Snort vulnerability "wormable" but not widespread

A three-month-old flaw in a preprocessor function for the open-source intrusion detection system may attract worm writers, but the number of vulnerable systems is likely low, security experts said on Wednesday.

The vulnerability exists in an update to the way the Snort intrusion detection system handles network data produced by the BackOrifice program, a seven-year-old remote administration tool used by online attackers to control compromised systems.

Read the complete story here. (SecurityFocus)