Snare Product Suite Updates – Agents and Server

Updates to the Snare Agents have been released and are available for our clients.  The updates include a patch for a vulnerability that was discovered in the Open Source Snare For Windows Agent, and also exists in the Enterprise Agent for Windows.  This vulnerability can trigger the agents to display the Cross Site Scripting (XSS) attack from the agents latest events screen.  The exploit uses smbclient from a Unix machine to generate a false userid that contains JavaScript and does not require any authentication to generate the event.  For more information on this exploit please click here.

The vulnerable products include the Enterprise Agent for Windows, MS SQL and the open Sourced Agent for Windows.  At this time there is no patch for the open sourced Windows agent.

Also released is the Snare Server Version 7.1.0, which also provides for a patch of the latest libc DNS vulnerability.

All release notes are available within the client areas or click here.