Language Selection

English French German Italian Portuguese Spanish

Networks at risk from Snort bug

Filed under
Security

A buffer overflow flaw exists in a Snort sensor designed to detect Back Orifice, an older remote-controlled Trojan horse, Snort developer Sourcefire said in an advisory on Tuesday. An attacker could commandeer a system running Snort 2.4.0 and higher by sending a specially crafted network packet, it warned.

Sourcefire's warning prompted security provider Symantec to raise its ThreatCon global threat index to Level 2, which means an outbreak is expected.

There is no known attack code for the vulnerability, but Sourcefire on Tuesday released Snort version 2.4.3 to fix the problem.

Full Story.

More in Tux Machines

FreeBSD Finally Gets Mitigated For Spectre & Meltdown (and Hugs)

  • FreeBSD Finally Gets Mitigated For Spectre & Meltdown
    Landing in FreeBSD today was the mitigation work for the Meltdown and Spectre CPU vulnerabilities. It's taken a few more weeks longer than most of the Linux distributions to be re-worked for Spectre/Meltdown mitigation as well as DragonFlyBSD, but with FreeBSD Revision 329462 it appears their initial fixes are in place. There is Meltdown mitigation for Intel CPUs via a KPTI implementation similar to Linux, the Kernel Page Table Isolation. There is also a PCID (Process Context Identifier) optimization for Intel Westmere CPUs and newer, just as was also done on Linux.
  • FreeBSD outlaws virtual hugs
  • AsiaBSDCon 2018 Conference Programme

Linux: To recurse or not

Linux and recursion are on very good speaking terms. In fact, a number of Linux command recurse without ever being asked while others have to be coaxed with just the right option. When is recursion most helpful and how can you use it to make your tasks easier? Let’s run through some useful examples and see. Read more

Today in Techrights

Android Leftovers