[Snort-sigs] Sourcefire VRT Certified Rules Update
research at ...435...
Fri Aug 11 14:03:21 EDT 2006
-----BEGIN PGP SIGNED MESSAGE-----
Sourcefire VRT Certified Rules Update
The Sourcefire VRT has continued research into the recently announced
vulnerabilities in the Microsoft Windows operating system and has
modified rules to improve performance.
Microsoft Security Bulletin MS06-040
A buffer overflow condition in the Microsoft Windows Server Service may
allow a remote attacker to execute code of their choosing on a target
system. The overflow condition can be triggered by malformed requests
to the service accessing certain functions.
Rules to detect attacks against these vulnerabilities are included in
this rule pack and are identified as sids 7209 through 7304.
A complete list of new and modified rules can be found here:
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (Darwin)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the Snort-sigs