The exploit code, published to the Web by FrSirt on Tuesday, demonstrates how vulnerabilities in a Snort sensor designed to detect an exploit tool called Back Orifice can be subject to a buffer overflow attack.to take control of compromised systems.
Last week, security experts. The vulnerabilities could allow an attacker to send a malicious packet through a network that is using Snort to guard against Back Orifice.
Available for free, Snort software is estimated to have more than 100,000 active users, according to figures from Sourcefire, the software's developer. Sourcefire has issued a patch, Snort version 2.4.3, to address the problem. Sourcefire also advised people to disable the Back Orifice preprocessor in Snort if they are running it on vulnerable versions of the software.
Meanwhile, a tool to guard against the exploit has also been developed by an incident handler at the Internet Storm Center, which tracks network threats.