[Snort-sigs] Snort Community Rules Update

Sourcefire VRT research at ...435...
Wed Nov 22 09:35:17 EST 2006

This message is to announce the availability of an update for the Sourcefire community rule set, which can be downloaded free of cost or registration from http://www.snort.org/pub-bin/downloads.cgi.

New rules in this release are identified as SIDs 100000920-100000922. These rules cover remote file inclusion attacks against the MiniBB and PunBB systems, as well as a SQL injection attack against the Etomite system. Additionally, references have been updated for SID 100000919.

Sourcefire would like to thank J.M. Seitz (jms at ...3265...) for submitting both the new rules and the reference updates. As a reminder, anyone who wishes to submit rules may do so at http://www.snort.org/reg-bin/rulesubmit.cgi.

A list of modified rules and their SIDs follows.

Alex Kirk
Community Rules Maintainer
Sourcefire, Inc.

100000919 || COMMUNITY WEB-PHP Segue CMS themesettings.inc.php remote file include attempt
100000920 || COMMUNITY WEB-PHP MiniBB bb_func_txt.php pathToFiles variable remote file include
100000921 || COMMUNITY WEB-PHP PunBB register.php language variable remote file include
100000922 || COMMUNITY WEB-PHP Etomite CMS index.php id variable SQL injection

More information about the Snort-sigs mailing list