Vendors Fix Snort Flaws

PITTSBURGH -- VigilantMinds, a global provider of information security services and solutions, and Sourcefire, the world leader in network intrusion prevention, worked quickly to identify and remedy flaws in open source Snort®, the most widely deployed Intrusion Prevention System (IPS) and a fundamental security component of thousands of networks.

The Computer Emergency Response Team (CERT) and the SANS Attack Attribution Research Group recently conducted research into the effects of malformed TCP/IP packets on certain classes of software and hardware. CERT reached out to VigilantMinds to determine if their findings had implications for IPS applications. VigilantMinds was able to identify a flaw and demonstrate an exploit that would allow malicious hackers to circumvent monitoring from Snort. VigilantMinds then worked through CERT to coordinate with Sourcefire on the creation of a patch and quick resolution of the potential evasion.

“It’s important that the information security community works together proactively to address security concerns in a responsible manner,” said Dave Keener, Chief Security Officer of VigilantMinds. “At VigilantMinds, we consider it a responsibility and privilege to contribute our expertise to the global effort of securing information and business systems. It was great to have Sourcefire acknowledge our findings, but most importantly to work with us to quickly and aggressively mitigate the situation. The responsible actions taken by all parties essentially ensure the continued protection for millions of systems around the world.”

Sourcefire Inc. (Nasdaq: FIRE)

VigilantMinds