Operating System:

[Debian]

Published:

20 February 2023

Protect yourself against future threats.

//Service

Phishing Take-Down

Drawing on our strong international CERT relationships we have a high success rate in delivering phishing take-downs.

Read more
Resources > Security Bulletins > ESB-2023.1047 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2023.1047
                           snort security update
                             20 February 2023

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           snort
Publisher:         Debian
Operating System:  Debian GNU/Linux
Resolution:        Patch/Upgrade
CVE Names:         CVE-2021-40114 CVE-2021-34749 CVE-2021-1495
                   CVE-2021-1494 CVE-2021-1236 CVE-2021-1224
                   CVE-2021-1223 CVE-2020-3315 CVE-2020-3299

Original Bulletin: 
   http://www.debian.org/security/2023/dsa-5354

Comment: CVSS (Max):  8.6* CVE-2021-34749 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N)
         CVSS Source: NVD
         Calculator:  https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
         * Not all CVSS available when published

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- - -------------------------------------------------------------------------
Debian Security Advisory DSA-5354-1                   security@debian.org
https://www.debian.org/security/                          Markus Koschany
February 18, 2023                     https://www.debian.org/security/faq
- - -------------------------------------------------------------------------

Package        : snort
CVE ID         : CVE-2020-3299 CVE-2020-3315 CVE-2021-1223 CVE-2021-1224
                 CVE-2021-1236 CVE-2021-1494 CVE-2021-1495 CVE-2021-34749
                 CVE-2021-40114
Debian Bug     : 1021276

Multiple security vulnerabilities were discovered in snort, a flexible Network
Intrusion Detection System, which could allow an unauthenticated, remote
attacker to cause a denial of service (DoS) condition or bypass filtering
technology on an affected device and ex-filtrate data from a compromised host.

For the stable distribution (bullseye), these problems have been fixed in
version 2.9.20-0+deb11u1.

We recommend that you upgrade your snort packages.

For the detailed security status of snort please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/snort

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
- -----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmPw/Y5fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeQRrA/9EQ9kF1LT2fYUGFMyKeCQQFTB8tfIsyz2VUrGUtWlVDKsDVqfEMWa6Zwx
rAaFnAPOBi1KNX1laencuphuiDIxLmvA0ShpHKo/R3vY4WXmNwJMjPWNr82oTw8j
CEggyfj9i5V1EwZZi0B3L4WP1pCQcJRN6XVB3FJWZScyQFtRH0xO7l9acIV68lTs
9hGDDe2wn5ufHh0sXskZitgYoXfdHjjl3CzFxrmGGDq9KFr8rDIEUnZrm58DCRNL
RkDmvxrEEsXGmzQlhT/2ea88aIXgNM4xnDztr3iV1v8JOMb6BwehrH43NgdDb5V8
6xBcHuXOLNI75mca1TQxwUd8PSNo3YK60IbDC2ztcUIIvl1xk8bDFyABb3gKvGoR
izKFYej4hNeZb+0HWHsnO9vvP4t6LkKF/iIGNNVNmA9ZJA94ESCfItSozIITqRE2
sJQ43X9uQhX2p/dfeyNoOJDhie0RyZyg0rPxIDNonP1YJ8kTjMMHnRNqGn9MkVYK
bNr1/sdLhH0TXvs5XoL9b9YjUPL67hDHL9bHLByOKNSxXrth+TcqFX+eg7Bztn1A
vS4Sc2TWCuBa3jdrS9WJiy58aB1sTABRhN+tY4wVs+A9vIr1dKHn4wsB8axmpYDW
cyzVbz9Q+fC+gXwDusZccBqfD7rByEFWXflBFI4PDXRrW+NPy8w=
=DB5k
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/

iQIVAwUBY/LVLskNZI30y1K9AQh56Q//bDKPJA8RVZjs4HiBySB57GKpn8X5PL6d
OHH1MeWi6MDjs+7C/JT7EC/ZYIJ3NlHo65bDNUVbOxLQNhzgGHxza5tEjd37HdfX
AViokHoS9qkU/QJHfOMY6OhKzCewO6Ik1sZk7mJlk6jJmGJq5mOKl5tMC3L7TmJR
rz/bCNUg4OZ+uNy1lIermerOlwO0ctJnIirtIKkAQgyFh47OFG6CA1xQJNs1lERi
W9xqpyIJtugDMnwnnmSABuLB4T8+ybDDjE2HdAO8uFX7Taan+dHuYU3U5ms0E7Cy
BNn5LXDXXug5/D0q/bctmZlVWWjL1dF/4wetZiEt/va7Pw60/V5xgZVQt+T1vVy4
7ilwpocGJAKd1bSjA2FpImI9xvlIMZY/V3vKW//VTR8zSbrLBKLYxZ4DAdWhTtal
FOdB9d//0P+5Q2KJ1qPnr5YOKez74hCiC/aerKDs/5K/kSlU7nfTPcjSQ+vvZeY2
6E19TC6oX+Ch5tJt2J+X6Q98n2YY/OZM2jqXbdKiO/cGAM1176SKwcOnvDFUW3zJ
CVV8ROFwunhFzO4RnwXeGbTndljcnTkMoE9hUH8GM0v6E8/V88LQhOtR38r0b1BP
eyHNa4MYgOKjqud8VNFCOq1AOLByhElFsMNm52A4KBzFuKpX+3w1IboM2feczkUz
sNCQdveh3zc=
=fp20
-----END PGP SIGNATURE-----