Channel Marker

Feb 20 2007   5:30PM GMT

Snort problem — security flaw in security software

Brein Matturro Profile: Brein Matturro

Sourcefire Inc. has plugged security holes in its popular Snort intrusion detection tool that could have allowed attackers to get in through the security software itself to run unauthorized code on a victim’s server.

The flaws in Snort’s DCE/RPC preprocessor would have allowed a stack-based buffer overflow, according to an advisory from Sourcefire. The preprocessor is enabled by default.

Sourcefire advised users to fix the flaw by upgrading to Snort version 2.6.2.3 or beta 2 of Snort 2.7.

The full version of this story appeared on TechTarget sister site SearchSecurity.com.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: