ISS Warns of Worm-Friendly Hole in Snort IDS
Paul F. Roberts writes in eWeek:
Security experts from Internet Security Systems Inc. and the U.S. Computer Emergency Readiness Team are warning companies that use the popular Snort Intrusion Detection System that the technology contains a critical and easily exploitable hole that could be used to compromise vulnerable systems.
ISS and U.S. CERT both issued advisories Tuesday concerning vulnerability in a Snort component called the Back Orifice pre-processor.
Remote attackers could use the hole to take control of systems running some versions of Snort or software by parent company Sourcefire Inc.
The hole is easy to exploit and is ideally suited to adoption by a self-replicating worm, ISS said.
0 Comments:
Post a Comment
<< Home