  ppc/9.1/RPMS/snort-bloat-2.0.0-2.1mdk.ppc.rpm
905246e8240c13006760bbd56c0fbe9b  ppc/9.1/RPMS/snort-mysql+flexresp-2.0.0-2.1mdk.ppc.rpm
b8adb28a28341780014339e9cd1f4b8a  ppc/9.1/RPMS/snort-mysql-2.0.0-2.1mdk.ppc.rpm
d1537b80ce0d15e290d129edf9b6f02e  ppc/9.1/RPMS/snort-plain+flexresp-2.0.0-2.1mdk.ppc.rpm
16b0bbbc4729f8fdaf7d0554b45cd0e5  ppc/9.1/RPMS/snort-postgresql+flexresp-2.0.0-2.1mdk.ppc.rpm
972676cf613c1d1313a6bf68d7f9f0d6  ppc/9.1/RPMS/snort-postgresql-2.0.0-2.1mdk.ppc.rpm
7c79443a574b81db3345bac3c11c2f16  ppc/9.1/RPMS/snort-snmp+flexresp-2.0.0-2.1mdk.ppc.rpm
4df4eef406078666a682a01935975678  ppc/9.1/RPMS/snort-snmp-2.0.0-2.1mdk.ppc.rpm
2efb9950c70248f94b561f76bef88181  ppc/9.1/SRPMS/snort-2.0.0-2.1mdk.src.rpm

8.2 i586

 2961264210fb026e70c76bc20db4a109  ppc/8.2/RPMS/snort-2.0.0-2.1mdk.ppc.rpm
4efd69038a64483af014ed3da0bda40e  ppc/8.2/RPMS/snort-bloat-2.0.0-2.1mdk.ppc.rpm
1618da9f7f393f384f2fa3620d5756ab  ppc/8.2/RPMS/snort-mysql+flexresp-2.0.0-2.1mdk.ppc.rpm
26772c8ca76f47d33d75a2bae9c4b030  ppc/8.2/RPMS/snort-mysql-2.0.0-2.1mdk.ppc.rpm
1954dd955a26e4fafe053e1ed418fe7f  ppc/8.2/RPMS/snort-plain+flexresp-2.0.0-2.1mdk.ppc.rpm
84f600f2013d88faecc4a19613a16cf2  ppc/8.2/RPMS/snort-postgresql+flexresp-2.0.0-2.1mdk.ppc.rpm
a32214c7f3ab03681956054f61d4071f  ppc/8.2/RPMS/snort-postgresql-2.0.0-2.1mdk.ppc.rpm
76b030fb690c654ff008ee0d2bfdee95  ppc/8.2/RPMS/snort-snmp+flexresp-2.0.0-2.1mdk.ppc.rpm
d365692eb1fd386fb9f1fb4b87973f2a  ppc/8.2/RPMS/snort-snmp-2.0.0-2.1mdk.ppc.rpm
2efb9950c70248f94b561f76bef88181  ppc/8.2/SRPMS/snort-2.0.0-2.1mdk.src.rpm

References