Wednesday, August 13, 2003
Vulnerability in TCPFlow
@stake discovered a vulnerability in one of my favorite network security monitoring tools -- TCPflow. TCPFlow can read libpcap data and generate files containing the contents of network sessions. It's used in Sguil to create "transcripts." Be sure to upgrade to v0.21, released 7 August 2003. The FreeBSD port hasn't been updated yet.