Trirat Puttaraksa

Name of the Vulnerable Software and Affected Versions: Snort versions prior to 2.6.1.3 Snort versions 2.7 prior to beta 2 Sourcefire Intrusion Sensor (affected versions not specified) Description: The issue is related to a stack-based buffer overflow in the DCE/RPC preprocessor, which can be exploited by remote attackers to execute arbitrary code via crafted SMB traffic. Recommendations: For Snort versions prior to 2.6.1.3, update to version 2.6.1.3 or later. For Snort versions 2.7 prior to beta 2, update to beta 2 or later. For Sourcefire Intrusion Sensor, at the moment, there is no information about a newer version that contains a fix for this issue.