Patch Management

Vulnerability reported in Snort intrusion prevention system

January 12, 2007

Researchers from the University of Wisconsin in Madison have discovered a vulnerability in open-source intrusion prevention technology Snort which can be exploited to launch a DoS attack.

Vulnerability tracking firm Secunia graded the flaw "less critical," according to an advisory released today. The rule-matching algorithm of Snort can be exploited remotely to run time-consuming operations that cannot be detected and can lead to a DoS condition, the advisory explained.

The bug was reported in version 2.4.3.

Users are urged to update to the latest version.

Snort is produced by Sourcefire, which announced in October it was going public after a plan to be acquired by Check Point fell through.

Click here to email reporter Dan Kaplan.

prestitial ad