FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  375358
Date:      2014-12-23
Time:      21:24:55Z
Committer: rea

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
afdf500f-c1f6-11db-95c5-000c6ec775d9snort -- DCE/RPC preprocessor vulnerability

A IBM Internet Security Systems Protection Advisory reports:

Snort is vulnerable to a stack-based buffer overflow as a result of DCE/RPC reassembly. This vulnerability is in a dynamic-preprocessor enabled in the default configuration, and the configuration for this preprocessor allows for auto-recognition of SMB traffic to perform reassembly on. No checks are performed to see if the traffic is part of a valid TCP session, and multiple Write AndX requests can be chained in the same TCP segment. As a result, an attacker can exploit this overflow with a single TCP PDU sent across a network monitored by Snort or Sourcefire.

Snort users who cannot upgrade immediately are advised to disable the DCE/RPC preprocessor by removing the DCE/RPC preprocessor directives from snort.conf and restarting Snort. However, be advised that disabling the DCE/RPC preprocessor reduces detection capabilities for attacks in DCE/RPC traffic. After upgrading, customers should re-enable the DCE/RPC preprocessor.


Discovery 2007-02-19
Entry 2007-02-21
snort
ge 2.6.1 lt 2.6.1.3

196240
CVE-2006-5276
http://xforce.iss.net/xforce/xfdb/31275
http://www.snort.org/docs/advisory-2007-02-19.html
afdf500f-c1f6-11db-95c5-000c6ec775d9snort -- DCE/RPC preprocessor vulnerability

A IBM Internet Security Systems Protection Advisory reports:

Snort is vulnerable to a stack-based buffer overflow as a result of DCE/RPC reassembly. This vulnerability is in a dynamic-preprocessor enabled in the default configuration, and the configuration for this preprocessor allows for auto-recognition of SMB traffic to perform reassembly on. No checks are performed to see if the traffic is part of a valid TCP session, and multiple Write AndX requests can be chained in the same TCP segment. As a result, an attacker can exploit this overflow with a single TCP PDU sent across a network monitored by Snort or Sourcefire.

Snort users who cannot upgrade immediately are advised to disable the DCE/RPC preprocessor by removing the DCE/RPC preprocessor directives from snort.conf and restarting Snort. However, be advised that disabling the DCE/RPC preprocessor reduces detection capabilities for attacks in DCE/RPC traffic. After upgrading, customers should re-enable the DCE/RPC preprocessor.


Discovery 2007-02-19
Entry 2007-02-21
snort
ge 2.6.1 lt 2.6.1.3

196240
CVE-2006-5276
http://xforce.iss.net/xforce/xfdb/31275
http://www.snort.org/docs/advisory-2007-02-19.html