US-CERT issued an advisory this week warning that the open source Snort intrusion detection system had a highly critical buffer overflow vulnerability that could allow an attacker to execute arbitrary code.
Snort is widely used and deployed in its open source form and as a commercial product. Snort creator Martin Roesh founded Sourcefire in 2001 as a commercial vendor for Snort. In October, Check Point Software acquired Sourcefire for $225 million.
Sourcefire claims that Snort has been downloaded more than 2 million times and is also included in over 40 commercially available intrusion detection systems.