Re: snort question
On Fri, Nov 17, 2000 at 03:24:55AM +0100, Bernd Eckenfels wrote:
> The IDS Numebrs are from whitehats.com, the CVE Numbers are from CVE
>
> The snort stats script has some shortcommings, one is the cutting off of the
> description line and the port numbers, so have a look in your syslog to see
> the full message, which would be:
>
> ...
>
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0771
Thanks a lot Bernd.
> Description
> The web components of Compaq Management
> Agents and the Compaq Survey Utility allow a
> remote attacker to read arbitrary files via a .. (dot
> dot) attack.
So this surely looks like a false alarm, since I have neither of these
installed. :-) But nevertheless I will look up teh website.
Michael
--
Michael Meskes
Michael@Fam-Meskes.De
Go SF 49ers! Go Rhein Fire!
Use Debian GNU/Linux! Use PostgreSQL!
Reply to: