Reported January 28, 2002, by Internet Security Systems.
VERSIONS AFFECTED
-
Snort Intrusion Detection System for all platforms with 1.8.3 and earlier
DESCRIPTION
A
remote Denial of Service (DoS) condition exists in the open-source Intrusion
Detection System (IDS) Snort. An attacker can use specially crafted Internet
Control Message Protocol (ICMP) echo and echo-reply packets with less than 5
bytes of ICMP data to remotely crash the system.
VENDOR RESPONSE
Snort recommends that affected users apply the available patch and recompile the binaries or download the latest version (build 90 or better) from their CVS tree.
CREDIT
Discovered by Sinbad.
1 comment
Hide comments