Mandriva Linux Security Advisory 2009:259-1: snort

preprocessors/spp_frag3.c in Sourcefire Snort before 2.8.1 does not
properly identify packet fragments that have dissimilar TTL values,
which allows remote attackers to bypass detection rules by using a
different TTL for each fragment. (CVE-2008-1804)

The updated packages have been patched to prevent this.

Additionally there were problems with two rules in the snort-rules
package for 2008.0 that is also fixed with this update.


Packages for 2008.0 are being provided due to extended support for
Corporate products.


Subscribe to Comments Feed

Who we are ?

The Linux Foundation is a non-profit consortium dedicated to the growth of Linux.

More About the foundation...

Frequent Questions

Join / Linux Training / Board