Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DSA-5354-1:B0EEB
HistoryFeb 18, 2023 - 4:38 p.m.

[SECURITY] [DSA 5354-1] snort security update

2023-02-1816:38:22
lists.debian.org
14

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

56.6%

JSON

Debian Security Advisory DSA-5354-1 [email protected]
https://www.debian.org/security/ Markus Koschany
February 18, 2023 https://www.debian.org/security/faq

Package : snort
CVE ID : CVE-2020-3299 CVE-2020-3315 CVE-2021-1223 CVE-2021-1224
CVE-2021-1236 CVE-2021-1494 CVE-2021-1495 CVE-2021-34749
CVE-2021-40114
Debian Bug : 1021276

Multiple security vulnerabilities were discovered in snort, a flexible Network
Intrusion Detection System, which could allow an unauthenticated, remote
attacker to cause a denial of service (DoS) condition or bypass filtering
technology on an affected device and ex-filtrate data from a compromised host.

For the stable distribution (bullseye), these problems have been fixed in
version 2.9.20-0+deb11u1.

We recommend that you upgrade your snort packages.

For the detailed security status of snort please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/snort

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian11arm64snort< 2.9.20-0+deb11u1snort_2.9.20-0+deb11u1_arm64.deb
Debian11allsnort-common< 2.9.20-0+deb11u1snort-common_2.9.20-0+deb11u1_all.deb
Debian11amd64snort< 2.9.20-0+deb11u1snort_2.9.20-0+deb11u1_amd64.deb
Debian11mipselsnort-common-libraries< 2.9.20-0+deb11u1snort-common-libraries_2.9.20-0+deb11u1_mipsel.deb
Debian10arm64snort-common-libraries< 2.9.20-0+deb10u1snort-common-libraries_2.9.20-0+deb10u1_arm64.deb
Debian11mipselsnort< 2.9.20-0+deb11u1snort_2.9.20-0+deb11u1_mipsel.deb
Debian11mips64elsnort-common-libraries< 2.9.20-0+deb11u1snort-common-libraries_2.9.20-0+deb11u1_mips64el.deb
Debian10allsnort-doc< 2.9.20-0+deb10u1snort-doc_2.9.20-0+deb10u1_all.deb
Debian11armelsnort< 2.9.20-0+deb11u1snort_2.9.20-0+deb11u1_armel.deb
Debian10armhfsnort-common-libraries< 2.9.20-0+deb10u1snort-common-libraries_2.9.20-0+deb10u1_armhf.deb
Rows per page:
1-10 of 321

Related

nessus 15
mageia 1
openvas 3
osv 3
debian 1
rosalinux 1
cisco 8
prion 8
debiancve 9
veracode 9
alpinelinux 1
ubuntucve 9
cve 9
threatpost 1
nessus
nessus
Debian DLA-3317-1 : snort - LTS security update
2023-02-11 00:00:00
Debian DSA-5354-1 : snort - security update
2023-02-18 00:00:00
Cisco Firepower Threat Defence Snort HTTP Detection Engine File Policy Bypass (cisco-sa-http-fp-bp-KfDdcQhc)
2021-05-28 00:00:00
mageia
mageia
Updated snort packages fix security vulnerability
2023-03-31 03:13:46
openvas
openvas
Debian: Security Advisory (DLA-3317-1)
2023-02-11 00:00:00
Mageia: Security Advisory (MGASA-2023-0117)
2023-03-31 00:00:00
Debian: Security Advisory (DSA-5354-1)
2023-02-19 00:00:00
osv
osv
snort - security update
2023-02-11 00:00:00
snort - security update
2023-02-18 00:00:00
CVE-2021-40114
2021-10-27 19:15:08
debian
debian
[SECURITY] [DLA 3317-1] snort security update
2023-02-10 23:23:58
rosalinux
rosalinux
Advisory ROSA-SA-2021-1971
2021-07-02 18:08:02
cisco
cisco
Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerabilities
2021-04-28 16:00:00
Multiple Cisco Products Server Name Identification Data Exfiltration Vulnerability
2021-08-18 16:00:00
Multiple Cisco Products Snort Memory Leak Denial of Service Vulnerability
2021-10-27 16:00:00
prion
prion
Design/Logic Flaw
2021-10-27 19:15:00
Command injection
2021-08-18 20:15:00
Design/Logic Flaw
2020-10-21 19:15:00
debiancve
debiancve
CVE-2021-40114
2021-10-27 19:15:00
CVE-2021-34749
2021-08-18 20:15:00
CVE-2020-3299
2020-10-21 19:15:00
veracode
veracode
Authorization Bypass
2023-03-10 23:55:23
Denial Of Service (DoS)
2022-04-10 10:35:00
Authorization Bypass
2023-03-10 19:18:15
alpinelinux
alpinelinux
CVE-2021-40114
2021-10-27 19:15:00
ubuntucve
ubuntucve
CVE-2021-34749
2021-08-18 00:00:00
CVE-2021-40114
2021-10-27 00:00:00
CVE-2020-3299
2020-10-21 00:00:00
cve
cve
CVE-2021-34749
2021-08-18 20:15:00
CVE-2021-40114
2021-10-27 19:15:00
CVE-2020-3299
2020-10-21 19:15:00
threatpost
threatpost
Critical Cisco RCE Bug in Small Business Routers to Remain Unpatched
2021-08-19 20:34:42

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

56.6%

JSON
Related for DEBIAN:DSA-5354-1:B0EEB
nessus15mageia1openvas3osv3debian1rosalinux1cisco8prion8debiancve9veracode9alpinelinux1ubuntucve9cve9threatpost1