Tuesday, April 15, 2003

Snort 2.0 Stream4 Vulnerability

Here's a new reason to update to Snort 2.0 -- a vulnerability in the STREAM4 preprocessor. From the advisory:

Successful exploitation of this vulnerability could lead to execution of arbitrary commands on a system running the Snort sensor with the privileges of the user running the snort process (usually root), a denial of service attack against the snort sensor and possibly the implementation of IDS evasion techniques that would prevent the sensor from detecting attacks on the monitored network.

No comments: