[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Snort unified 1 IDS Logging Alert Evasion, Logfile Corruption/Alert Falsify
# Published : 2009-09-21
# Author : Pablo Rinc¨®n Crespo
# Previous Title : Sun Solaris 10 RPC dmispd DoS
# Next Title : BigAnt Server <= 2.50 SP6 Local (ZIP File) Buffer Overflow PoC #2
Advisory:
=========
Snort unified 1 IDS Logging Alert Evasion, Logfile Corruption/Alert Falsify
Log:
====
30/06/2009 Bug detected.
20/07/2009 First mail with snort team.
20/07/2009 Snort team answer they will fix it in the next release (2.8.5).
16/09/2009 Snort release, bug fixed.
Affected Versions:
==================
snort-2.8.1
snort-2.8.2
snort-2.8.3
snort-2.8.4
snort-2.8.5.beta*
link: http://pablo-secdev.blogspot.com/2009/09/snort-28-285stable-unified1-output-bug.html
poc: http://milw0rm.com/sploits/2009-snort-unified1_bug.tar.gz
poc2: http://www.exploit-db.com/archive/2009-snort-unified1_bug.tar.gz
# www.Syue.com [2009-09-21]