Register

Forgot Password

Site FAQ

Home > IT Blogs > Channel Marker > Snort problem — security flaw in security software

>>VIEW ALL POSTS

Channel Marker

Feb 20 2007 5:30PM GMT

Snort problem — security flaw in security software

Posted by: Brein Matturro

Network and application security

Sourcefire Inc. has plugged security holes in its popular Snort intrusion detection tool that could have allowed attackers to get in through the security software itself to run unauthorized code on a victim’s server.

The flaws in Snort’s DCE/RPC preprocessor would have allowed a stack-based buffer overflow, according to an advisory from Sourcefire. The preprocessor is enabled by default.

Sourcefire advised users to fix the flaw by upgrading to Snort version 2.6.2.3 or beta 2 of Snort 2.7.

The full version of this story appeared on TechTarget sister site SearchSecurity.com.

Comment

RSS Feed

Email a friend

Comment on this Post

Leave a comment:

Community Blog | About Us | Contact Us | FAQ | Terms of Use | DMCA Policy

TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organization's IT projects - with its network of technology-specific Web sites, events and magazines.
All Rights Reserved, Copyright 1999-2013, TechTarget | Read our Privacy Policy
Questions and Answers Index 1 | Questions and Answers Index 2 | IT Topics Index 1 | IT Topics Index 2 | Blogs Index | Blogs Tags

Channel Marker

Snort problem — security flaw in security software

Comment on this Post

About This Blog

Browse This Blog’s Tags

Archives

Blog Roll

Subscribe to Alerts