Communications > Security

Government and enterprises vulnerable to Snort error

Not to be sniffed at

By Nick Farrell

Wed Feb 21 2007, 07:21

A FLAW in free network intrusion security software Snort could leave a lot of businesses vulnerable to hackers.

Snort is a popular bit of software, particularly in IBM installations, and it was Big Blue that found the flaw.

The flaw is a stack-based buffer overflow in the Snort intrusion detection system. This affects the Snort DCE/RPC preprocessor and could be used to execute code with the same privileges remotely. The user does not even have to touch their machine.

Snort 2.6.1, 2.6.1.1, and 2.6.1.2 and Snort 2.7.0 beta 1 are affected as are Sourcefire commercial products.

Anyone who has disabled the DCE/RPC preprocessor is not vulnerable. But since this is enabled by default it is pretty unlikely.

Snort 2.6.1.3, or later is safe from the flaw and Sourcefire recommends an upgrade. Those using Snort 2.7 beta are not protected and should switch off the DCE/RPC preprocessor.

More here. µ

Hacker claims to have compromised Intel Doesn't spill data yet Friday, 10 February 2012, 12:02 PM Read more	Adobe patches critical vulnerabilities in Flash Player Attacks are already seen in the wild Thursday, 22 September 2011, 10:06 AM Read more
Microsoft and Adobe release security updates Remote code execution flaws patched Wednesday, 14 September 2011, 13:32 PM Read more	Hackers break into Linux kernel home Gained root access and deployed Trojans Thursday, 1 September 2011, 12:31 PM Read more
Top 25 dangerous software errors are revealed SQL injection tops the list Thursday, 30 June 2011, 15:33 PM Read more	Google squashes Chrome security bugs, updates Flash Player Bug-finders win cash prizes Friday, 15 April 2011, 13:25 PM Read more

< Previous article| Next article >

Comments

There are no comments submitted yet. Do you have an interesting opinion? Then be the first to post a comment.

INQ White papers

Databases

Network management

Security

Service oriented architecture

Storage

INQ Jobs

QA Engineer Selenium Londo

QA Engineer Selenium London...

INQ Poll

Authorities in several countries raided Megaupload recently, shut down all of its services, seized hundreds of servers and arrested several of its executives on criminal charges.

Do you think the move was justified?

Yes, companies should suffer an immediate death penalty upon being accused of copyright infringement.

Yes, the coppers said the company was breaking the law so it must be guilty.

No, the company and the people accused are innocent until proven guilty.

No, the company had millions of customers who have been harmed by having access to their data files cut off.

I don't care, I never used Megaupload anyway.

View other polls

© Incisive Media Investments Limited 2012, Published by Incisive Financial Publishing Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 04252091 & 04252093

SEARCH :

Site Credentials:

Business & Technology websites:

Business research resources:

Products:

Investment Market IT websites:

Find out what you are worth:

Salary Calculator

Search for a job:

Recruitment Agency A-Z Directory

Accreditations:

Digital Publisher of the Year 2010

Government and enterprises vulnerable to Snort error

Share this:

RIM Playbook OS 2.0 and Blackberry 7.1 video demo

Nokia Lumia 710 video review