Jump to content
The Inquirer-Home
Communications > Security

Government and enterprises vulnerable to Snort error

Not to be sniffed at
By Nick Farrell
Wednesday, 21 February 2007, 07:21
A FLAW in free network intrusion security software Snort could leave a lot of businesses vulnerable to hackers.

Snort is a popular bit of software, particularly in IBM installations, and it was Big Blue that found the flaw.

The flaw is a stack-based buffer overflow in the Snort intrusion detection system. This affects the Snort DCE/RPC preprocessor and could be used to execute code with the same privileges remotely. The user does not even have to touch their machine.

Snort 2.6.1, 2.6.1.1, and 2.6.1.2 and Snort 2.7.0 beta 1 are affected as are Sourcefire commercial products.

Anyone who has disabled the DCE/RPC preprocessor is not vulnerable. But since this is enabled by default it is pretty unlikely.

Snort 2.6.1.3, or later is safe from the flaw and Sourcefire recommends an upgrade. Those using Snort 2.7 beta are not protected and should switch off the DCE/RPC preprocessor.

More here. ยต

Share this:

< Previous article| Next article >
Comments

There are no comments submitted yet. Do you have an interesting opinion? Then be the first to post a comment.

Advertisement
Subscribe to the INQ Newsletter
Sign-up for the INQBot weekly newsletter
Click here to sign up Existing user
INQ Whitepapers

Business Intelligence Software

Customer Relationship Management (CRM)

Enterprise Accounting Software

Enterprise Resource Planning (ERP)

Enterprise Systems Management

Jobs
Powered by INQJOBS
Advertisement
INQ Poll

Christmas computer sales

Will you be buying a new computer this Christmas?

View other polls
Follow us:
Business & Technology websites:
Business research resources:
Products:
Investment Market IT websites:
Find out what you are worth:
Search for a job: