Technology news and Jobs 
Information Technology News Bug in security software enables remote attack
Information Technology News Bug in security software enables remote attack | Bug in security software enables remote attack |
|
|
|
| Written by Stephen Withers | |
| Thursday, 22 February 2007 | |
|
The good news is that it hasn't been proven that the vulnerability is actually exploitable, and it has been fixed. The affected versions are Snort 2.6.1, 2.6.1.1, 2.6.1.2, and 2.7 beta 1, and the cure is to update to version 2.6.1.3 or later. Version 2.7 beta 2 will also resolve the issue. Rules have also been released to detect attacks targeting the vulnerability in affected versions. This isn't the first time that a vulnerability in security software has provided the bad guys with an attack vector. For example, a stack overflow vulnerability in Symantec Client Security and AntiVirus Corporate Edition discovered last year had the potential for arbitrary code execution, and in 2004 a flaw in the firewall included in several Symantec products caused a complete system halt if maliciously formatted TCP packets were received.{moscomment}
Get stories like this delivered daily - FREE - subscribe now When you subscribe get a 12 months license for LiveProject Valued at $99 USD  Download the FREE iTWire desktop alert widget
  |
Tags
| < Prev | Next > |
|---|
Subscribe to iTWire's daily e-newsletter now and get a FREE 12 month license to project management software valued at $99 USD. 
