Package: snort Severity: grave Tags: security Justification: user security hole
A security issue has been found in snort. Cite CVE-2006-2769: The HTTP Inspect preprocessor (http_inspect) in Snort 2.4.0 through 2.4.4 allows remote attackers to bypass "uricontent" rules via a carriage return (\r) after the URL and before the HTTP declaration. AFAICS this problem is also in 2.3. A patch (for 2.4) is available at http://www.demarc.com/files/patch_20060531/snort-2.4.4-demarc-patch.diff -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
