Re: snort question

To: Debian Development <debian-devel@lists.debian.org>
Subject: Re: snort question
From: Michael Meskes <meskes@debian.org>
Date: Sat, 18 Nov 2000 16:14:47 +0100
Message-id: <[🔎] 20001118161447.A2524@feivel.fam-meskes.de>
Mail-followup-to: Debian Development <debian-devel@lists.debian.org>
In-reply-to: <[🔎] 20001117032455.D13394@lina.inka.de>; from lists@lina.inka.de on Fri, Nov 17, 2000 at 03:24:55AM +0100
References: <[🔎] 20001116135758.A2631@feivel.credativ.de> <[🔎] 20001117032455.D13394@lina.inka.de>

On Fri, Nov 17, 2000 at 03:24:55AM +0100, Bernd Eckenfels wrote:
> The IDS Numebrs are from whitehats.com, the CVE Numbers are from CVE
> 
> The snort stats script has some shortcommings, one is the cutting off of the
> description line and the port numbers, so have a look in your syslog to see
> the full message, which would be:
> 
> ...
> 
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0771

Thanks a lot Bernd.

> Description
>             The web components of Compaq Management
>             Agents and the Compaq Survey Utility allow a
>             remote attacker to read arbitrary files via a .. (dot
>             dot) attack. 

So this surely looks like a false alarm, since I have neither of these
installed. :-) But nevertheless I will look up teh website.

Michael
-- 
Michael Meskes
Michael@Fam-Meskes.De
Go SF 49ers! Go Rhein Fire!
Use Debian GNU/Linux! Use PostgreSQL!

Reply to:

References:
- snort question
  - From: Michael Meskes <meskes@debian.org>
- Re: snort question
  - From: Bernd Eckenfels <lists@lina.inka.de>

Prev by Date: Re: Broken apt-get in woody.
Next by Date: Cannot rsh/rlogin on woody through NIS
Previous by thread: Re: snort question
Next by thread: libc6 2.2-1 and login (from staroffice)
Index(es):
- Date
- Thread