Bug 109730

Summary:	net-analyzer/snort 2.4.x Back Orifice Vulnerability
Product:	Gentoo Security	Reporter:	Sune Kloppenborg Jeppesen (RETIRED) <jaervosz>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	RESOLVED FIXED
Severity:	trivial	CC:	aqu3l, netmon, robert
Priority:	High
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	http://www.snort.org/pub-bin/snortnews.cgi#99
Whiteboard:	~1 [noglsa] jaervosz
Package list:		Runtime testing required:	---

Description Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2005-10-18 13:05:24 UTC

The Sourcefire Vulnerability Research Team (VRT) has learned of a 
vulnerability in Snort v2.4.0 and higher. Users are only vulnerable if the 
Back Orifice preprocessor is enabled. Snort v2.4.3 has been released to 
correct the issue.

Comment 1 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2005-10-18 13:06:53 UTC

netmon please advise and bump as needed.

Comment 2 Benjamin Smee (strerror) (RETIRED) gentoo-dev

2005-10-19 02:20:16 UTC

just tested a new ebuild for 2.4.3 with all USE flags enabled and seems to be
fine,so have revbumped in cvs.

Comment 3 Thierry Carrez (RETIRED) gentoo-dev

2005-10-20 04:22:36 UTC

Done.

Comment 4 Jakub Moc (RETIRED) gentoo-dev

2005-11-10 02:20:36 UTC

*** Bug 112055 has been marked as a duplicate of this bug. ***