New Sophos Support Phone Numbers in Effect July 1st, 2023

Thread Info
  • Locked Locked
  • Replies 6 replies
  • Subscribers 7 subscribers
  • Views 1208 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Snort Denial of Service Vulnerability CVE-2022-20685

SG-1

Is Sophos aware of and working on this?

https://claroty.com/2022/04/14/blog-research-blinding-snort-breaking-the-modbus-ot-preprocessor/

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-9D3hJLuj



This thread was automatically locked due to age.
Parents Reply
  • in reply to Amodin

    Thanks for the info! Unfortunately the Snort site doesn't have details on the two IDs. I'm afraid that the Snort software itself needs to be updated by/on Sophos though. I currently see Snort Version 2.9.17.1 on a 9.710-1 Sophos UTM. I found this interesting link which states that the Snort engine can be delivered by Sophos via the pattern updates. That's why I tried to ask here.

Children
Unfiltered HTML