FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  318524
Date:      2013-05-19
Time:      14:06:36Z
Committer: rakuco

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
afdf500f-c1f6-11db-95c5-000c6ec775d9	snort -- DCE/RPC preprocessor vulnerability A IBM Internet Security Systems Protection Advisory reports: Snort is vulnerable to a stack-based buffer overflow as a result of DCE/RPC reassembly. This vulnerability is in a dynamic-preprocessor enabled in the default configuration, and the configuration for this preprocessor allows for auto-recognition of SMB traffic to perform reassembly on. No checks are performed to see if the traffic is part of a valid TCP session, and multiple Write AndX requests can be chained in the same TCP segment. As a result, an attacker can exploit this overflow with a single TCP PDU sent across a network monitored by Snort or Sourcefire. Snort users who cannot upgrade immediately are advised to disable the DCE/RPC preprocessor by removing the DCE/RPC preprocessor directives from snort.conf and restarting Snort. However, be advised that disabling the DCE/RPC preprocessor reduces detection capabilities for attacks in DCE/RPC traffic. After upgrading, customers should re-enable the DCE/RPC preprocessor. Discovery 2007-02-19 Entry 2007-02-21 snort ge 2.6.1 lt 2.6.1.3 196240 CVE-2006-5276 http://xforce.iss.net/xforce/xfdb/31275 http://www.snort.org/docs/advisory-2007-02-19.html
afdf500f-c1f6-11db-95c5-000c6ec775d9	snort -- DCE/RPC preprocessor vulnerability A IBM Internet Security Systems Protection Advisory reports: Snort is vulnerable to a stack-based buffer overflow as a result of DCE/RPC reassembly. This vulnerability is in a dynamic-preprocessor enabled in the default configuration, and the configuration for this preprocessor allows for auto-recognition of SMB traffic to perform reassembly on. No checks are performed to see if the traffic is part of a valid TCP session, and multiple Write AndX requests can be chained in the same TCP segment. As a result, an attacker can exploit this overflow with a single TCP PDU sent across a network monitored by Snort or Sourcefire. Snort users who cannot upgrade immediately are advised to disable the DCE/RPC preprocessor by removing the DCE/RPC preprocessor directives from snort.conf and restarting Snort. However, be advised that disabling the DCE/RPC preprocessor reduces detection capabilities for attacks in DCE/RPC traffic. After upgrading, customers should re-enable the DCE/RPC preprocessor. Discovery 2007-02-19 Entry 2007-02-21 snort ge 2.6.1 lt 2.6.1.3 196240 CVE-2006-5276 http://xforce.iss.net/xforce/xfdb/31275 http://www.snort.org/docs/advisory-2007-02-19.html

VuXML ID

Description

afdf500f-c1f6-11db-95c5-000c6ec775d9

snort -- DCE/RPC preprocessor vulnerability

A IBM Internet Security Systems Protection Advisory reports:

Snort is vulnerable to a stack-based buffer overflow as a result of DCE/RPC reassembly. This vulnerability is in a dynamic-preprocessor enabled in the default configuration, and the configuration for this preprocessor allows for auto-recognition of SMB traffic to perform reassembly on. No checks are performed to see if the traffic is part of a valid TCP session, and multiple Write AndX requests can be chained in the same TCP segment. As a result, an attacker can exploit this overflow with a single TCP PDU sent across a network monitored by Snort or Sourcefire.

Snort users who cannot upgrade immediately are advised to disable the DCE/RPC preprocessor by removing the DCE/RPC preprocessor directives from snort.conf and restarting Snort. However, be advised that disabling the DCE/RPC preprocessor reduces detection capabilities for attacks in DCE/RPC traffic. After upgrading, customers should re-enable the DCE/RPC preprocessor.

Discovery 2007-02-19
Entry 2007-02-21
snort

ge 2.6.1 lt 2.6.1.3