Slashdot Mirror

← Back to Stories (view on slashdot.org)

Remote Code Execution Hole Found In Snort

Posted by kdawson on Tuesday February 20, 2007 @03:00PM from the upgrade-right-now dept.

Palljon1123 writes "A stack-based buffer overflow in the Snort intrusion detection system could leave government and enterprise installations vulnerable to remote unauthenticated code execution attacks. The flaw, found by researchers at IBM's ISS X-Force, affects the Snort DCE/RPC preprocessor and could be used to execute code with the same privileges (usually root or SYSTEM) as the Snort binary. No user action is required." Sourcefire has an update to fix the vulnerability in versions 2.6.1, 2.6.1.1, and 2.6.1.2; Heise Security spells out the workaround for the 2.7.0 beta version.

6 of 95 comments (clear)

Min score:

Reason:

Sort:

Re:Year of the .. by gbobeck · 2007-02-20 15:12 · Score: 5, Funny

Year of the ... Pig!

Boaring!

--
Navicula hydraulica plena anguilarum est. Omnes castelli tuus nostri sunt. Ed elli avea del cul fatto trombetta.
Somehow, this must be... by Anonymous Coward · 2007-02-20 15:28 · Score: 3, Funny

...Microsoft's fault.
Silly Hackers by tyrax · 2007-02-20 15:38 · Score: 5, Funny

People who run linux don't have any money to steal.
1. Re:Silly Hackers by tsalaroth · 2007-02-21 04:50 · Score: 3, Funny
  
  Not to mention it increases the truthiness of your statement.
So by OverlordQ · 2007-02-20 16:16 · Score: 3, Funny

What's the Snort signature for this?

Would be somewhat helpful saying "Hey look somebody is rooting me!"

--
Your hair look like poop, Bob! - Wanker.
Re:Year of the .. by Anonymous Coward · 2007-02-20 20:48 · Score: 1, Funny

Quit hogging the first post