Brief: Sourcefire addresses Snort flaw

Sourcefire has issued an updated version of Snort to address a flaw that could allow malicious packets to damage Snort-protected computers.

Sourcefire Inc. announced late Tuesday that it has released an updated version of its Snort intrusion detection system (IDS) that resolves a vulnerability in the product.

In a news release, the Columbia, Md.-based intrusion defense vendor said it worked with Pittsburgh, Pa.-based security services vendor VigilantMinds Inc. to identify a flaw in the popular open source tool and demonstrate how an exploit would allow malicious hackers to circumvent Snort monitoring. The new versions, Snort 2.6.0 and 2.4.5, are available via the download site.

The security issue, first revealed last week, could allow malicious packets to damage Snort-protected computers if left unpatched. Though no exploit has been discovered in the wild, one vendor's advisory gave the flaw a 7.2 severity rating and 5.4 urgency, most likely due to Snort's widespread use.

The issue was discovered by Carpenteria, Calif.-based security vendor Demarc Security Inc., which released its own fix along with its bulletin.

Earlier this week, Chicago-based intrusion prevention system (IPS) firm AmbironTrustWave Corp. announced its own patch for the Snort flaw. Snort is used as a component of its ipANGEL product line.

Dig deeper on Open Source Security Tools and Applications



Enjoy the benefits of Pro+ membership, learn more and join.



Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: