Snort flawed

It's sad to report that a major flaw in Snort, the popular open-source intrusion detection system, has been discovered this week.

The stack buffer overflow flaw could, in certain circumstances, be used to run malicious code on vulnerable machines.

According to IBM/ISS X-Force, the stack buffer overflow bug is in the DCE/RPC preprocessor and could result in a total compromise of the affected computer.

Neel Mehta, a member of the X-Force team, is credited with discovering the flaw, which is highly critical.

This perhaps explains why the US-CERT and the SANS Institute Storm Center have both posted serious advisories on their respective sites.

Sourcefire is now urging users of Snort 2.6.1.x (and below) to update to Version 2.6.1.3 immediately or, if this isn't possible, to disable the DCE/RPC preprocessor facility on the software...