Thursday, February 22, 2007


Flaw found in Snort Intrusion Detection Software...

new vulnerability in Snort, an open source intrusion-detection system, enables hackers to inject hostile code into exposed systems. The primary flaw which was discovered this week is in Snort’s DCE/RPC processor, which is vulnerable to stack-based buffer overflows.

It is intriguing when security products themselves are used for attacks. This hints at the fact that the problem of getting the IT community at large to embrace secure coding practices is futile. I wonder if the folks over at Ounce Labs, LogLogic and Fortify Software can help?

<< Home
| | View blog reactions

This page is powered by Blogger. Isn't yours?