Mandriva Update For Snort MDKSA-2007:051 (snort) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Algorithmic complexity vulnerability in Snort before 2.6.1, during predicate evaluation in rule matching for certain rules, allows remote attackers to cause a denial of service (CPU consumption and detection outage) via crafted network traffic, aka a backtracking attack. Updated packages have been patched to address this issue.

Affected

snort on Mandriva Linux 2006.0, Mandriva Linux 2006.0/X86_64, Mandriva Linux 2007.0, Mandriva Linux 2007.0/X86_64

Severity

Classification

CVE CVE-2006-6931

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:048 (epiphany)
Mandrake Security Advisory MDVSA-2009:068-1 (poppler)
Mandrake Security Advisory MDVSA-2009:038 (blender)
Mandrake Security Advisory MDVSA-2009:109 (quagga)
Mandrake Security Advisory MDVSA-2009:123 (opensc)

Mandriva Update for snort MDKSA-2007:051 (snort)

Take action and discover your vulnerabilities