Summary: | net-analyzer/snort Full-Width and Half-Width Unicode Encoding IDS/IPS/WAF Bypass Vulnerability | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Carsten Lohrke (RETIRED) <carlo> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED INVALID | ||
Severity: | minor | CC: | netmon, sgtphou |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.gamasec.net/english/gs07-01.html | ||
Whiteboard: | B4 [] jaervosz | ||
Package list: | Runtime testing required: | --- |
Description
Carsten Lohrke (RETIRED)
2007-05-18 14:25:59 UTC
netmon please advise. http://www.kb.cert.org/vuls/id/739224 listed as vulnerable. http://www.kb.cert.org/vuls/id/MIMG-72BRK3 - no reponce from vendor. no mention of the vul in the email lists, website or release notes for 2.6.1.5. no reponce on irc #snort (yet) going to assume its not fixed in 2.6.1.5 until some upstream confirmation occurs no news yet :( This page has now been updated: http://www.kb.cert.org/vuls/id/MIMG-72BRK3 As of 19/06/2007 stating that snort is Not Vulnerable to this. Seems like it doesn't affect snort after all. |