Description of problem: Sourcefire has learned of a remotely exploitable vulnerability in the Snort DCE/RPC preprocessor. This preprocessor is vulnerable to a stack-based buffer overflow that could potentially allow attackers to execute code with the same privileges as the Snort binary. Sourcefire has prepared updates for Snort open-source software to address this issue. Version-Release number of selected component (if applicable): Snort Versions Affected: * Snort 2.6.1, 2.6.1.1, and 2.6.1.2 * Snort 2.7.0 beta 1 How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
snort-2.7.0.1-3.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.