[Snort-sigs] Snort Community Rules Update
research at ...435...
Tue Dec 27 10:42:01 EST 2005
This message is to announce the availability of an update for the
Sourcefire community rule set, which can be downloaded free of cost or
registration from http://www.snort.org/pub-bin/downloads.cgi.
New rules in this release are identified as SIDs 100000215-100000218.
These rules detect a denial of service attack against the Trend Micro
ServerProtect EarthAgent, access to a vulnerable DLL in the Trend Micro
ServerProtect Management Console, SQL injection attacks against the
MailGust system, and command injection attempts against the man2web
program. Additionally, several reference updates and corrections have
Sourcefire would like to thank rmkml for submitting the new rules, and
Stefan Bauer for submitting the reference updates. As a reminder, anyone
who wishes to submit rules may do so at
A list of new rules and their SIDs follows.
Community Rules Maintainer
100000215 || COMMUNITY DOS Trend Micro ServerProtect EarthAgent attempt
100000216 || COMMUNITY WEB-MISC Trend Micro ServerProtect
100000217 || COMMUNITY WEB-MISC man2web cmd exec attempt
100000218 || COMMUNITY WEB-PHP MailGust SQL Injection email attempt
More information about the Snort-sigs