Run snort, get owned !
So I got up this morning, and one of my co-workers goes “I want to write an exploit for that snort bug”. I go to fd and bugtraq, but no news there about that bug yet. So I look at my copy of snort on my box and check the backoriffice code myself.
Within 2 minutes I spot the bug. OMFG, do people still make these kind of retarded bugs in 2005 ? it’s something like this:
void f(int fd) {
char buffer[1024];
size_t len;
read(fd, &len, 4);
read(fd, buffer, len);
}
Ok, so the actual code is a bit more complex (not much tho) but I think this gives people a good idea of the bug that’s in snort.
Sadly, one can only assume that more of these kind of trivial bugs are in snort ….
originally posted on 2005-10-19 10:15:44
Tags: ilja