Sourcefire VRT released a rules update on 17 JAN that included what they refer to as "a potential security issue with rule 3:20275 reported by Tavis Ormandy." Tavis' Tweet states that "today's snort rules fix a remote stack buffer overflow I found in rule 20275. Fixed by @sourcefire in just 48hrs. http://bit.ly/STm7Ij" Fast turnaround by the Sourcefire gang. Here's the diff for the fix:
Compare: (<)D:\so_rules\src\netbios_kb961501-smb-printss-reponse.c (10885 bytes) with: (>)D:\so_rules\src\netbios_kb961501-smb-printss-reponse.c (10923 bytes) |
Russ McRee 204 Posts ISC Handler Jan 18th 2013 |
Thread locked Subscribe |
Jan 18th 2013 9 years ago |
Sign Up for Free or Log In to start participating in the conversation!