FILE-OTHER Snapd dirty_sock exploit download attempt
This event is generated when an attempt to download an exploit for Snapd API is detected
High
snapd 2.28 through 2.37 incorrectly validated and parsed the remote socket address when performing access controls on its UNIX socket. A local attacker could use this to access privileged socket APIs and obtain administrator privileges.
Medium
Upgrade to the latest available version of Snapd
©2019 Cisco and/or its affiliates. Snort, the Snort and Pig logo are registered trademarks of Cisco. All rights reserved.
Privacy Policy | Snort License | FAQ | Sitemap
