[Snort-sigs] Sourcefire VRT Certified Rules Update

Sourcefire VRT research at ...435...
Fri Aug 11 14:03:21 EDT 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sourcefire VRT Certified Rules Update

Synopsis:
The Sourcefire VRT has continued research into the recently announced
vulnerabilities in the Microsoft Windows operating system and has
modified rules to improve performance.


Details:
Microsoft Security Bulletin MS06-040
A buffer overflow condition in the Microsoft Windows Server Service may
allow a remote attacker to execute code of their choosing on a target
system. The overflow condition can be triggered by malformed requests
to the service accessing certain functions.

Rules to detect attacks against these vulnerabilities are included in
this rule pack and are identified as sids 7209 through 7304.


A complete list of new and modified rules can be found here:
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (Darwin)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFE3MZpMpm0ve0NhMcRAhZ2AJ0WI481Pc6JwCCw+lkz4qkulXoBmgCcDNiW
remRtLpFRNYUgoZYpCJAnNk=
=wQdl
-----END PGP SIGNATURE-----




More information about the Snort-sigs mailing list