[Snort-sigs] Snort Community Rules Update

Sourcefire VRT research at ...435...
Thu Feb 2 11:18:04 EST 2006


This message is to announce the availability of an update for the 
Sourcefire community rule set, which can be downloaded free of cost or 
registration from http://www.snort.org/pub-bin/downloads.cgi.

New rules in this release are identified as SIDs 100000227-100000228. 
These rules detect a format string attack against the CMU SNMP server 
and a buffer overflow attack against Winamp playlists.

Sourcefire would like to thank rmkml for submitting these rules. As a 
reminder, anyone who wishes to submit rules may do so at 
http://www.snort.org/reg-bin/rulesubmit.cgi.

A list of new rules and their SIDs follows.

Alex Kirk
Community Rules Maintainer
Sourcefire, Inc.

100000227 || COMMUNITY MISC SNMP trap Format String detected
100000228 || COMMUNITY WEB-CLIENT Winamp PlayList buffer overflow attempt




More information about the Snort-sigs mailing list