Bug 42287 (CVE-2003-0033) - VUL-0: CVE-2003-0033: snort vulnerability not fixed in patch-7330 (CAN-2003-0033)
Summary: VUL-0: CVE-2003-0033: snort vulnerability not fixed in patch-7330 (CAN-2003-0...
Status: RESOLVED FIXED
Alias: CVE-2003-0033
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: All Linux
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL:
Whiteboard: CVE-2003-0033: CVSS v2 Base Score: 10...
Keywords:
Depends on:
Blocks:
 
Reported: 2003-06-07 01:04 UTC by Ademar de Souza Reis Jr.
Modified: 2021-09-26 10:38 UTC (History)
1 user (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Ademar de Souza Reis Jr. 2003-06-07 01:04:19 UTC 
There's no reference to CAN-2003-0033 in the latest released snort fix
(snort-1.8.7b128-224).

I haven't checked the code in detail becase I don't know exactly what to look
for :) - we didn't release a patched snort for this vulnerability, we just
bumped snort to 1.9.1.

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0033
http://www.kb.cert.org/vuls/id/916785
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000613&idioma=en

"""
Any version starting with version 1.8 to those before 2003-03-03 1PM/
US/Eastern including 1.9.0 and CVS HEAD (Snort 2.0beta)

A buffer overflow has been found in the snort RPC normalization
routines by ISS X-Force.  This can cause snort to execute arbitrary
code embedded within sniffed network packets. This preprocessor is
enabled by default.
"""
Comment 1 Lars Müller 2003-06-10 17:28:59 UTC 
Add Klaus to inform him.
Comment 2 Klaus Singvogel 2003-06-10 20:43:27 UTC 
Fixes are already made for old SuSE distributions. 
Don't know, if released.  --> security-team assigned.
Comment 3 Ademar de Souza Reis Jr. 2003-06-13 21:55:34 UTC 
Could anyone please inform the status of this ticket?

I have the UL snort announcement pending because of this vuln
(I don't want to release the snort announcement without fixing this).

Thanks.
Comment 4 Klaus Singvogel 2003-06-17 21:02:54 UTC 
After short discussion with krahmer@suse.de we found another problem. 
Patches are made and importated to src trees of SL: 7.2, 7.3, 8.0, 8.1
Comment 5 Ademar de Souza Reis Jr. 2003-06-17 21:07:34 UTC 
Could you please describe what this "another problem" is? Was it discovered by
you or is it documented somewhere?
Comment 6 Klaus Singvogel 2003-06-17 21:57:15 UTC 
I first thought that this is the stream4 processor problem (-> bugzilla#26790), but detected that 
there exists a security, which affects the rpc code either. This has been fixed now. 
 
Documentation will, as always :-),  be found in the snort.spm (in the spec file). :-)
Comment 7 Ademar de Souza Reis Jr. 2003-06-17 22:24:40 UTC 
"I first thought that this is the stream4 processor problem (-> bugzilla#26790),
but detected that there exists a security, which affects the rpc code either.
This has been fixed now."

That is exactly what I have reported (see my original post).

I was concerned about you saying "another problem", but now I understand there's
no "another problem" :-). And no, I can't download the snort.src.rpm until it's
available in the UL repository :-). And yes, I would have to know if there's
another vulnerability in snort before it's available for download :-).
Comment 8 Klaus Singvogel 2003-06-17 22:32:37 UTC 
I'm sorry about my misunderstanding.
Comment 9 Thomas Biege 2003-07-07 14:39:14 UTC 
new packages are out now
Comment 10 Thomas Biege 2009-10-13 19:35:01 UTC 
CVE-2003-0033: CVSS v2 Base Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)