ISS released an advisory regarding a vulnerability in Snort's Back-Orfice pre-processor. The vulnerability could be used to execute arbitrary code on the snort sensor. Also, see the advisory at snort.org for more details.
As an immediate step, disable the BO preprocessor, by commenting out this line: # preprocessor bo this should eliminate the issue, and these days, Back Orfice is not all that much of a threat compared to other trojan/bots. You should also consider upgrading to Snort 2.4.3, which will fix the issue. |
Johannes 4037 Posts ISC Handler Oct 18th 2005 |
Thread locked Subscribe |
Oct 18th 2005 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!