[Snort-sigs] Snort Community Rules Update
research at ...435...
Mon Dec 12 09:45:03 EST 2005
This message is to announce the availability of an update for the
Sourcefire community rule set, which can be downloaded free of cost or
registration from http://www.snort.org/pub-bin/downloads.cgi.
New rules in this release are identified as SIDs 100000199-100000206.
These rules detect logins attempts to the Symantec Brightmail Antispam
system using a default password; access to the Novell eDirectory
iMonitor system, which is vulnerable to a buffer overflow attack; access
to a script within the CuteNews system that is vulnerable to arbitrary
code injection; and access to page/parameter sets in the DeluxeBB system
which are vulnerable to SQL injection attacks.
Sourcefire would like to thank rmkml for submitting these rules. As a
reminder, anyone who wishes to submit rules may do so at
A list of new rules and their SIDs follows.
Community Rules Maintainer
100000199 || COMMUNITY MISC Novell eDirectory iMonitor access
100000200 || COMMUNITY WEB-MISC Symantec Brightmail Antispam default
100000201 || COMMUNITY WEB-PHP CuteNews flood.db.php access
100000202 || COMMUNITY WEB-PHP DeluxeBB topic.php access
100000203 || COMMUNITY WEB-PHP DeluxeBB misc.php access
100000204 || COMMUNITY WEB-PHP DeluxeBB pm.php access
100000205 || COMMUNITY WEB-PHP DeluxeBB forums.php access
100000206 || COMMUNITY WEB-PHP DeluxeBB newpost.php access
More information about the Snort-sigs