Patch/Configuration Management, Vulnerability Management

Vulnerability reported in Snort intrusion prevention system

Researchers from the University of Wisconsin in Madison have discovered a vulnerability in open-source intrusion prevention technology Snort which can be exploited to launch a DoS attack.

Vulnerability tracking firm Secunia graded the flaw "less critical," according to an advisory released today. The rule-matching algorithm of Snort can be exploited remotely to run time-consuming operations that cannot be detected and can lead to a DoS condition, the advisory explained.

The bug was reported in version 2.4.3.

Users are urged to update to the latest version.

Snort is produced by Sourcefire, which announced in October it was going public after a plan to be acquired by Check Point fell through.

Click here to email reporter Dan Kaplan.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.