In association with heise online

15 January 2007, 12:14

Snort intrusion detection system - one patch and one new vulnerability

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Since the release of version 2.6.1, the intrusion detection software Snort no longer suffers from a vulnerability going under the snappy name of Rule Matching Backtrack Denial of Service (PDF). A news item from the Snort developers advises Snort administrators to take the opportunity to update their installations to version

Administrators who do so, however, will find themselves landed with a new problem, according to security specialists Calyptix. According to Calyptix, an integer underflow in the implementation of the Generic Routing Encapsulation protocol (GRE) could create the possibility for a remote attacker to cause Snort to read beyond a memory area, which could corrupt log files. The CVS repository of the commercial version of Snort from Sourcefire should already contain a patch which fixes this vulnerability, which it classifies as low risk.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit