Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 5 replies
  • Subscribers 8 subscribers
  • Views 1193 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Security Advisory from Cisco regarding Snort

EdmundSackbauer

Today Cisco pulished this advisory_
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-ethernet-dos-HGXgJH8n

It seems UTM uses an affected version of Snort also:
gate:/ # /var/sec/chroot-snort-29112-01/sbin/snort -V

   ,,_     -*> Snort! <*-
  o"  )~   Version 2.9.11.2 GRE (Build 269)
   ''''    By Martin Roesch & The Snort Team: www.snort.org/contact

Any comments from Sophos when this will be fixed?



This thread was automatically locked due to age.
Parents
  • 0

    Hallo Edmund,

    I usually just ignore concerns about a module in UTM being of an "affected version" as I've never seen a situation here where the developers hadn't already patched the version in use or already started writing the patch.  It's much easier for them to patch an existing, known version in use than it is for them to vet a new version.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    The UTM's version of Snort is years out of date... it's ridiculous. I even complained about it being out of date a long time ago. So it's time to update the damn thing.

Reply Children
No Data
Unfiltered HTML