Sourcefire Inc. has plugged security holes in its popular Snort intrusion detection tool that could have allowed attackers to get in through the security software itself to run unauthorized code on a victim’s server.
The flaws in Snort’s DCE/RPC preprocessor would have allowed a stack-based buffer overflow, according to an advisory from Sourcefire. The preprocessor is enabled by default.
Sourcefire advised users to fix the flaw by upgrading to Snort version 126.96.36.199 or beta 2 of Snort 2.7.
The full version of this story appeared on TechTarget sister site SearchSecurity.com.