This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Security Advisory from Cisco regarding Snort

Today Cisco pulished this advisory_
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-ethernet-dos-HGXgJH8n

It seems UTM uses an affected version of Snort also:
gate:/ # /var/sec/chroot-snort-29112-01/sbin/snort -V

   ,,_     -*> Snort! <*-
  o"  )~   Version 2.9.11.2 GRE (Build 269)
   ''''    By Martin Roesch & The Snort Team: www.snort.org/contact

Any comments from Sophos when this will be fixed?



This thread was automatically locked due to age.
  • FormerMember
    0 FormerMember

    Hi ,

    Thanks for reaching out to the Community.

    I've reached out to the Internal team regarding your concern. I'll update you as soon as more information becomes available. 

    Thanks,

  • Hallo Edmund,

    I usually just ignore concerns about a module in UTM being of an "affected version" as I've never seen a situation here where the developers hadn't already patched the version in use or already started writing the patch.  It's much easier for them to patch an existing, known version in use than it is for them to vet a new version.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • I don't care how they do it, I just want to know when we can expect a patch, because there is no workaround so far, so we are prone to DoS attacks anytime.

    I would expect that Support publishes something that at least they acknowledge the problem and give a rough timeline...

  • The UTM's version of Snort is years out of date... it's ridiculous. I even complained about it being out of date a long time ago. So it's time to update the damn thing.

  • FormerMember
    +1 FormerMember in reply to EdmundSackbauer

    Hi ,

    This is being tracked under internal ID NUTM-12631, and we'll update this thread as more information becomes available.

    Thanks,