Snort flaw identified by IBM security researcher

http://www.iss.net/threats/257.html

IBM's ISS (Internet Security Systems) Team release the details for a remote exploit in the popular open source intrusion detection system. While the implications are significant it should be noted that patches are being released very quickly.

I don't find these type of announcements all that new or earth shattering these days. Let's face it, the fact of the matter is software is flawed. The question isn't really if there will be an exploit its when and how quickly can a fix be applied.

It's definitely high risk when you consider the whole point of running snort is to identify incoming attack vectors, making it fairly ironic that Snort itself can be considered one.

So if you're out there and running snort to monitor your LAN/WAN be sure to check the Sourcefire updates to snort.